From aa260fb602c1036936cb40e8ec99ad3afb992229 Mon Sep 17 00:00:00 2001
From: Narsil <narsil@noreply@nixnet.servcies>
Date: Tue, 10 Aug 2021 14:43:49 +0000
Subject: [PATCH] Update 'user.js'

---
 user.js | 94 ++++++++++++++++-----------------------------------------
 1 file changed, 26 insertions(+), 68 deletions(-)

diff --git a/user.js b/user.js
index c82a523..2055cde 100644
--- a/user.js
+++ b/user.js
@@ -1689,113 +1689,66 @@ user_pref("ui.prefersReducedMotion", 1); // [HIDDEN PREF]
 // RFP ALTERNATIVES
 // >>>>>>>>>>>>>>>>>>>>>
 // Spoof number of CPU cores [FF48+]
-// https://bugzilla.mozilla.org/1008453
-// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/21675
-// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/22127
-// https://html.spec.whatwg.org/multipage/workers.html#navigator.hardwareconcurrency
-user_pref("dom.maxHardwareConcurrency", 2);
+// user_pref("dom.maxHardwareConcurrency", 2);
 // -------------------------------------
-// Disable resource/navigation timing
-user_pref("dom.enable_resource_timing", false);
+// Disable Resource Timing API
+// user_pref("dom.enable_resource_timing", false);
 // -------------------------------------
-// Disable timing attacks
-// https://wiki.mozilla.org/Security/Reviews/Firefox/NavigationTimingAPI
+// Disable Navigation Timing API
 // user_pref("dom.enable_performance", false);
 // -------------------------------------
 // Disable device sensor API
-// Optional protection depending on your device
-// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/15758
-// https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/
-// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1357733,1292751
 user_pref("device.sensors.enabled", false);
 // -------------------------------------
-// Disable site specific zoom
-// Zoom levels affect screen res and are highly fingerprintable. This does not stop you using
-// zoom, it will just not use/remember any site specific settings. Zoom levels on new tabs
-// and new windows are reset to default and only the current tab retains the current zoom
-user_pref("browser.zoom.siteSpecific", false);
+// Disable remembering site specific zoom
+// user_pref("browser.zoom.siteSpecific", false);
 // -------------------------------------
 // Disable gamepad API - USB device ID enumeration
-// Optional protection depending on your connected devices
-// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/13023
-user_pref("dom.gamepad.enabled", false);
+// user_pref("dom.gamepad.enabled", false);
 // -------------------------------------
-// Disable giving away network info [FF31+]
-// e.g. bluetooth, cellular, ethernet, wifi, wimax, other, mixed, unknown, none
-// https://developer.mozilla.org/docs/Web/API/Network_Information_API
-// https://wicg.github.io/netinfo/
-// https://bugzilla.mozilla.org/960426
+// Disable Network Information API [FF31+]
 user_pref("dom.netinfo.enabled", false); // [DEFAULT: true on Android]
 // -------------------------------------
 // Disable the SpeechSynthesis (Text-to-Speech) part of the Web Speech API
-// https://developer.mozilla.org/docs/Web/API/Web_Speech_API
-// https://developer.mozilla.org/docs/Web/API/SpeechSynthesis
-// https://wiki.mozilla.org/HTML5_Speech_API
-user_pref("media.webspeech.synth.enabled", false);
+// user_pref("media.webspeech.synth.enabled", false);
 // -------------------------------------
-// Disable video statistics - JS performance fingerprinting [FF25+]
-// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/15757
-// https://bugzilla.mozilla.org/654550
-user_pref("media.video_stats.enabled", false);
+// Disable video statistics to mitigate JS performance fingerprinting [FF25+]
+// user_pref("media.video_stats.enabled", false);
 // -------------------------------------
-// Disable touch events
-// fingerprinting attack vector - leaks screen res & actual screen coordinates
-// 0=disabled, 1=enabled, 2=autodetect
-// Optional protection depending on your device
-// https://developer.mozilla.org/docs/Web/API/Touch_events
-// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/10286
+// Disable touch events [FENNEC BUG]
 user_pref("dom.w3c_touch_events.enabled", 1);
 // -------------------------------------
 // Disable media device enumeration [FF29+]
-// https://wiki.mozilla.org/Media/getUserMedia
-// https://developer.mozilla.org/docs/Web/API/MediaDevices/enumerateDevices
 user_pref("media.navigator.enabled", false);
 // -------------------------------------
 // Disable MediaDevices change detection [FF51+]
-// https://developer.mozilla.org/docs/Web/Events/devicechange
-// https://developer.mozilla.org/docs/Web/API/MediaDevices/ondevicechange
-user_pref("media.ondevicechange.enabled", false);
+// user_pref("media.ondevicechange.enabled", false);
 // -------------------------------------
 // Disable WebGL debug info being available to websites
-// https://bugzilla.mozilla.org/1171228
-// https://developer.mozilla.org/docs/Web/API/WEBGL_debug_renderer_info
-user_pref("webgl.enable-debug-renderer-info", false);
+// user_pref("webgl.enable-debug-renderer-info", false);
 // -------------------------------------
 // Enforce prefers-reduced-motion as no-preference [FF63+] [RESTART]
 // 0=no-preference, 1=reduce
-user_pref("ui.prefersReducedMotion", 0); // [HIDDEN PREF]
-// -------------------------------------
-// Disable PointerEvents [FF86 or lower]
-// https://developer.mozilla.org/docs/Web/API/PointerEvent
-// https://bugzilla.mozilla.org/1688105
-user_pref("dom.w3c_pointer_events.enabled", false);
+// user_pref("ui.prefersReducedMotion", 0); // [HIDDEN PREF]
 // -------------------------------------
 // Disable exposure of system colors to CSS or canvas [FF44+]
-// [NOTE] See second listed bug: may cause black on black for elements with undefined colors
-// [SETUP-CHROME] Might affect CSS in themes and extensions
-// https://bugzilla.mozilla.org/buglist.cgi?bug_id=232227,1330876
-user_pref("ui.use_standins_for_native_colors", true);
+// user_pref("ui.use_standins_for_native_colors", true);
 // -------------------------------------
 // Enforce prefers-color-scheme as light [FF67+]
 // 0=light, 1=dark : This overrides your OS value
 // user_pref("ui.systemUsesDarkTheme", 0); // [HIDDEN PREF]
 // -------------------------------------
 // Disable Web Audio API [FF51+]
-// https://bugzilla.mozilla.org/1288359
 user_pref("dom.webaudio.enabled", false);
 // -------------------------------------
 // Limit font visibility (Windows, Mac, some Linux) [FF79+]
-// Uses hardcoded lists with two parts: kBaseFonts + kLangPackFonts
+// Uses hardcoded lists with two parts: kBaseFonts + kLangPackFonts [1], bundled fonts are auto-allowed
 // 1=only base system fonts, 2=also fonts from optional language packs, 3=also user-installed fonts
-// [NOTE] Bundled fonts are auto-allowed
-// https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc
-user_pref("layout.css.font-visibility.level", 1);
-//
-// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
-// RFP ALTERNATIVES (NAVIGATOR / USER AGENT SPOOFING)
-// >>>>>>>>>>>>>>>>>>>>>
+// https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc ***/
+// user_pref("layout.css.font-visibility.level", 1);
+// -------------------------------------
 // Navigator DOM object overrides
-// [WARNING] DO NOT USE ***/
+// [WARNING] NO NOT USE: these prefs are insufficient and leak
 // user_pref("general.appname.override", ""); // [HIDDEN PREF]
 // user_pref("general.appversion.override", ""); // [HIDDEN PREF]
 // user_pref("general.buildID.override", "20181001000000"); // [HIDDEN PREF]
@@ -1912,6 +1865,11 @@ user_pref("browser.download.hide_plugins_without_extensions", false);
 // https://bugzilla.mozilla.org/1689405
 user_pref("browser.library.activity-stream.enabled", false);
 // -------------------------------------
+// Disable PointerEvents
+// https://developer.mozilla.org/docs/Web/API/PointerEvent
+// https://bugzilla.mozilla.org/1688105
+user_pref("dom.w3c_pointer_events.enabled", false);
+// -------------------------------------
 // FF89
 // Disable sending Flash crash reports
 // https://bugzilla.mozilla.org/1682030 [underlying NPAPI code removed]