Firefox inherits security features from the famous TOR browser. By default most of firefox’s settings are secure and stable.
Most people browse with just one browser. Here we will show you how to use two firefox profiles; –
- One for normal browsing
- Another for reconnaissance
We use the recon profile to see if we should trust the site via sensing plugins.
But first we must harden our browser settings.
You should harden your configuration; –
Settings →General
- Anything you do not need uncheck here
Settings →Home →Firefox Home Content
- Uncheck everything here
Settings →Search
- Configure search to only use Duck Duck Go
Settings →Privacy & Security
- Leave Enhanced Tracking Protection to Standard
- Enable HTTPS-Only Mode in all windows
- Enable Max Protection for DNS over HTTPS
Set up your normal browsing profile; –
Add the below add-ons for this profile.
Set up your recon browsing profile; –
We will duplicate the previous normal profile and add recon addons to it. We will do this the linux way. If you use Windows you will have to try and use windows explorer and notepad++.
Navigate to the mozilla firefox configuration directory and duplicate the recon profile that we previously created.
> cd ${HOME}/.mozilla/firefox
> ls
> cp -fr <random id>.default-release <random id>.Recon
> lsEdit the firefox profiles.ini file.
> vim profiles.iniAdd [Profile2] to the ini file. This is the Recon folder we previously created.
[Profile1]
Name=default
IsRelative=1
Path=<random id>.default
Default=1
[Profile0]
Name=default-release
IsRelative=1
Path=<random id>.default-release
[General]
StartWithLastProfile=0
Version=2
[Profile2]
Name=Recon
IsRelative=1
Path=<random id>.ReconIn terminal activate the profile loader dialog.
> firefox -PYou should now see both your normal default-release profile, and your Recon profile.
Start the above Recon profile. At this stage it is the same as the normal default-release profile. Now you can add the below add-ons that help us determine whether we should trust a website.
Lets analyse a site via our Recon profile; –
We want to buy some clothes from asos.com, lets visit it.
With our recon plugins, we can instantly check the TLS security of any website we visit. TLS1.3 with HSTS and forward secrecy is strong for sending passwords across wifi. Most websites have not adopted DNSSEC, so we shall still trust this site. ToS Didnt Read plugin yielded no results, we would have to manually read the privacy contract if this means something to us.
Also from the screen shot you can see that we are using firefox containers. This gives us a unique fingerprint per container and isolates cookies. This is great for privacy and anti-tracking.
Above is an example of a site we can trust with high conviction, because of multiple factors. Strong TLS1.3 with DNSSEC provided by Google Domains, and a B grade in its privacy contract.
Conclusion
It is best practice to Recon a website before sending your password and credit card details over to it. This mentality resists phishing, and helps you understand data breach risk.
I hope this article helps people browse securely and also put pressure on webadmins to activate DNSSEC with their domain registrar.
Leave a Reply