diff options
Diffstat (limited to 'debian/local/pref/user.js')
-rw-r--r-- | debian/local/pref/user.js | 11 |
1 files changed, 0 insertions, 11 deletions
diff --git a/debian/local/pref/user.js b/debian/local/pref/user.js index 807057a09e..7f6a3d6650 100644 --- a/debian/local/pref/user.js +++ b/debian/local/pref/user.js @@ -367,17 +367,6 @@ user_pref("browser.send_pings.require_same_host", true); // defense-in-depth /*** [SECTION 0700]: HTTP* / TCP/IP / DNS / PROXY / SOCKS etc ***/ user_pref("_user.js.parrot", "0700 syntax error: the parrot's given up the ghost!"); -/* 0701: disable IPv6 - * IPv6 can be abused, especially with MAC addresses, and can leak with VPNs. That's even - * assuming your ISP and/or router and/or website can handle it. Sites will fall back to IPv4 - * [STATS] Firefox telemetry (Dec 2020) shows ~8% of all connections are IPv6 - * [NOTE] This is just an application level fallback. Disabling IPv6 is best done at an - * OS/network level, and/or configured properly in VPN setups. If you are not masking your IP, - * then this won't make much difference. If you are masking your IP, then it can only help. - * [NOTE] PHP defaults to IPv6 with "localhost". Use "php -S 127.0.0.1:PORT" - * [TEST] https://ipleak.org/ - * [1] https://www.internetsociety.org/tag/ipv6-security/ (see Myths 2,4,5,6) ***/ -user_pref("network.dns.disableIPv6", true); /* 0702: disable HTTP2 * HTTP2 raises concerns with "multiplexing" and "server push", does nothing to * enhance privacy, and opens up a number of server-side fingerprinting opportunities. |