Title: Firefox hardening with Arkenfox
       Author: Solène
       Date: 24 September 2023
       Tags: firefox security privacy
       Description: In this article, you will learn how to use the project
       Arkenfox to make Firefox more secure and harder to track.
       
       # Introduction
       
       Dear Firefox users, what if I told you it's possible to harden Firefox
       by changing a lot of settings?  Something really boring to explain and
       hard to reproduce on every computer.  Fortunately, someone did the job
       of automating all of that under the name Arkenfox.
       
       Arkenfox design is simple, it's a Firefox configuration file (more
       precisely a `user.js` file), that you have to drop in your profile
       directory to override many Firefox defaults with a lot of curated
       settings to harden privacy and security.  Cherry on cake, it features
       an updater and a way to override some of its values with a user defined
       file.
       
       This makes Arkenfox easy to use on any system (including Windows), but
       also easy to tweak or distribute across multiple computers.
       
 (HTM) Arkenfox user.js GitHub project page
 (HTM) Arkenfox user.js Documentation
       
       # Setup
       
       The official documentation contains more information, but basically the
       steps are the following:
       
       1. find your Firefox profile directory: open `about:support` and search
       for an entry name profile directory
       2. download latest Arkenfox user.js release archive
       2. if the profile is not new, there is an extra step to clean it using
       `scratchpad-scripts/arkenfox-cleanup.js` which contains instructions at
       the top of the file
       3. save the file `user.js` in the profile directory
       4. add `update.sh` to the profile directory, so you can update
       `user.js` easily later
       5. create `user-overrides.js` in the profile directory if you want to
       override some settings and keep them, the updater is required for the
       override
       
       # Configuration
       
       Basically, Arkenfox disables a lot of persistency such as cache
       storage, cookies, history.  But it also enforces a canvas of fixed size
       to render the content, reset the preferred languages to English only
       (that defines which language is used to display a multilingual website)
       and many more changes.
       
       You may want to override some settings because you don't like them.  In
       the project's Wiki, you can find all Arkenfox overrides, with the
       explanation of its new value, and which value you may want to use in
       your own override.
       
 (HTM) Arkenfox user.js Wiki about common overrides
       
       For instance, if you want to re-enable the cache storage, add the
       following code to the file `user-overrides.js`.
       
       ```javascript
       user_pref("browser.cache.disk.enable", true);
       user_pref("privacy.clearOnShutdown.cache", false);
       ```
       
       Now, run the updater script, that will verify that Arkenfox user.js
       file is the latest version, and will append your override to it.
       
       # Tips
       
       By default, cookies aren't saved, so if you don't want to log in every
       time you restart Firefox, you have to specifically allow cookies for
       each website.
       
       The easiest method I found is to press `Ctrl+I`, visit the Permissions
       tab, and uncheck the "Default permissions" relative to cookies.  You
       could also do it by visiting Firefox settings, and search for an
       exception button in which you can enter a list of domains where cookies
       shouldn't be cleared on shutdown.
       
       By default, entering text in the address bar won't trigger a search
       anymore, so instead of using Ctrl+L to type in the bar, you can use
       Ctrl+K to type for a search.
       
       # Extensions
       
       Arkenfox wiki recommends to use uBlock Origin and Skip redirect
       extensions only, with some details.  I agree they both work well and do
       the job.
       
       It's possible to harden uBlock Origin by disabling 3rd party scripts /
       frames by default, and giving you the opportunity to allow per domain /
       globally some sources, this is called the blocking mode.  I found it to
       be way more usable than NoScript.js.
       
 (HTM) uBlock Origin blocking mode documentation
       
       # Conclusion
       
       I found that Arkenfox was a bit hard to use at first because I didn't
       fully understand the scope of its changes, but it didn't break any
       website even if it disables a lot of Firefox features that aren't
       really needed.
       
       This reduces Firefox attack surface, and it's always a welcome
       improvement.
       
       # Going further
       
       Arkenfox user.js isn't the only set of Firefox settings around, there
       is also Betterfox (thanks prx!) which provides different profiles, even
       one for performance.  I didn't try any of these profiles yet, Arkenfox
       and Betterfox are parallel projects and not forks, it's actually
       complicated to compare which one would be better.
       
 (HTM) Betterfox Github project page