Firefox Integrating Pocket

Firefox had a nifty feature: “Reading List.” And then it didn’t. Now it has a proprietary service in its place: Pocket. Instead of being able to locally save things to read later, you now have to find a plugin or use their integrated service. We have updated our previous post to reflect these changes. Pocket integration, just like Firefox Hello, should be an optional plugin, not integrated into the core of the browser. Mozilla could have easily promoted Wallabag instead of a proprietary “freemium” service.

Mozilla is reducing the “free and open source” nature of Firefox, which is disconcerting.

Fixing Firefox and Enhancing Privacy

Between Mozilla adding more “features” to Firefox, and malicious scripts on websites, we have been recommending the following changes and add-ons to Firefox users.

Please note that these are only suggestions; if you disagree with something, you don’t have to do it (but we would love to hear why in the comments)! We are not going to go into detail about how great each plugin is – we expect that you will exercise due diligence before using anything described in this post.


New Tabs

To get rid of the “recommendations” and ads inside Firefox new tabs, click the gear on the top right, and select “Classic” or “blank.”


about:config

Unless you have visited this before, you will see a prompt with a statement that you should be careful when editing anything.

Firefox Hello
Search for loop.enabled and set to “false” by double-clicking.

Reason: Firefox Hello uses Tokbox, which is owned by Telefónica Digital, a subsidiary of Telefónica (a Spanish broadband and telecommunications provider). We do not appreciate an ISP service being integrated into the web browser. This should be a plugin, not a core feature.

Pocket
Added June 2, 2015
Search for browser.pocket.enabled and set to “false” by double-clicking.

Reason: Pocket is a proprietary “save it for later” page reader that has replaced Firefox’s “Reading List” feature. It is yet another closed-source integration that should have been a plugin. It requires a 3rd-party login (including Firefox account). An open source alternative to Pocket is Wallabag.

Google Safe Browsing
Search for browser.safebrowsing.*enabled and set all to false by double-clicking.

Note: Some of this can also be turned off by navigating to Menu -> Options -> Security (or clicking here) and ensuring “Block reported web forgeries” and “Block reported attack sites” are un-checked.

Reason: This is the “Google Safe browsing” extension. While many might find this useful, we do not like the pages we visit being sent back to Google. Turning this off can be perceived as making your browser less secure, so make sure that you are careful what links you click. uBlock, NoScript and Ghostery pick up some of the slack in helping prevent malicious attacks.


Add-ons

Each Scoundrel has their own preference in which add-ons they use. Here is the list of add-ons that we all agree are useful.

HTTPS_Everywhere_new_logoHTTPS Everywhere – “HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure. ”

noscript NoScript Security Suite – “Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks.”

ublockuBlock – “An efficient blocker: easy on memory and CPU footprint, and yet can load and enforce thousands more filters than other popular blockers out there.”

ghosteryGhostery – “See who’s tracking your web browsing and block them with Ghostery.”

 

uBlock Note: Make sure to go to Menu -> Add-ons and click on uBlock Options, and scroll down and click Show Dashboard to customize. Alternatively, you can visit this link.

Migrating from GitHub to our GitLab

We have started to migrate our project development away from GitHub and on to our own self-hosted GitLab. All current public project code that is available on that website will still be there, and we are not completely removing GitHub from our lives. The current plan of action is to have our main repository be on our own server, which will push updates to GitHub once a day (probably around 11PM PST).

The Scoundrels have always been active in the Free and Open Source Software communities, and we are always finding more ways to supplant proprietary tools with F/OSS ones. It seemed rather odd, and quite obvious, that we needed to remedy something quite crucial: we have been relying on an external service for virtually all of our code hosting needs.

GitHub Issues and Wiki pages will be closed down as we migrate to our own server. We aim to push code to GitHub as a sort of “middle layer” between us and those who do not want to sign up on our server. We will probably accept Pull Requests through GitHub (not guaranteed), but issue management will be through GitLab.

Our GitLab uses a certificate signed by us, so your browser will most likely give you a warning. As stated on our Trust page, only accept the security exception (or install our root certificate) if you trust our services and only if you plan on developing within our GitLab.