removed tor uplift investigation section

I have created three issues for tracking items of interest from the tor uplift: #7 `resistFingerprinting`, #8 `FPI` and #15 `the rest`
2024-05-23 04:46:09 +02:00 · 2017-02-19 23:53:45 +13:00 · 2017-02-19 23:53:45 +13:00 · bd226c716e
parent 5e94428cb3
commit bd226c716e
1 changed files with 1 additions and 70 deletions
--- a/user.js
+++ b/user.js
@ -1535,75 +1535,6 @@ user_pref("ghacks_user.js.parrot", "No no he's not dead, he's, he's restin'! Rem
 // 2614: (51+) disable SPDY
   // user_pref("network.http.spdy.enabled.v3-1", false);

-/**- 9998: TO INVESTIGATE - TOR UPLIFT
-   https://wiki.mozilla.org/Security/Tor_Uplift/Tracking
-// RESOLVED
-   // 1400's: set whitelisted system fonts only (FF52+)
-      // If whitelist is empty, then whitelisting is considered disabled and all fonts are allowed.
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1121643
-      // user_pref("font.system.whitelist", "");
-   // 2698-append: privacy.firstparty.isolate.restrict_opener_access
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1319773
-// ACTIVE
-   // 1200's: Isolate the HSTS and HPKP cache by first party domain
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1323644
-   // 2400's: reduce precision of time exposed by javascript
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1217238
-      // user_pref("javascript.options.privacy.reduce_time_precision", true);
-   // 2699-append: resource://URIs leak
-      // https://trac.torproject.org/projects/tor/ticket/8725
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=863246
-      // test: https://www.browserleaks.com/firefox
-// ASSIGNED
-   // 2001: preference to fully disable WebRTC JS API
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1314443
-   // 2699-append: enable fingerprinting resistence to WebGL
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1217290
-   // 2699-append: checkbox in about#preferences#privacy for privacy.resistFingerprinting
-      // when this lands, add note to 2699
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1308340
-   // 2699-append: use UTC timezone (spoof as UTC 0)
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1330890
-   // 2699-append: new window sizes to round to hundreds
-      // Note: override values, future may enforce a select set of (inner) window measurements
-      // If override values are too big, the code falls back and determines it for you
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1330882
-      // user_pref("privacy.window.maxInnerWidth", 1366);
-      // user_pref("privacy.window.maxInnerHeight", 768);
-// BACKLOG
-   // 1400's: prevent local font enumeration
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=732096
-   // 1800's: disable "This Plugin is Disabled" overlay
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=967979
-      // user_pref("privacy.plugin_disabled_barrier.enabled", false);
-   // 2500's: disable/mitigate canvas fingerprinting
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1041818
-   // 2500's: enable prompt (site permission) before allowing canvas data extraction
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=967895
-   // 2600's: window.name
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=444222
-   // 2698-append: checkbox in about:preferences#privacy for privacy.firstparty.isolate
-      // when this lands, add note to 2611
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1312655
-   // 2698-append: FPI and HTTP Alternative Services (see 2666)
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1334690
-   // 2698-append: FPI and SPDY/HTTP2
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1334693
-   // 2699-append: disable keyboard fingerprinting
-      // Test: https://w3c.github.io/uievents/tools/key-event-viewer.html
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1222285
-   // 2699-append: disable WebSpeech API
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1333641
-      // see also: web speech exposes TTS engines
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1233846
-   // 2699-append: spoof Navigator API
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1333651
-   // 2699-append: set and enforce various prefs with privacy.resistFingerprinting
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1333933
-   // 2699-append: bundle and whitelist fonts with privacy.resistFingerprinting
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1336208
-***/
-
 /**- 9999: TO INVESTIGATE - OTHER
 // 1600's: restrict the contents of referrers attached to cross-origin requests (FF52+)
   // 0- 1- 2-scheme+hostname+port
@ -1631,7 +1562,7 @@ user_pref("ghacks_user.js.parrot", "No no he's not dead, he's, he's restin'! Rem
 // sandbox levels (recommended to leave at what Firefox sets it to)
   // http://www.ghacks.net/2017/01/23/how-to-change-firefoxs-sandbox-security-level/
   // security.sandbox.content.level
- ***/
+***/

 /**- APPENDIX
   A: GLOSSARY: