about:config
browser.download.alwaysOpenPanel
switch to „false“
Windows Client Setup: Disable Teredo/ISATAP
Both Protocols are absolutely useless for all common use-cases, but enabled – just „providing“ potential security issues.
Disable like this:
netsh interface isatap set state disabled
netsh interface teredo set state disabled
MS Word – stop adding spaces when pasting text
I hate it 😉 Just want to paste some text, but word adds spaces before, never found a use-case for this default.
Easy to change:
- File=>Options=>Advanced
- Cut, copy and paste=>Use smart cut and paste => Settings
- [ ] Adjust sentence and word spacing automatically
Thank you for the option to turn this off!
Firefox: Allow Restricted TCP-Ports
Disclaimer
I don’t think, „hiding“ a webserver behind a non-standard TCP-Port is a security feature („security by obscurity“) but on the other hand restricting access to non-standard Ports seems to not increase the personal security measure, it just wastes time of anybody who needs to access such a service – and – it’s absolutely allowed to run a web-server on any port which isn’t used by another service 😉
Solution (if you (think, you) know what you’re doing)
As always
about:config
Add as „String“ if it’s missing:
network.security.ports.banned.override
Add the Service you want to acccess
8081,8082,8083
Disclaimer
Since i’m trying to get rid of Evernote, too anoying too often, i’ll start to document non-private-stuff here.
Firefox suggesting Autofill logins from other sites
For some time the password-manager built into firefox presents for each website a long list with obviously not useful proposals: „Want to login into Amazon? Try the Azure-Password!“, Firefox whispers.
A bug couldn’t be more annoying, but this is a feature. (https://www.mozilla.org/en-US/firefox/71.0/releasenotes/)
Hard to believe this could be useful for some corner case, but for daily usage i’d prefer to get only the right password for one web-site to get proposed.
Fortunately you can turn it off:
signon.includeOtherSubdomainsInLookup := false
Thank you, i’v been thinking about switching to another browser. This is really a killer non-feature.
Firefox: „Certificate Viewer“ – How to disable
Firefox 70 added a new „Certificate Viewer“ feature which moves the „Window“-based GUI to a „Web-Page“-View.
- different look
- no new features
- missing features
- Export Certificate
So this is no „new feature“ but a „modification of an existing feature“ – with less features.
Reenable the former full featureset
about:config
security.aboutcertificate.enabled := false
Disclaimer
Since i’m trying to get rid of Evernote, too anoying too often, i’ll start to document non-private-stuff here.
Firefox: Don’t ignore the Windows Enterprise-CA Store
Not a new Feature for Windows, to use an enterprise CA to create server certificates.
And Firefox added the possibility to trust those certificates ages ago – but still you’ll get an TLS-error-message (in German „Kein Verbindungsversuch unternommen: Mögliches Sicherheitsproblem“).
This is no Security-Problem, it’s just a problem of using stupid defaults causing people to waste their time and providing no little level of security, since a CA operated on my own is much more trustworthy than public CAs which firefox trusts blindly.
Solution
Open
about:config
and change
security.enterprise_roots.enabled := true
Disclaimer
Since i’m trying to get rid of Evernote, too anoying too often, i’ll start to document non-private-stuff here.
Annoying Firefox-Defaults to be changed
The Firefox-Developers know best what’s good for their users, so they hide a bunch of Settings in
about:config
so it’s hard to find them.
Some of them I change in every Firefox installation:
- ask me if i want to download MP4-Files, disable the build-in Media-Player
media.play-stand-alone = false- use the DNS, not Google – if I enter a single word as URL
keyword.enabled = false- stop asking me if I really want to leave a page
dom.disable_beforeunload := true- stop autocompletion in the URL-Bar
browser.urlbar.autocomplete.enabled = falsebrowser.fixup.alternate.enabled = falsebrowser.fixup.alternate.prefix = (empty)browser.fixup.alternate.suffix = (empty)accessibility.typeaheadfind.flashBar 0
browser.fixup.alternate.suffix prod.local
browser.fixup.domainwhitelist.wiki true
browser.tabs.warnOnClose false
browser.urlbar.autocomplete.enabled false
network.dns.disablePrefetch true
Disclaimer
Since i’m trying to get rid of Evernote, too anoying too often, i’ll start to document non-private-stuff here.