The last version of Firefox is making some connections I don't know how to stop. I've modified some of the parameter in "about:config", but there are still HTTP request to the following URLs that I didn't manage to stop: https://firefox-settings-attachments.cdn.mozilla.net/security-state-staging/intermediates/* https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/records

I'm just guessing here:

Do you use Firefox Sync? There was an infrastructure update to make storage for the uploaded data more resilient and reliable. These URLs sound like they might be related to that, but I haven't researched them.

Also, does anyone know if there is a configuration file where I can modify directly all of the parameters I changed in "about:config"?

Changes you make in about:config are nearly all written to the prefs.js file in your currently active profile folder. If you plan to edit that file directly, please do it while Firefox is not running, otherwise your changes probably will be overwitten before an hour has passed.

More info on the profile folder:

Profiles - Where Firefox stores your bookmarks, passwords and other user data

Actually, Firefox connects to the second URL and retrieves a JSON that contains a series of IDs that correspond to some certificates (in pem format), which are retrieved by the first URL:

https://firefox-settings-attachments.cdn.mozilla.net/security-state-staging/intermediates/b77966b0-d8a8-461b-82c0-0b542d6d45b8.pem

b77966b0-d8a8-461b-82c0-0b542d6d45b8 is one of the UUIDs returned in the JSON when Firefox calls: https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/records?_since=%221603483070597%22

Hi Capitan Shinchan,

Try doing the steps below.

Step 1 : Click the menu button and select Options. Preferences. Step 2 : Select the Privacy & Security panel. Step 3 : Under Content Blocking, Choose the custom setting. Step 4 : Uncheck Trackers.

Hope it helps, Sathish

Great research! Intermediates refers to intermediate certificates. Downloading these in bulk is a new thing.

The intermediate certificates are the ones between the trusted root certificate included with Firefox and an individual website's own certificate. For example, on this site:

• Root: Amazon Root CA 1
• Intermediate: Amazon / Server CA 1B
• Site: support.mozilla.org

For years (decades!), Mozilla insisted that websites were responsible for serving all the certificates needed for verification. That is, not only the certificate they bought, but the ones in a bundle file provider by the issuer that link the site certificate to one of the trusted root certificates included with Firefox. No other browser makers required this; they used other approaches to fill the gap so users didn't get a secure connection error. Finally, Mozilla has decided to follow the others and pre-cache known/trusted intermediate certificates so that users are not punished for the errors of websites.

It appears that the list is downloaded in parts, perhaps about 1MB per day for 4-5 days. However, I haven't studied it in too much detail. https://www.reddit.com/r/firefox/comments/j4zf5t/are_the_past_intermediate_ca_caching_problems/

In your second link, the data file appears to be linking to two new intermediate certificates. It also mentions certificate revocations and normandy recipes. Revocations are for certificates that the issuer has canceled, which could occur if they are stolen and could be used for fraudulent purposes. Normandy is a system for updating Firefox in small, quick ways, such as disabling features that cause problems or running studies (About Studies).

@Sathish I already had that option disabled. This is not related to tracking, is related to the update of the intermediate certificates.

@jscher2000 Yet, I already knew that, what I was looking for is to prevent Firefox to do that automatically. I don't think it's a privacy issue (not much at least), but I really want to avoid any automatic request done by Firefox, so I was hoping to find a parameter in about:config to disable this.

Yet, I already knew that, what I was looking for is to prevent Firefox to do that automatically.

I think this is the preference related to bulk downloading of intermediate certificates, but I haven't researched in depth: security.remote_settings.intermediates.enabled

capitan.shinchan said

Yet, I already knew that, what I was looking for is to prevent Firefox to do that automatically.

I think this is the preference related to bulk downloading of intermediate certificates, but I haven't researched in depth: security.remote_settings.intermediates.enabled

Firefox is still making a bunch of connections :\

I wonder whether the ones with monitor in the URL are related to Firefox Monitor ??

A CRL is used to check for certificate revocations. I don't know what is being checked there.

There is lots of data (86 buckets) in the JSON file send via the records link, so even if you disable the intermediate certificate then still other data can be requested..

• https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/records