Still Under DDOS, but here is a status update anyway. The Tor network is breaking.
/d/OpSec icon


17,155 subscribers

Anonymous Planet Onion

Discussion of OpSec, Threat Models, Protection, Assessment & Countermeasures.

Vendors: /d/vendor_handbook.

While the focus of this community's OpSec discussions may center around Dark Net (DN) activity, all members of this sub are encouraged to think about, discuss, and share ideas relating to OpSec.

Persistent Tor settings guide

by /u/whalez · 10 votes · 2 months ago

A lil guide for you all to make sure your precious Tor browser settings persist when updating your browsers.

Start by creating a file named user.js in this directory: tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default/

It should contain all your tweaks following this syntax (example):

user_pref("extensions.torbutton.security_slider", 1);
user_pref("browser.security_level.security_slider", 1);
user_pref("javascript.enabled", false);
  • No more you getting the worries if the next update would change your precious settings :)

  • Now if you feel more paranoid or are totally sure that some settings should stay permanent you could do the following which proved quite the challenge to get right as it is poorly documented.

  • This user.js file you just created already provides all the functionality we need with the sole exception of locking preferences.

  • Locking a preference prevents it from being changed by both the UI and extensions.

  • First you need to create a file named local-settings.js in the following directory: tor-browser_en-US/Browser/defaults/pref/

  • It should contain the following(note that it starts with two forward slashes which are mandatory to make this work):

pref("general.config.obscure_value", 0);
pref("general.config.filename", "mozilla.cfg");
  • Now go back to the directory containing Tor browser binaries: tor-browser_en-US/Browser/

  • Create a file named mozilla.cfg with all the settings you would like to make permanent and locked(again make sure you include the two forward slashes to make things work):

lockPref("network.proxy.socks_remote_dns", false);
lockPref("javascript.enabled", false);

Of course all of this can and should be scripted to make your lives easier.

That's about it, try it for yourselves and see how it works.

Comments (1)
/u/genz · 1 votes · 2 months ago · Link

Thank you for your insight!