Hi everyone !

Right now I use:

  • Firefox’s full protection with everything blocked by default
  • AdGuard adblocker extension
  • Adguardhome DNS blocker
  • ProtonVPN through wireguard
  • Selfhosted searxng instance (metasearch engine aggregator).

While this gives me reasonable doubt of protection/privacy, this blocks me out to interact with FOSS projects on github, which kindda sucks!! I don’t want to accepts GitHub’s long cookie list of tracking and statistics, but not being able too interact and help FOSS project to thrive, improve, get some visibility, will in the long term hurt FOSS projects.

I’m aware of GitHub’s cookie management preferences, but I don’t trust them to manage and choose what should be accepted or not !

Firefox only allows to block/accept everything and all extensions are just to delete them. I couldn’t find any related and somehow workaround on this issue.

Q: Is there anyway to only accept cookies allowing me to login and interact with repos without accepting those tracking and analytic cookies?

If you have any solution/workaround to share, I’m all ears !


Edit

I learned a few new things today:

  • Adguard AdBlocker extension for firefox allows to block cookies before they enter into your system
  • User Agent spoofing addon
  • Firefox privacy.fingerprintingProtection is not activated by default for everthing

– How to block specific cookies with the Adguard Adblocker extension

⚠️ This can and will cause the website to malfunction if you block the wrongs cookies ⚠️

To find out what specific cookie you want to block, you first need to know his name. For firefox you need to open the application menu -> more tools -> web developer tools OR right click inspect (keyboard shurtcuts depends on your system).

In the web developer tools windows go to STORAGE -> cookies.

githubcookiesexemple

After you found out what additional non-essential cookies you want to block out you need to add them in the AdGuard user rules:

||github.com/$cookie=tz
||github.com/$cookie=preferred_color_mode
||github.com/$cookie=color_mode
||github.com/$cookie=saved_user_sessions
||github.com/^$third-party

To read more about on how to create you own ad filters read the official documentation.

– User Agent spoofing

User agent string switcher

This extension allows you to spoof your browser “user-agent” string to a custom designation, making it impossible for websites to know specific details about your browsing arrangement.

– Firefox about:config privacy.fingerprintingProtection = true

Firefox’s documentation is pretty straightforward but here is what they are saying about:

However, the Canvas Permission Prompt is not the only thing that Fingerprinting Protection is doing. Fingerprinting Detection changes how you are detected online:

  • Your timezone is reported to be UTC
  • Not all fonts installed on your computer are available to webpages
  • The browser window prefers to be set to a specific size
  • Your browser reports a specific, common version number and operating system
  • Your keyboard layout and language is disguised
  • Your webcam and microphone capabilities are disguised
  • The Media Statistics Web API reports misleading information
  • Any Site-Specific Zoom settings are not applied
  • The WebSpeech, Gamepad, Sensors, and Performance Web APIs are disabled

Type about:config in the address bar and press EnterReturn. A warning page may appear. Click Accept the Risk and Continue to go to the about:config page. Search for privacy.resistFingerprinting and set it to true. You can double-click the preference or click the Toggle Fx71aboutconfig-ToggleButton button to toggle the setting.

If it is bolded and already set to true, you, or an extension you installed, may have enabled this preference. If you discover the setting has become re-enabled, it is likely a Web Extension you have installed is setting it for you.


Closing thoughts

This may seem overkill for some people and I get it, but if you are really concerned about your privacy/security, there is nothing as “one-click/done” privacy. It’s hard-work and a every day battle with E-corp and other hidden institutions that gather every bit of fingerprints/trace you leave behind ! I hope this long edit will help some people to have a more private and safer web browsing !

  • RotatingParts@lemmy.ml
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    The add-on Cookie AutoDelete allows way more flexibility with cookies including white listing cookies. Example: you could have all cookies deleted but not the ones on your whitelist. It has many other options for controlling cookies.

    • deepdive@lemmy.worldOP
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Thank you for your input :). While this add-on has more flexibility on what to keep in your browser, it only deletes them after they have entered your system. It’s actually not as useful as it sounds because your data is already exchanged with the server.

      If you are interested you can read my too long edit to see what I meant and how to block specific cookie before they enter your system. Also on how to spoof your user agent and activate privacy.fingerprintingProtection in firefox.

    • deepdive@lemmy.worldOP
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Hey thank you, but that’s also not what I was looking for ! If you are interested you can read my long edit on how I solved my issue :)

    • deepdive@lemmy.worldOP
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Thanks but that’s really not what I’m looking for…

      When it’s needed for the website to work properly, it will automatically accept the cookie policy for you

    • asudox@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      That extension’s development has stopped. It is now worse than “I don’t care about cookies”

      • flinch@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        I’ve just seen the commit; thanks for pointing it out. Anyway, I have used ConsentOMatic since that day.