Firefox fingerprinting protection must be enabled.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-251567	FFOX-00-000023	SV-251567r807173_rule		Medium

Description
The Content Blocking/Tracking Protection feature stops Firefox from loading content from malicious sites. The content might be a script or an image, for example. If a site is on one of the tracker lists that Firefox is set to use, the fingerprinting script (or other tracking script/image) will not be loaded from that site. Fingerprinting scripts collect information about browser and device configuration, such as operating system, screen resolution, and other settings. By compiling these pieces of data, fingerprinters create a unique profile that can be used to track the user around the web.

Description

The Content Blocking/Tracking Protection feature stops Firefox from loading content from malicious sites. The content might be a script or an image, for example. If a site is on one of the tracker lists that Firefox is set to use, the fingerprinting script (or other tracking script/image) will not be loaded from that site. Fingerprinting scripts collect information about browser and device configuration, such as operating system, screen resolution, and other settings. By compiling these pieces of data, fingerprinters create a unique profile that can be used to track the user around the web.

STIG	Date
Mozilla Firefox Security Technical Implementation Guide	2021-12-01

Details

Check Text ( C-55002r807171_chk )
Type "about:policies" in the browser address bar. If "EnableTrackingProtection" is not displayed under Policy Name or the Policy Value is not "Fingerprinting" with a value of "true", this is a finding.

Fix Text (F-54956r807172_fix)
Windows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Tracking Protection Policy Name: Fingerprinting Policy State: Enabled macOS "plist" file: Add the following: EnableTrackingProtection Fingerprinting Linux "policies.json" file: Add the following in the policies section: "EnableTrackingProtection": { "Fingerprinting": true }

Fix Text (F-54956r807172_fix)

Windows group policy:
1. Open the group policy editor tool with "gpedit.msc".
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Tracking Protection
Policy Name: Fingerprinting
Policy State: Enabled

macOS "plist" file:
Add the following:
EnableTrackingProtection

Fingerprinting

Linux "policies.json" file:
Add the following in the policies section:
"EnableTrackingProtection": {
"Fingerprinting": true
}