Categories

Post Calendar

March 2024
S M T W T F S
 12
3456789
10111213141516
17181920212223
24252627282930
31  

Enabling ESNI in Firefox

imageFor those of you using Firefox, you can make your browsing more secure by doing the following:

  1. Update to the latest version of Firefox.
  2. Type about:config in the URL bar to get to the configuration screen.
  3. Type esni in the search field and look for network.security.esni.enabled
  4. Doubleclick this row to change it to true. What this means is: The Server Name Indication (SNI) exposes the hostname the client is connecting to when establishing a TLS connection. Doing so can compromise your privacy. Encrypted SNI keeps the hostname private when you are visiting an Encrypted SNI enabled site on Cloudflare by concealing your browser’s requested hostname from anyone listening on the Internet.
  5. Type trr in the search field and look for network.trr.mode
  6. Doubleclick on this and change it to 2 – this switches all DNS calls to be made over HTTPS.
  7. Restart Firefox (probably not necessary but do it anyway) and browse to https://encryptedsni.com then click on Check My Browser to test the browser’s security. You can visit this site with your existing browser and test it to see what’s secure and what’s not.
  8. Doesn’t require Firefox -> permanently change your Primary DNS server to 1.1.1.1 and your secondary to 1.0.0.1. On your phone, on your router, on your PC, everywhere. These belong to Cloudflare. 1.1.1.1 supports DNS over TLS assuming you are using a client (like Firefox) to take advantage of that functionality.

I use Chrome and unfortunately this functionality doesn’t exist in that browser at time of writing (although I *am* using Cloudflare’s DNS). But any steps you take to protect your privacy on the net are good steps. Might need to temporarily switch to Firefox until this stuff makes its way Chrome-side. TL;DR: Your ISP and other enterprising internet entities can see every website you look up; using these technologies allows you to shield your activity so The Man don’t see you.

Recommended Firefox addons

imageLast post of the year. Following on from my “The Dhry Way or the Highway” Android essentials post, today I’ve decided to make some recommendations about Firefox addons that improve my productivity at work and play. Avid followers of my blog will recall that at one stage I hated Firefox but gradually warmed to it as the dealbreakers started to crumble. Now that most websites actually WORK in FF, I probably couldn’t live without it and this is mainly due to the extension of its capabilities via small addons. This is not to say that I probably couldn’t get similar stuff working with IE and Chrome but I’m just so used to FF these days. If only it loaded as fast as Chrome..

Anyway, on to the addon recommendations. Note that some of the addons below are for older versions of Firefox and you may need to reconfigure your FF to disable addon compatibility checking in order for them to work. Relax, doing this is harmless.

Classic Compact: Coupled with Classic Compact Options, this is my skin/layout of choice. If there’s one thing I hate, it’s wasted screen real estate – too much padding in tables, menus and buttons too large. I’m not blind and ninety years old yet! This skin allows me to fit a very large amount of bookmarks, buttons and other items at the top of the screen in a relatively small space so that there’s more room on the screen for the actual website.

Echofon: Makes it very easy to post to Twitter from your browser without having to login to the site – considering that the browser is the one program I can guarantee will be open 100% of the time while I’m at my machine, this is quite handy for me. Manifests as a small icon in the browser status bar; click it and voilà, a popup window allowing you to read and post to Twitter for multiple accounts. LINK REMOVED: Echofon for Firefox doesn’t exist anymore.

Greasemonkey: Definitely can’t live without this. It’s a framework that allows you to write code which kicks in whenever you visit a page or range of pages. I use it in its most basic form to replace fonts and change CSS padding etc on pages that I regularly visit in order to optimize my browsing experience, but it’s possible to completely change the functionality of sites. There are heaps of user scripts on, wait for it, userscripts.org. Greasefire checks userscripts.org automatically for each site you visit and shows a list of scripts that are enabled for that site and may be of interest.

Firebug: A very good plugin for web developers. Firebug breaks down websites into a lot of technical data, popping a window at the bottom of the screen which allows you to, for example, hover over screen elements and determine the files that they are pulling their CSS from. As well as this you can load a site and find out in realtime which elements are taking the longest to pull from the webserver etc. Helps immensely with my Greasemonkey script development when reverse-engineering sites in order to twiddle them.

DownThemAll: A pretty cool download manager plugin. If you regularly download files from websites, this plugin is invaluable. Works in multithreaded mode too, which allows you to download files faster. I‘ve never managed to figure out why downloading a file from start to finish takes x seconds, while downloading it with eg ten threads takes (x ÷ 10) seconds. Maybe one day I’ll discover the reason.

Tab Mix Plus: Adds functionality to the browser tabs in FF – multiple rows, change tab background and text color, little close-buttons on each tab, min and max tab width, and plenty more.

Shorten URL: I use this many times each day. Very good for sending links to friends or posting them on Twitter. Visit a web page, click this button and it instantly makes a long URL into a short one using one of dozens of selectable URL shortener websites such as bit.ly.

Text Link: In order to click text and have your browser take you to a site, the text has to be a hyperlink. Like the word hyperlink that I just wrote in the previous sentence.. However, unless you hyperlink them manually, text URLs don’t do squat when you click on them. Like this: www.yahoo.com. If you had Text Link installed, you’d be able to doubleclick on that Yahoo URL and have it work exactly like a live hyperlink.

Toodledo: Toodledo.com is probably the web’s most popular reminder system. This plugin allows you to easily add new tasks for yourself on toodledo.com without having to load the main site. Also enables a nice sidebar in FF showing your current tasks.

Mouse Gestures Redox: Once you get used to using this addon you won’t be able to do without it. Essentially it allows you to trigger browser actions by holding down the right mouse button and “drawing” a shape on the screen. For example, drawing an L shape with the right button held down will close the current page, and drawing a line from right to left will make the browser go “back” a page. After you get used to it it saves quite a bit of time and clickery.

Add Bookmark Here²:  Allows you to bookmark a web page directly into a location in Firefox – for example, a folder in the bookmarks toolbar or menu. (Normally adding a bookmark makes you perform an additional step in telling FF where the bookmark should be positioned.)

No Color: I use this often. Click it once and it removes all color and background images from a website so all you see are the tables and black and white text. Handy for websites with godawful color schemes; makes the text much easier to read. Click again and color is restored.

OpenDownload: THIS addon was one of the main reasons I started using Firefox after bitching about it for years. It fills a giant gap in functionality by allowing you to “open” a file from a website, similar to how IE does it (Chrome still cannot do this – freaking useless!) Without this addon, Firefox will force you to save a file to your hard drive, whereupon you then need to minimize FF, browse to that folder and manually doubleclick on that file to open it. Pfft.

Textarea++: Ever tried to add a comment or fill in a form on a website, where the text area you’re given is barely the size of a matchbox? This neat plugin allows you to resize any text entry box directly within the webpage giving you a little more textual breathing room. Also adds scrollbars to text areas.

Retro Find: God how I love this plugin. When you press Ctrl-F to find text on a website, Firefox opens this awful, immovable find area at the bottom of your screen. I’ve hated that thing so much, you wouldn’t believe. Retro Find turns the find option into a floating dialog box (similar to what you get with every single other program on earth, eg Microsoft Word, Notepad etc) that you can drag anywhere you like. Yays.

SyncPlaces: A big failing with FF is the inability to export a range of bookmarks so you can use them on another machine. For example, I have a crapload of work-oriented bookmarks on my office laptop, but how to transfer them to my home machine? You can’t, unless you use this addon. Allows to export all, or just some bookmarks, including to an FTP server – and then retrieve and inject them easily into another FF instance elsewhere. However, I’ve found that later versions of SyncPlaces are broken – the last version that worked for me is 4.07 and I recommend you use this too until they fix the damn thing.

ViewSourceWith: FF’s default source viewer sucks. This plugin allows you to use any third-party source viewer you like. My preference is Notepad++.

Edit 20180213: Please visit this site for some webextensions that work with the new Firefox Quantum, which can hopefully replace the older extensions you used to use. –Dhry

That’s all, folks! Have a great New Year!

Firefox comes of age.. finally.

I want to preface this post by explaining something that my close friends have known for years. I’ve always been a software hobbyist on the lookout for stuff that’s better than other stuff. Since 1986 I’ve been researching various utilities (Amiga enthusiasts: remember Fish, ANC and UGA utility disks?), pitting them against each other and identifying winners in each category. I built up a whole stack of personal criteria of what’s good and what’s bad based on a fairly old-school philosophy born of the days when computers came with BASIC programming manuals and the first thing you were expected to do on them was type 10 PRINT HELLO; 20 GOTO 10. My overruling criteria have always been that the programs have to be tightly coded (the opposite of bloatware), efficiently use system resources, not crash, not have ambiguous functionality and actually be useful. Due to Mozilla Firefox’s missing the mark on several of these items I have not recommended its use for years. A phenomenon has been taking the world in its wretched grasp for quite a while now (I’ll lament about it in another post sometime). It is a meme of misinformation. People have been misinformed and misguided about Firefox ever since it came out and I have fought a strong battle to drum sense into those people. Nobody ever listens to the reason of the wise few, of course. Maybe they’ll be happier to read about it.

The fallacies about Firefox that sparked my anger were:

  • It “finally” allows people to achieve the mystical nirvana that is tabbed browsing. Truth is that Opera had tabbed, MDI browsing over ten years ago, and IE shells such as Maxthon allowed users to use the world’s most popular and compatible browsing engine in a tabbed environment a LONG time before Firefox was put together. Trust me on this – I was doing tabbed browsing in IE way, way, WAY before FF came out.
  • It allows a “safer” browsing experience. Truth is that FF simply passed the buck on these matters. I lost track of the conversations I had with people who firmly believed that forcing the user to SAVE an executable file from the net to their hard drive effectively eliminated risk of virus or spyware infection. CRAP! My response was that FF made an absolutely guaranteed two-step infection out of what would otherwise have been a guaranteed one-step infection. What’s the next thing you do after your browser forces you to save a file out? YOU RUN IT! Right! Gold star. Blue ribbon. Dhry’s Honorary Medal of Wisdom. Firefox also disabled ActiveX controls under the foolish idea that they are a major cause of system infection, completely forgetting about the legitimate uses of these controls and denying them to its users, not to mention implying that it was the be-all end-all of system protection and that people were otherwise too stupid to ALSO be running standalone antivirus and antispyware tools.
  • It strictly conforms to web standards, which is a “good thing”. Truth is that while I agree with the idea of conforming to standards, the idea of HTML standards became skewed back in the late 90’s when Microsoft started making their own rules about the web. Netscape was out there, then IE came along and pretty soon after the antitrust dust had cleared (translation: Netscape had quit whining that nobody would use their browser anymore since IE came with Windows for FREE, like the rest of the world gave a toss) everyone on the planet was using IE. Websites were written for it and its quirks. It BECAME the global standard for web browsing. At some point, a propeller-cap-wearing dunce without a girlfriend decided that we should all “take back the web” and this standards crap started to take hold. IE has relaxed standards. FF has draconian ones. I’ve struggled at my work for years trying to tell people that if it doesn’t work in FF, to use IE.. and sighed as the usual bullcrap about “I’m only going to use FF and that’s that” was thrown back at me. Once again, the meme of misinformation. Bottom line? FF should also have relaxed standards and should give the user the option of using IE-compatibility mode or “strict” mode – where the user could make their own choice. It didn’t do that until maybe a year or so ago.. but we’ll get to that shortly.
  • It’s “faster”. Truth is that it’s only partially faster. FF 3.0.*’s rendering engine is a little faster than IE (yes, I mean a LITTLE). But the load times for the app are way slower than several IE shells. Try loading FF with a couple of extensions, then try loading GreenBrowser with a couple of plugins. Now use ProcessExplorer and take a look at the memory usage. You’ll see what I mean.

And so I continued to reinstall and give Firefox a fair go every few months, then laugh at it and uninstall it as the DEFECTS that people ignored time and time again persisted throughout each minor and major release. FINALLY I am comfortable that these defects have been addressed and I can now verify that Firefox is fit for world consumption:

  • I had to laugh when I first saw the IETab extension become available. I still laugh when I see stats showing almost 200,000 downloads per week and over 21 million downloads of that extension to date. Despite all the FF wanker comments about better, faster, more standards-compliant page rendering, this extension corrects a defect in FF that has existed since it was born – it allows you to view pages in the Internet Explorer rendering engine! What that means is that you no longer have to separately load IE to do a WindowsUpdate or visit any of the vast amount of websites that do not support Firefox.
  • I considered the fact that FF did not allow you to run an executable directly from a website to be an absolute, hands-down dealbreaker, and then I saw the OpenDownload extension. Mandatory. Allows executable to be clicked on and opened directly from a website – without you being forced to save it to your HD, open a browser, navigate to the file and THEN run it (whereupon FF can claim “hey, I didn’t let you run it, YOU ran it separately, therefore I’m completely exonerated from blame when your system gets infected!”).

Just these two extensions alone bring FF back into the fold as a viable alternative browser. It’s still bloated to hell but at least now you can use it without the two most major hindrances to its performance. For the other extensions, you’re free to find and try. The rest of the browser interface is okay for everyday browsing (despite being nothing new), but I would advise you to do one last thing if you’re considering the move. Go to Tools –> Options –> Security and uncheck the two options that start with “Tell me if the site..”. These options not only cause browsing slowdowns, but they download a MASSIVE “security” file and save it in a 50Mb+ database file on your HD. Forget it.

Oh, and last tip of this posting. Don’t even bother with FF’s stupid AdBlock Plus extension. This only works in FF and it’s not that great either. I recommend getting AdMuncher, Aussie-written and the absolute best popup blocker available. I’ll write more about that one in a separate post, but for the moment all you need to know is that it applies some fantastic protection to EVERY internet-oriented program – email clients, web-browsers, standalone RSS feed readers and more.

Mastodon - https://techhub.social/@dhrystone