Some months ago I learned about Firefox browser information and history being stored across database files in its profile directory, and made a post outlining different ways of reading their content in the Linux command line. Unfortunately that was the crap way of doing it. Apologies to everyone who came here looking for advice on that.
More recently I came across a much better alternative. There just happens to be a handy little application called SQLite Manager, available as a Firefox add-on.
From a pro-privacy viewpoint there are several reasons we’d want to manipulate the database files, the main one being we can examine what servers the browser is pulling content from. These days images, ads, etc. are typically grabbed from a dozen other servers for each site we visit, usually without us being aware of it. Some of those images are extremely difficult to spot, being designed to replace cookies. Ghostery is another excellent add-on that takes care of this.
The other reason is users should have full control over what their browsers record. Unfortunately, ‘consumers’ being consumers, most people never look at what’s happening underneath the over-simplified interfaces of whatever they buy/install. Enter ‘about:config‘ in the address bar to get an idea of what isn’t included in the user-friendly menus.
I’m also a little concerned about the possibility of personal data being read off the browser, which is why I’d never recommend allowing it to store passwords. Fortunately, Firefox randomises the profile directory’s name to prevent common malware accessing it.
So, after installing SQLite Manager and restarting Firefox, the add-on will run just like any application. We want to find the directory with the browser databases for a user, and in a Linux system this will be at
/home//<user name>.mozilla/firefox/<random-string>.default. SQLite Manager should already find it and present a drop-down menu listing all the files there. It’s worth having a good browse at all the tables, delete stuff related to online shopping and banking, copy others into the bookmarks file, etc.
Each table can also be exported to a spreadsheet, which is probably very useful in forensics if there’s a way of doing it forensically, and this should work for both Microsoft Office and LibreOffice. Since entries have UNIX epoch timestamps associated with them, it should be possible to present everything in a timeline and do all kinds of analytical stuff, as well as present information graphically in whatever report.
First, select the table to be exported, then click Table>>Export. For the spreadsheet to read the data, it must (or should) be exported as a CSV file. Make sure options ‘First row contains column names‘ and ‘Fields separated by comma‘ are both checked, then export the file to wherever.
Now open the spreadsheet application, and open the exported file just like any other. A Text Import window will open. Make sure ‘Separated by Comma‘ option is ticked, and click OK.