Updated 1.3 Implementation (markdown)

Thorin-Oakenpants 2019-04-19 04:01:11 +00:00
parent a2db547cd9
commit 5712402b58

@ -28,12 +28,11 @@ While not 100% definitive, we have included `[SETUP*` tags for troubleshooting a
- We disable search & form history (0860)
* :star: Form data can easily be stolen by third parties. The PoC (Proof of Concept) linked in [this](https://blog.mindedsecurity.com/2011/10/autocompleteagain.html) 2011 article is still not mitigated almost 8 years later
:exclamation: SUPER IMPORTANT: Cookies, First Party Isolation, RFP
:exclamation: SUPER IMPORTANT: First Party Isolation (FPI), privacy.resistFingerprinting (RFP)
- First party cookies only are enabled (2701)
- First Party Isolation is enabled (4001)
* :star: It is recommended that you clear (Ctrl-Shift-Del) everything (except passwords and site preferences) when first enabling this, so non-Origin Attribute data is wiped
- `privacy.resistFingerprinting` (RFP) is enabled (section 4500)
- FPI is enabled (4001)
* It is recommended that you clear (Ctrl-Shift-Del) everything (except passwords and site preferences) when first enabling (or disabling permanently) this, so orphaned Origin Attribute data is cleared
- RFP is enabled (section 4500)
* As RFP patches land in stable, alternative existing preferences are moved to section 4600 and made inactive
* :star: non-RFP users may want to enable section 4600
* :star: RFP users should reset items in 4600 in about:config, as some cause RFP to not behave as you would expect and alter your fingerprint