GOALS.md

These are the goals of the I2P Browser, and not really this plugin in-and-of-itself

A

User Interface:

• Remove search engines
• Replace bookmarks
• Donate banner / UI
• Patch Firefox to have relative (from the binary) profile directory
• Start use the Firefox update process to update browser installations
• Mark .i2p cookies as secure
• Mark .i2p domains as secure connection
• Add tests for .i2p secure marking
• Improve the delay-the-user XUL dialogs to be more accurate in regards of where the router is in it’s bootup progress
• Disable the WebIDE
• Disable GamePad API by default
• Disable Web Speech API by default
• Disable the Web Audio API by default
• UI redesign bootstrapping and configuration screens (delay-the-user dialogs)
• Default browser choose wining should de disabled like browser.shell.checkDefaultBrowser, it can be default, but then choosen by the user without any begging ahead
• Extend the firefox preferences UI for I2P router configuration thought of as "must have" or "very nice to have"
• Shrink the BroadcastChannel API's boundaries of access or disable completely
• Make a API white/grey/black -list, in super paranoia mode we should probably disable almost all, while in most cases the user probably want to be as close to a normal browser/web experinence that they are used to from before

Leak Avoidance:

• Stop web socket DNS leak
• If doable, slim down the CA store from unnecessary CAs
• Disable the microphone by default
• Ensure WebRTC is disabled in compile time
• Disable mDNS features
• Ensure links like sftp:// and smb:// , as well as \samba-share is blocked/denied
• Don’t allow IndexedDB storage for third party domains (likability issue)
• Patch the DNS service to prevent any browser or addon DNS resolution
• Restrict what MIME types that are exposed to content scripts

General Security:

• Backport any security patches that might appear from Mozilla
• Don’t allow XHR/Websockets requests towards 127.0.0.1/localhost
• Always use the most sane form of preferences defaults in context of privacy and security.

Unnecessary Connections:

• Disable getpocket.com features and alike
• Remove sync option from preferences
• Clear state when the app exits, by default
• Disable updater telemetry
• Make firefox stop call home to mozilla for different reasons
• Prevent non-Necko network connections
• Figure out how to approach prerender, preconnect, and prefetch link tags

Disk Avoidance:

• Don’t allow SSL key logging
• Only cache media in memory
• Disable the password saving functionality to avoid such being written to disk
• Disable the Auto form-fill to keep as much as possible not written to disk

Platforms:

• Support for Android?
• Support for iOS?

Anti-Fingerprinting:

• Test for preferences which ensures a sane default and something to tell when/if we break it
• Disable support for system adding
• Disable Firefox enterprise policies
• Disable NTLM authentication
• Disable SPNEGO authentication
• Handle privacy issues regarding window.name
• Test runner for I2P Browser test cases
• Block loading of plugins
• Disable OS spesific firefox features that can help fingerprint the end user's operating system
• Block html5 canvas by default
• Block by default or disable WebGL completely?
• Never start fullscreen, always start with fixed width/height to avoid expose screen resolution
• Report fake system uptime to content scripts
• Spoof Accept-Language and Accept-Charset headers no matter browser language
• Spoof timezone to always be UTC
• Develop methods to reduce the accuracy of JavaScript performance fingerprinting
• Always report only one CPU core (dom.maxHardwareConcurrencys)
• Avoid Keystroke fingerprinting by messing with the event resolution
• Disable GeoIP-based search results

???

• SVG drawing
• MathML drawing
• I2Pd flavor