doing stuff like this isnt a good idea btw, it doesnt make you more secure Note that these will make you more identifiable, but a tad more secure due to the browser's attack surface being a little smaller you said it your self, it makes you more identifiable. the more differing a users fingerprint is, the larger the attack surface is so that part isnt true. You want to be as similar to other Tor users as possible because this then keeps your fingerprint as similar to everyone elses as possible.

browser.safebrowsing.malware.enabled = false [More privacy but less security. Decide if this one is right for you.] browser.safebrowsing.phishing.enabled = false [Same as above] browser.sessionstore.max_tabs_undo = 0 browser.urlbar.speculativeConnect.enabled = false dom.battery.enabled = false [Prevents websites for seeing your battery level, less information for fingerprinting] dom.event.clipboardevents.enabled = false geo.enabled = false security.ssl.enable_false_start = false media.eme.enabled = false -Disables playback of DRM-controlled HTML5 content, which, if enabled, automatically downloads the Widevine Content Decryption Module provided by Google Inc.DRM-controlled content that requires the Adobe Flash or Microsoft Silverlight NPAPI plugins will still play, if installed and enabled in Firefox. media.gmp-widevinecdm.enabled = false -Disables the Widevine Content Decryption Module provided by Google Inc., used for the playback of DRM-controlled HTML5 content. media.navigator.enabled = false network.cookie.cookieBehavior = 1 Disable cookies 0 = Accept all cookies by default 1 = Only accept from the originating site (block third-party cookies) 2 = Block all cookies by default network.cookie.lifetimePolicy = 2 cookies are deleted at the end of the session 0 = Accept cookies normally 1 = Prompt for each cookie 2 = Accept for current session only 3 = Accept for N days network.http.referer.trimmingPolicy = 2 Send only the scheme, host, and port in the Referer header 0 = Send the full URL in the Referer header 1 = Send the URL without its query string in the Referer header 2 = Send only the scheme, host, and port in the Referer header network.http.referer.XOriginPolicy = 2

Only send Referer header when the full hostnames match. (Note: if you notice significant breakage, you might try 1 combined with an XOriginTrimmingPolicy tweak below.) 0 = Send Referer in all cases 1 = Send Referer to same eTLD sites 2 = Send Referer only when the full hostnames match network.http.referer.XOriginTrimmingPolicy = 2 0 = Send full url in Referer 1 = Send url without query string in Referer 2 = Only send scheme, host, and port in Referer webgl.disabled = true WebGL is a potential security risk. browser.sessionstore.privacy_level = 2 0 = Store extra session data for any site. (Default starting with Firefox 4.) 1 = Store extra session data for unencrypted (non-HTTPS) sites only. (Default before Firefox 4.) 2 = Never store extra session data. network.IDN_show_punycode = true media.peerconnection.turn.disable = true media.peerconnection.use_document_iceservers = false media.peerconnection.video.enabled = false media.peerconnection.identity.timeout = 1 media.webRTC - all options disabled, set media.webrtc.debug.aec_dump_max_size to 1 security.ssl3.rsa_des_ede3_sha = false security.ssl.require_safe_negotiation = true security.tls.enable_0rtt_data = false browser.formfill.enable = false browser.cache.disk.enable = false browser.cache.disk_cache_ssl = false browser.cache.memory.enable = false browser.newtabpage.activity-stream.telemetry = false browser.newtabpage.activity-stream.feeds.telemetry = false browser.ping-centre.telemetry = false toolkit.telemetry.archive.enabled = false toolkit.telemetry.bhrping.enabled = false toolkit.telemetry.firstshutdownping.enabled = false toolkit.telemetry.newprofileping.enabled = false toolkit.telemetry.unified = false toolkit.telemetry.updateping.enabled = false toolkit.telemetry.shutdownPingSender.enabled = false network.http.sendRefererHeader = 0 dom.serviceWorkers.enabled = false about:memory -> check anonymize box