FFOX-00-000023 - Firefox fingerprinting protection must be enabled.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The Content Blocking/Tracking Protection feature stops Firefox from loading content from malicious sites. The content might be a script or an image, for example. If a site is on one of the tracker lists that Firefox is set to use, the fingerprinting script (or other tracking script/image) will not be loaded from that site.

Fingerprinting scripts collect information about browser and device configuration, such as operating system, screen resolution, and other settings. By compiling these pieces of data, fingerprinters create a unique profile that can be used to track the user around the web.

Solution

Windows group policy:
1. Open the group policy editor tool with 'gpedit.msc'.
2. Navigate to Policy Path: Computer ConfigurationAdministrative TemplatesMozillaFirefoxTracking Protection
Policy Name: Fingerprinting
Policy State: Enabled

macOS 'plist' file:
Add the following:
<key>EnableTrackingProtection</key>
<dict>
<key>Fingerprinting</key>
<true/>
</dict>

Linux 'policies.json' file:
Add the following in the policies section:
'EnableTrackingProtection': {
'Fingerprinting': true
}

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MOZ_Firefox_V6R2_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000381, Rule-ID|SV-251567r807173_rule, STIG-ID|FFOX-00-000023, Vuln-ID|V-251567

Plugin: Unix

Control ID: a86ffd9780cd78ded13471b93ece9349e39f9750d79a99818ac9f54bea620ef8