Settings

There are many good tweaks available from privacytools.io. I will simply point out the ones that conflict with the extensions I mentioned in my previous post:
1, privacy.firstparty.isolate=true Conflicts with Cookie AutoDelete
2, privacy.resistFingerprinting=true Doesn't actually conflict with any extensions, but if you set this to be true, your reported timezone will most likely be wrong
3, privacy.trackingprotection.enabled=true Conflicts with uBlock Origin
16, network.cookie.cookieBehavior=1 Might conflict with Cookie AutoDelete. Cookie AutoDelete will take care of these cookies anyways, so there's no point in changing this setting
18, network.http.referer.trimmingPolicy=2 Conflicts with Smart Referrer
19, network.http.referer.XOriginPolicy=2 Conflicts with Smart Referrer
20, network.http.referer.XOriginTrimmingPolicy=2 Conflicts with Smart Referrer

While 23 deals with security, not privacy, take special note to read the referenced source link.

Proxy Auto Configuration (PAC) Files

I use a VPN (Virtual Private Network) (namely, ProtonVPN, the same people that make ProtonMail, an encrypted email service) at the router level, meaning all of the traffic on my home network goes through ProtonVPN. This is especially handy when using devices on your network that cannot be configured to use a VPN.

On the other hand, some services and websites, particularly video streaming services such as Netflix or Hulu will block you from watching their content when using a VPN.[1]
One way to get around this is to change your router settings to let traffic to Netflix and its ilk through while bypassing the VPN. However, the primary reason I use a VPN is to prevent my Internet Service Provider (ISP) from logging all of my internet traffic.

A different way is to use a PAC file which will let you redirect traffic within Firefox based on the destination URL to either a HTTP/S or a SOCKS4/5 proxy. I use a Raspberry Pi that uses a VPN connection to my school's network (and if I weren't in school, I'd use the virtual private server I'm running this blog on to tunnel my traffic), and use SSH to set up a SOCKS tunnel. Once you have a SSH server configured, the command you need to set up a local SOCKS proxy at a specific port is

ssh -D <port number> <user>@<server>

My PAC file (which is set under the Network Settings in Firefox via file://) looks something like

function FindProxyForURL(url, host) {

	if (host=="localhost")
		return "DIRECT";
	// video sites that don't allow for proxies
	if( shExpMatch(url, "*hulu.com*") || shExpMatch(url, "*netflix.com*")  )
		return "SOCKS5 localhost:12345"
	return "DIRECT";
}

This will redirect all Netflix and Hulu traffic to the local SOCKS proxy at port 12345, which is forwarded to the Raspberry Pi, which is connected to my school's network via VPN.

It should not be necessary to use a separate device (the Rasperry Pi) for this, as it should be possible via Docker, but I haven't gotten aound to setting that up.

Using Multiple Firefox Profiles

Occasionally I will not be able to determine how to configure my extensions' settings to allow a website to behave normally. In these situations I run another Firefox instance with a different profile that has absolutely no extensions.

To create a new profile, exit Firefox and then start it again with the -P flag. Use the terminal on Linux or Mac or the command prompt on Windows to do this. Create a new profile. I set this profile to clear history upon exit, in addition to most of the tweaks mentioned earlier.

Then whenever I encounter a troublesome site, I start Firefox with another profile. The key here is to start it not only with the -P flag with an argument for the name of the profile, but also the no-remote flag, because otherwise it will try to open a new window of the currently running Firefox (and that is incompatible with trying to open a new Firefox window using a different profile than what the current Firefox instance is using).

firefox -P <profile name> -no-remote

  1. ProtonVPN does claim to get around Netflix's IP blocking somehow. I only say claim because I have no personal experience with this. I don't have any reason to doubt their word. Unfortunately at this timethey can only do this for Netflix, not any other video streaming service ↩︎