diff --git a/common/firefox.nix b/common/firefox.nix
index 6561109..0de83db 100644
--- a/common/firefox.nix
+++ b/common/firefox.nix
@@ -25,7 +25,23 @@ in
       ++ optionals config.services.desktopManager.plasma6.enable [ pkgs.plasma-browser-integration ];
 
     programs.firefox = {
-      #      package = pkgs.firefox-beta;
+      package = pkgs.firefox.override {
+        extraPrefsFiles = [
+          "${pkgs.arkenfox-userjs}/user.cfg"
+
+          (pkgs.writeText "arkenfox-userjs-overrides.cfg" # javascript
+            ''
+              /// arkenfox user.js overrides.
+              // We want session restore to work, for that we need to save history:
+              // https://github.com/arkenfox/user.js/issues/1080#issue-774750296
+              lockPref("privacy.clearOnShutdown.history", false);
+              lockPref("privacy.clearOnShutdown_v2.historyFormDataAndDownloads", false);
+              lockPref("privacy.clearOnShutdown.offlineApps", false); // Site Data
+              lockPref("privacy.clearOnShutdown_v2.cookiesAndStorage", false); // Cookies, Site Data, Active Logins [FF128+]
+            ''
+          )
+        ];
+      };
       enable = true;
       languagePacks = optionals locale [
         "de"
@@ -43,6 +59,7 @@ in
           );
         DisableTelemetry = true;
         DisableFirefoxStudies = true;
+        DisableScreenshots = true;
         EnableTrackingProtection = {
           Value = true;
           Locked = true;
@@ -58,18 +75,48 @@ in
         DontCheckDefaultBrowser = true;
         Preferences = {
           "pdfjs.enableScripting" = false;
+          "signon.rememberSignons" = false;
 
           "media.hardware-video-decoding.enabled" = true;
           "media.ffmpeg.vaapi.enabled" = true;
-          "network.dns.disableIPv6" = true;
-          # "network.dns.DNS_HTTPS.domain" = "::1";
-          "network.connectivity-service.DNSv4.domain" = "127.0.0.1";
-          "network.connectivity-service.DNSv6.domain" = "::1";
-          network.dns.localDomains = "::1";
-          network.dns.forceResolve = true;
-          "media.peerconnection.enabled" = false;
           "media.rdd-ffmpeg.enabled" = true;
           "media.navigator.mediadatadecoder_vpx_enabled" = true;
+          "media.eme.enabled" = true;
+          # "media.peerconnection.enabled" = false;
+          
+          "browser.startup.homepage" = "about:home";
+          "browser.startup.page" = 1;
+          "browser.newtabpage.enabled" = true;
+          "browser.toolbars.bookmarks.visibility" = "newtab";
+          "browser.download.useDownloadDir" = true;
+
+          # "general.useragent.override" = "";
+          # "permissions.memory_only" = true;
+          "privacy.resistFingerprinting" = true;
+          "privacy.resistFingerprinting.block_mozAddonManager" = true;
+          "network.http.referer.XOriginPolicy" = 1;
+          "network.http.referer.XOriginTrimmingPolicy" = 1;
+          "network.http.sendRefererHeader" = 0;
+
+          "network.proxy.socks" = builtins.head (builtins.split ":" config.services.tor.torsocks.server);
+          "network.proxy.socks_port" = lib.last (builtins.split ":" config.services.tor.torsocks.server);
+          "network.connectivity-service.DNSv4.domain" = "127.0.0.1";
+          "network.connectivity-service.DNSv6.domain" = "::1";
+          "network.dns.localDomains" = "::1";
+          "network.dns.forceResolve" = true;
+          "network.dns.disableIPv6" = true;
+
+          "extensions.formautofill.addresses.enabled" = false;
+          "extensions.formautofill.creditCards.enabled" = false;
+
+          "permissions.default.geo" = 2;
+          "permissions.default.xr" = 2;
+          "privacy.fingerprintingProtection" = true;
+          "privacy.globalprivacycontrol.enabled" = true;
+          "signon.firefoxRelay.feature" = "disabled";
+          "browser.display.use_document_fonts" = 0;
+          
+          # "network.dns.DNS_HTTPS.domain" = "::1";
         } // optionalAttrs sway.enable { "browser.tabs.inTitlebar" = 0; };
       };
     };
diff --git a/hardening/opensnitch/block_lists.nix b/hardening/opensnitch/block_lists.nix
index 41e0079..f417f05 100644
--- a/hardening/opensnitch/block_lists.nix
+++ b/hardening/opensnitch/block_lists.nix
@@ -5,13 +5,13 @@
 }:
 stdenv.mkDerivation rec {
   pname = "stevenblack_block";
-  version = "3.14.116";
+  version = "3.15.19";
 
   src = fetchFromGitHub {
     owner = "StevenBlack";
     repo = "hosts";
     rev = version;
-    hash = "sha256-MATJK6QO//6z5CXS3zVo/s/Bz6c2z0g8C+InM5iiv2o=";
+    hash = "sha256-hcvOs96apLZFVv1Fn9FUxS3VQQeP7h/IC2E3xOqcrZY=";
   };
 
   installPhase = ''
diff --git a/specific/grimm-nixos-ssd/configuration.nix b/specific/grimm-nixos-ssd/configuration.nix
index 649c31a..b725b70 100644
--- a/specific/grimm-nixos-ssd/configuration.nix
+++ b/specific/grimm-nixos-ssd/configuration.nix
@@ -40,6 +40,7 @@
         "{b9db16a4-6edc-47ec-a1f4-b86292ed211d}" = "video-downloadhelper";
         "{1526fba1-ac33-4dfc-99d8-163e6129f7b9}" = "reveye-ris";
         "shinigamieyes@shinigamieyes" = "shinigami-eyes";
+        "{6787c9e3-c787-4e21-9449-92e301642b34}" = "proxyswitcheroo";
       };
     };
     spotify.enable = true;