back to article Mozilla changes Firefox policy from ‘do not track’ to ‘will not track’

Mozilla says it will soon be modifying its Firefox browser to block all user tracking on websites by default. “In the near future, Firefox will, by default, protect users by blocking tracking while also offering a clear set of controls to give our users more choice over what information they share with sites,” said Mozilla VP …

  1. The Dogs Meevonks Silver badge

    I already block everything by default and only enable specific items that allow me to view whatever content I want to see. Sure it means training a new website for a few extra moments, but it's worth it as those sites load much faster when not being slowed down by the bloat.

    This is a positive step in my book, any site that wants me to disable an ad blocker or any other kind of script/cookie thwarting plugins can quite simply go frack themselves.

    1. This post has been deleted by its author

    2. big_D Silver badge

      Same here. NoScript and DNS-blocking Facebook and analytics and tracking sites has made a big difference.

    3. Baldrickk

      Agreed. If they all played by the metaphorical book, then there wouldn't be a problem.

      I block ads because of the sheer number that are **** annoying, be they playing videos, pop-ups, pop-unders, self expanding banners... Not to mention the scope for malicious ads, and the tracking they do (it's not even useful - if I buy, lets say, a bench online, I then have one. Adds for more benches isn't going to convince me to buy another one when I now have one and only have enough room for one).

      If I were to come to a tech site, and was served ads that were static images with a link, and tailored to the experience not by tracking me, but by going "hey, it's a tech, site, lets provide a "techy" ad" then that would be perfectly acceptable, and useful.

      When you go onto what should be a fairly innocuous site, and there are 400-500 trackers active on a single page... Who are all these people, and why should they have access to information about me?

    4. SuccessCase

      Of course the Register illustrate again why they are disliked by Apple. Apple already announced hard blocking of third party tracking and also enhanced tech for thwarting digital browser fingerprinting (have Mozilla announced the same) for Safari in WWDC2018. It is currently available in public beta and will be going live in all likelihood in early Sept. Mozilla are following this lead.

  2. JohnFen

    It's about time

    But I have one question -- will the new system be better than NoScript or uBO at blocking tracking? If not, then I don't really see the point.

    1. TFL
      Thumb Up

      The advantage is that it will be present by default, for all users of the browser. I too load up on ways to eliminate privacy invasions, but most people misunderstand the scope of what is done with their info.

      1. JohnFen

        Ah, excellent point.

      2. N2

        ...but most people misunderstand the scope of what is done with their info.

        And look as if you have just spat in their face when you try to explain.

    2. The Dogs Meevonks Silver badge

      Re: It's about time

      It's making it safer for those that don't already do these things, or perhaps don't know how to.

      Those of us who do them can simply carry on the same as before.. those that were unprotected, now have a little extra.

      It's a good thing.

    3. bombastic bob Silver badge
      Meh

      Re: It's about time

      ack on noscript, and also plugins that make all un-white-listed cookies temporary.

      But... when will they FIX THE AUSTRALIS NONSENSE and GO BACK TO THE WAY IT WAS? you know, a UI with a MENU (and not a fat-finger-burger-button) at least by default, 3D SKEUOMORPHIC [like it USED to be, not all "chrome clone" looking] and WITHOUT the skinny black font and bright blue 2D "buttons" on a blisteringly white backgroun 'options' screens...

      'penny wise, pound foolish' I say.

      1. Charles 9

        Re: It's about time

        'penny wise, pound foolish' I say.

        Then how come it works SO well that Chrome overtook Firefox, either because or in spite of the single menu button. Frankly, I don't see what all the fuss is about. An extra click or flick isn't gonna kill anyone, and I can use Waterfox just as easily after as before. Perhaps it's time to pick your battles. You've been clearly outvoted on the UI, move on to security.

        1. Teiwaz

          Re: It's about time

          Then how come it works SO well that Chrome overtook Firefox

          Chrome was ahead for a while if you were ignorant or didn't care about the drawbacks to using it. It's still competent (if you don't care about the drawbacks). Too many tab crashes for my liking though.

          I'd occasionally use Chromium and Waterfox before Firefox fixed it's speed issues.

          1. Peter2 Silver badge

            Re: It's about time

            Then how come it works SO well that Chrome overtook Firefox

            Because Google tells everybody to install chrome who visits Google with a different web browser?

            As one of the people who moved off of IE6 to FF1 my view which browser is presently in the lead is really an irrelevance. The important thing is that there is competition and choice in web browsers. This is definitely the case.

            Personally, I got fed up with the constant barrage of new versions in firefox and went for the ESR release years ago. Then I got fed up with trying to fight against whomever at Mozilla has been taking lessons from Microsoft's Windows 10 team in changing my existing user interface preferences and making it difficult to change them back, and figured that I wouldn't be the only one fed up. I found one of the Firefox forks (Pale Moon) which is populated by people with the same complaint, and switched to it.

            That's what a healthy competitive market for web browsers looks like. One where you have choice.

            1. Anonymous Coward
              Anonymous Coward

              Re: It's about time

              One where you have choice.

              Apart from a superficial layer, there's not exactly much choice though, is there?

              Chrome = Chromium.

              Vivaldi = Chromium.

              Opera = Chromium.

              Firefox looks and feels like Chromium (and probably contains a lot of its internals these days).

              Edge

              Safari (Doesn't exist on non-Apple platforms anymore.)

              1. Chronos

                Re: It's about time

                Firefox looks and feels like Chromium (and probably contains a lot of its internals these days).

                Nope. Different rendering engines. The Chromium clones all use Webkit, as does Safari. Firefox is (currently, on my machine using ESR) Gecko, which can trace its ancestry back to Navigator and is really the daddy of them all.

                It may well be that Fx uses similar mechanisms to do certain things but not direct copy/paste or #include bit_of_chrome.h. It wouldn't surprise me to hear that Chromium contains many Fx-inspired bits rather than the other way around. The "chrome" in your profile directory means "shiny shit that isn't structural" - and pre-dates Chrome by years - rather than "Google's browser."

                After all that positivity, which is well out of character for me, let me just issue Moz with a warning: I will not accept inserted ads on new tab pages or Safebrowsing¹ potentially reporting my every URL to Google. Find a way to make the latter opt-in or host the definitions anywhere else but Ogle and leave the former out behind the barn with a bullet in its head.

                ¹ I know this is supposed to protect lusers from themselves but should it really be necessary to do about:config and mangle the URL to disable it completely?

                1. Anonymous Coward
                  Anonymous Coward

                  Re: It's about time

                  To be honest, I was surprised to find (when writing my original comment) that Firefox isn't based on Chromium. It's such a blatant rip off of the UI (and much poorer as a result) that I thought they'd ditched all their internals like Opera did - which was basically the browser Firefox used to rip off all the time, so that would kinda make a fucked up sort of sense.

                  1. JLV

                    Re: It's about time

                    >Safari (Doesn't exist on non-Apple platforms anymore.)

                    In for a penny, in for a pound, eh? Besides being incorrect about Firefox, you realize that Safari could have quite a bit in common with Chrome, at least in older code, as Chrome and Safari both used Webkit until 5-6 years ago. Which itself came from KDE's Konqueror, IIRC.

                    It doesn't take rocket science to turn a menu back on permanently. Easily done with Firefox. Edge on the other hand has no menu option that I can recall.

                    Vivaldi looks very different from Chrome and I quite like it, despite never having warmed to Opera.

                    I still blame the whole mess on Jony Ive @ Apple for the dumb flat look. Coincidentally that was also when the macs really started going downhill as far as serviceability and upgradeability went. Just as noxious an "influencer" as Sinovsky IMHO.

                    Full-on skeumorphism is distracting and pointless, but a modicum of shadows, colors and 3D buttons/bars can enhance UI affordance significantly.

                    As far as this article goes? Good job FF!

                    1. Updraft102

                      Re: It's about time

                      Full-on skeumorphism is distracting and pointless,

                      If you refer to the extremes that Apple took it to before it embraced the flatness, I agree. You don't need to have faux paper pages with little rips and dogeared edges in pretend volumes with simulated leather covers. The point is to accelerate the identification of various functions of the UI in our minds, not to actually try to fool us into thinking that we are dealing with actual books (that are somehow still on a screen).

                2. katrinab Silver badge

                  Re: It's about time

                  Internet Explorer can trace its ancestry back to Mosaic, which is even older than Netscape. Also, the Geko line is a complete rewrite and I don't think it contains any of the original Netscape code.

                  1. Daniel von Asmuth

                    Re: It's about time

                    The Netscape browser can trace its ancestry back to Mosaic as well. Gecko was the renderer in the Netscape 5.0 browser, and later in Mozilla. That suggests that the rest of the old Netscape browser was still in use, so there just may be some Mosaic code left in FIrefox.....

                    ...but when will tthe FIrefox developers have time to fix the decade-or-more old bugs?

                    1. J27

                      Re: It's about time

                      Netscape 6 was the first to use gecko, which was a total re-write. Mozilla didn't even get the old Netscape code, just the newer gecko-based code when Netscape open sourced it. Old Netscape ended at the 4.X series and 5 was cancelled.

                3. rg287
                  Headmaster

                  Re: It's about time

                  Nope. Different rendering engines. The Chromium clones all use Webkit, as does Safari. Firefox is (currently, on my machine using ESR) Gecko, which can trace its ancestry back to Navigator and is really the daddy of them all.

                  Only Safari uses actual Webkit. Chromium projects use Blink, which is a (now heavily diverged) fork of Webkit - specifically WebCore, because they use their own V8 JS engine instead of JavaScriptCore.

                  Yes, there's shared DNA but they're quite separate now.

                  Webkit's WebCore and JavascriptCore were themselves forked from KHTML and KJS.

              2. Peter2 Silver badge

                Re: It's about time

                Apart from a superficial layer, there's not exactly much choice though, is there?

                There are now 4 major browser engines available and people create lists of the top ten decent web browsers.

                If you remember being stuck with IE6 or IE6 (with a shut down development team, because Microsoft put Netscape out of business so they didn't have any credible competition) then that's a big improvement.

                1. Updraft102

                  Re: It's about time

                  If you remember being stuck with IE6

                  For the Windows XP updates, you mean?

                  That was all I was ever stuck with IE for. Never used it for anything else. I'd used Netscape since before IE came with Windows, and I wasn't about to switch then either.

              3. el_oscuro

                Re: It's about time

                So basically, 3 engines:

                KDE KHTML/webkit: Chrome, Safari, Vivaldi, Opera, etc

                Mozilla: Firefox, Pale Moon, Ice Weasel, etc

                Trident: Edge and IE

                1. J27

                  Re: It's about time

                  The current KHTML branches are quite different. Chrome and Vivaldi use Google's Blink branch, which came off of WebKit fairly recently. Webkit branched off KHTML long ago and not all changes flowed upstream because the KDE team didn't like Apple exerting control over the development.

                  Mozilla and Trident, more or less. But Edge's version has large portions of code replaced compared to older IE versions.

          2. Anonymous Coward
            Anonymous Coward

            Re: It's about time

            Chrome wasn't ahead 'for a while': Chrome is now dominant in terms of number of users: it has something like 60% of the market. It may not be technically ahead (I don't know: I'm a Firefox user and I've barely tried Chrome), but that's not what is at stake here.

            1. Anonymous Coward
              Anonymous Coward

              Re: It's about time

              Yep, probably used by the same dumb users who used IE.

            2. John Brown (no body) Silver badge

              Re: It's about time

              "Chrome wasn't ahead 'for a while': Chrome is now dominant in terms of number of users: it has something like 60% of the market."

              I wonder how that market is defined? Most if not all Android phones and tablets come with Chrome pre-installed, then there's all the Chromebooks out there too. I bet most people use what they are given and don't actively search out an alternative browser when the one they have does what they want.

        2. JohnFen

          Re: It's about time

          "You've been clearly outvoted on the UI, move on to security."

          If the UI makes the browser too painful to use, then how secure it is is irrelevant.

          1. David Nash Silver badge

            outvoted on the UI

            I wasn't invited to the ballot.

        3. John Brown (no body) Silver badge

          Re: It's about time

          "Then how come it works SO well that Chrome overtook Firefox,"

          Googles aggressive marketing of Chrome EVERY FRICKIN TIME the Google home page opens, might have something to do with it too.

          1. Anonymous Coward
            Anonymous Coward

            "aggressive marketing of Chrome EVERY FRICKIN TIME"

            And let's not talk about Chrome being installed surreptitiously while people were installing something else...

        4. Updraft102

          Re: It's about time

          You've been clearly outvoted on the UI, move on to security.

          That's just the problem. Bob, being a user of Firefox, never got a vote in the first place. They just do whatever they want, with very little concern for what their users want. They're hellbent on becoming Chrome, after all, so what better way to do this than to copy Google's "we know best" attitude?

      2. Teiwaz

        Re: It's about time

        you know, a UI with a MENU (and not a fat-finger-burger-button

        Design trend-wise, I'm afraid that ship sailed - mostly because of Android and Google we have this crap hamburger flatness and too much whitespace.

        The Menubar is still there though, press ALT and it's there (well, it is for me on Firefox 61.0.2 on archLinux).

        1. RegGuy1 Silver badge

          Re: It's about time

          The Menubar is still there though

          Yeah, well what about the fucking pile of poo called Gnome 3? That's made some god awful design decisions. That has gedit. And that hasn't got a menu bar, even if you want one, because some cunt thought it got in the way.

          I hate Gnome 3.

          1. Updraft102

            Re: It's about time

            Yeah, well what about the fucking pile of poo called Gnome 3?

            You mean upstream CInnamon? I had no idea people were actually supposed to use it the way it is presented. More idiots chasing the "one UI to rule them all" fantasy. At least Canonical has seen fit to drop Unity... now Microsoft and GNOME, we're waiting for you to realize that different platforms use different UIs for a good reason.

            GNOME has gone to the menu-bar-less hamburger, and the X-apps project from Cinnamon devs patiently destupidize the GNOME "apps" (really programs) and turn them back into something usable. Forking can be a pain sometimes, but it's often a better choice than having to adapt to programs that just keep getting worse because their devs have lost the plot, as they so often do.

      3. MacroRodent

        Re: It's about time

        > a UI with a MENU

        It can be re-enabled from the configuration. And this is indeed the very first thing I do to any new Firefox installation I use.

        1. JohnFen

          Re: It's about time

          Yes, me too. Having the menu showing is indispensable.

      4. Martin J Hooper

        Re: It's about time

        You can display the menu...

        Goto the customize page and on the bottom of the screen you can get FF to display a menu for you.

        It's under the toolbars drop down.

      5. keithpeter Silver badge
        Coat

        Re: It's about time

        "But... when will they FIX THE AUSTRALIS NONSENSE"

        @bombastic: I just switch the menu bar on.

        Also the Alt-F, Alt-B &c shortcuts just work even if the menu bar is switched off.

        Now does anyone know how to get Firefox to work with the Alt-F11 shortcut in xfce?

        Coat: just going now...

    4. Yoru

      Re: It's about time

      "But I have one question -- will the new system be better than NoScript or uBO at blocking tracking? If not, then I don't really see the point."

      There is a very good point, bearing in mind that the widely used 'Self Destroying Cookies' has recently been disabled by Firefox, due to "security and stability issues. Had to replace it with 'Cookie AutoDelete'.

      There are perhaps some functionality that is just too risky placing in the hands of third parties.

      Meanwhile, like most others, its add-ons to the rescue, (hopefully), such as the Cookie AutoDelete, Adblock Plus, and Disconnect.

      The thing that really bugs me is that Firefox still hasn't internally addressed the lose of the 'Add Bookmark Here 2' add-on, with native support. Which means you have to manually cut and paste the URL into the Location, when adding a New Bookmark via the Sidebar (right click). And since it can no longer be done with the Web based add-ons, it is effectively a dereliction of one of the most basic browser functionalities.

    5. slartybartfast

      Re: It's about time

      What's good about this 'will not track' is that it could mean less need to rely on add-ons/extensions to block trackers and irritating ads. Add-ons/extensions are potential security risks. Firstly they need quite a number of permissions to run and could have malicious code that compromises your computer...potentially though but hard to know for certain.

      https://www.howtogeek.com/188346/why-browser-extensions-can-be-dangerous-and-how-to-protect-yourself/

  3. ecofeco Silver badge
    Thumb Up

    About time

    Excellent news.

  4. a_yank_lurker

    Time to

    It will time to switch default browsers in a few weeks.

    1. phuzz Silver badge

      Re: Time to

      But are you switching to Firefox or away from it?

      And all the people who gave you downvotes, which way did they think you were switching?

  5. Nick Kew

    Definitions, please

    Can a report like this please tell us what it's actually talking about?

    Third-party cookies? OK, we used to have that as standard many years ago, then it vanished. But would that be all third-party cookies, or just those that conform to some pattern? Do they distinguish session cookies from persistent ones?

    And what counts as a third-party cookie? One set by secondary content, such as an image, from a different domain to the page it's in? Hmm, would that be *all* secondary content, or is a line being drawn somewhere? And why don't you make it much easier to avoid loading secondary contents from third-party domains in the first place? Well-implemented control of that could beat any ad-blocking list!

    What about user tracking that the user generally opts in to? OpenID being an obvious case in point? I'd guess that's not what they're talking about.

    1. Anonymous Coward
      Anonymous Coward

      Re: Definitions, please

      And what counts as a third-party cookie? One set by secondary content, such as an image, from a different domain to the page it's in? Hmm, would that be *all* secondary content, or is a line being drawn somewhere?

      Disclaimer: I didn't vote on your comment, so it's not me.

      Third party is everything not the page you explicitly visit. So if you visit dailymail.co.uk, then dailymail.co.uk and web link with that name are the first party. Everything else being loaded on that page like analytics.google.com is third party. So it's not really a 'standard', but a simple rule. If it's first party, then let it load, else do not load.

      It's also a simple rule to give some protection by forcing website to check their content instead of letting random third party putting virus everywhere. If you want third party content in first party website, simply put the content under the first party website. Obviously, the shady ones like ads and virus would avoid that, so the first party could never check what they are planning to put on the website.

      What about user tracking that the user generally opts in to?

      If the website had done it right, then it's just a matter of putting first party tracking cookies on the browser the user opts in, which would then track the user until it is deleted. If third party is blocked, then third party tracking cookies as well as third party content will be blocked from putting into the browser.

      1. Charles 9

        Re: Definitions, please

        OK, so how about something from images.dailymail.co.uk? Or cdn.dailymail.co.uk? Not in the hierarchy (for sensible reasons), but not third-party, either.

        1. Nick Kew

          Re: Definitions, please

          Charles, of course that's precisely the kind of thing that starts us into a grey area. Next step up from that would be a different domain owned by dailymail. Or a third-party contracted by them not for advertising but for, say, content syndication (the kind of thing Reuters do for news), or for distribution (like Akamai). Or an interaction service like disqus.

          Blocking third-party cookies by rule is easy. Defining the ruleset - drawing lines in grey areas - is the hard bit.

      2. Anonymous Coward
        Anonymous Coward

        Re: Definitions, please

        so who's the 2nd party then? :D

        1. DropBear
          Unhappy

          Re: Definitions, please

          "so who's the 2nd party then? :D"

          Google, by virtue of JQuery (or some G-fonts or somesuch) being included into 111% of all existing web content basically by definition...

        2. katrinab Silver badge

          Re: Definitions, please

          I am a visitor at El Reg.

          First party is me.

          Second party is El Reg

          Third party is everyone else.

        3. JohnFen

          Re: Definitions, please

          The first party is you, the second party is the web server you're talking to, and anyone else is the third party.

  6. HandleAlreadyTaken

    AFAIK (please correct me if I'm wrong), since switching away from Yahoo as a default search provider last year, Mozilla gets a majority of its income from Google. I wonder: does this new tough anti-tracking policy also apply to Google trackers? If it does, will it still be worth it for Google to keep financing the Mozilla Foundation?

    1. Teiwaz

      will it still be worth it for Google to keep financing the Mozilla Foundation

      It's not in Googles best interest to be seen as the only choice in browsers. Edge and Safari are not enough to stave off the kind of scrutiny they'd come under if Firefox was struggling or non-existent.

      1. aks

        That's one of the reasons Bill Gates invested in Apple when it was on the slide (while Steve Jobs was elsewhere). Not the only reason, but simply one of them.

  7. Anonymous Coward
    Anonymous Coward

    Call me back when they restore the ability to control cookies at the individual site level

    1. Len
      Happy

      I just use Cookie AutoDelete (https://addons.mozilla.org/en-US/firefox/addon/cookie-autodelete/) for that. By default it deletes all cookies for a page between sessions, unless you whitelist individual sites. Works a charm for me and I wouldn't want to browse without it.

    2. JLV

      Totally +1.

      I've installed Cookie Autodelete and am learning to work with it. It basically frags a page's cookies as soon as you leave it (including going to another page on the same site, I think). You can whitelist. A bit annoying at first, but not dissimilar to the handholding I need to do with NoScript, except that most of the times the full-on frag doesn't break anything.

    3. ecofeco Silver badge

      Tool>Options>Privacy & Security>Cookies and Site Data

      Been there for a few years, too.

  8. Anonymous Coward
    Anonymous Coward

    Kudos Mozilla! But is it futile when this is Tracking Reality: Are we Winning / Losing Privacy-War?

    Google & Mastercard Cut a Secret Ad Deal to Track Retail Sales

    https://www.bloomberg.com/news/articles/2018-08-30/google-and-mastercard-cut-a-secret-ad-deal-to-track-retail-sales

    ________________

    Facebook said the information in Hive "is not readily accessible"

    https://www.theregister.co.uk/2018/08/24/irish_data_protection_commish_opens_inquiry_on_facebook_data_transparency/

  9. Anonymous Coward
    Anonymous Coward

    Could they make deleting cookies easy again?

    The new interface to delete cookies selectively is a great step back. The Del key no longer works. You have to select cookies, press the delete button, and also confirm while closing the dialog or cookies won't be cleared. You can no longer give a look to the contents. While they say they improved it, it looks they actually made it harder by design. Hope this new blocking doesn't follow the same idea.

    1. ecofeco Silver badge

      Re: Could they make deleting cookies easy again?

      Privacy Mode. Looks like a black mask icon.

      Also Tool>Options>Privacy & Security>Cookies and Site Data

  10. Potemkine! Silver badge

    It's about time

    even if plenty of plugins help to keep privacy, it's a good idea FF does it by default, for the many ill-IT-erates.

    DNT was just a smokescreen, a ploy of the tracking industry to gain time during which they would continue to track. This time is over

    'Opt-out' is a scam, only 'opt-in' protects privacy.

  11. Norman Nescio Silver badge

    Check your tracking status

    The EFF offer a web-page that does some simple tests to see if you are being tracked through your browser.

    EFF:Panopticlick

    Note that, as well as cookies, your browser fingerprint is pretty stable over time, and therefore could act as an identifier used to track you. In combination with HTML5 local storage and other 'super cookie' techniques people who want to track you have many tools at their disposal. This article gives a quick overview:

    The Chromium Projects: Technical analysis of client identification mechanisms

    As Sgt. Phil Esterhaus said: "Hey, let's be careful out there.".

    1. Kubla Cant
      Thumb Up

      Re: Check your tracking status

      Thanks @Norman Nescio: very interesting and useful links

    2. ecofeco Silver badge
      Thumb Up

      Re: Check your tracking status

      Yes, thanks Norman. Quite useful.

    3. Anonymous Coward
      Anonymous Coward

      Re: Check your tracking status

      Maybe 'ad' this to the reading list. Its worth noting that Server-Side-Tracking renders most user based / browser protections null and void. Book a hotel or flight or buy something online, and you're tracked more aggressively. Think Palantir-level analytics:

      https://www.theregister.co.uk/2017/10/30/firefox_canvas_privacy_tor/

      https://www.digitaltrends.com/computing/how-do-advertisers-track-you-online-we-found-out/

  12. MJI Silver badge

    Will this be in ESR?

    Some of us NEED menus and prefer windows to look like windows

    1. DropBear

      Re: Will this be in ESR?

      That's irrelevant. "The" ESR most people (including me) keep clinging to, version 52, stopped being the _current_ ESR, which is now version 60 presumably incorporating absolutely everything people were running from by sticking with an ESR. There will be no further updates to v52 - not that would make me move away from it.

  13. heyrick Silver badge

    a move that makes them fair game for default blocking

    Fair game was years ago when they "decided" that the intended choice to enable DNT by default have them a "right" to completely ignore DNT.

    Advertising, I don't have a problem with. It's a necessary evil that pays for stuff and is fairly easily ignored (junk in magazines, every so many minutes on commercial TV). The problem here is the tracking, the profiling, the opaque profiling with no ability to view, correct, or demand deletion of such information.

    And to top it all off, the profiling is probably woefully incorrect, especially if multiple people use the same machine. Or otherwise I'm a Japanophile geek that likes crochet and reading cosies. Heh, it probably has me down as gender confused too...

    1. jumpyjoe

      Re: a move that makes them fair game for default blocking

      To top it all every ad, tracking mechanism, profiling etc is paid for by us in the purchase price when we buy something. Ads don't pay for the programs etc we do. Ads are forced on us and they make us pay to have it forced upon us. God I hate ads.

  14. rjed

    Privacy matters

    Such pro-privacy moves should be commended. I will be switching over to firefox. Sure it will take some time but i ll make a deliberate effort. Its about time tech enthusiast start showing (through actions) that privacy matters. It is possible that some portals may post a message saying firefox not supported and I will know their intentions when the message pops up.

    Kudos to Firefox for making such a move.

  15. Kubla Cant
    Black Helicopters

    Rearranging the deckchairs

    I've just spent 30 minutes reading the fascinating, but ultimately rather depressing page about client identification that @Norman Nescio posted. The short version seems to be that browser-detectable tracking is strictly for kids. It's only a matter of time before more sophisticated undetectable tracking methods are commoditised and generally used. To my personal knowledge, they're already used as part of anti-fraud offerings.

    Basically, were all doomed.

    1. Charles 9

      Re: Rearranging the deckchairs

      IOW, soon all the tracking will move server-side (where it can't be blocked or even detected) via methods essential to the modern operation of the web (like client hashes meant to prevent things like CiTM attacks). Are we just taking the long way round to the Stateful Internet?

    2. JohnFen

      Re: Rearranging the deckchairs

      Yes, this sort of thing is why I am very cautious about using the web at all, and minimize web browsing generally. And, with very few occasional exceptions (such as quickly looking up something I need to know right now), I do not browse the web using Android devices.

    3. ecofeco Silver badge

      Re: Rearranging the deckchairs

      Detecting browser and region of that browser has been easily accomplished for well over a decade.

      Tracking is whole 'nother animal and needs to be stopped dead.

      1. Charles 9

        Re: Rearranging the deckchairs

        But how will you do that when everything they need comes from the basic client handshake, meaning all the tracking can be done stateside and simply stored in countries not subject to regulations like the GDPR?

  16. Anonymous Coward
    Anonymous Coward

    lock all user tracking on websites by default

    while it keeps tracking its users by default. Double standards, hypocracy? Moi?

    1. Anonymous Coward
      Anonymous Coward

      Re: lock all user tracking on websites by default

      so what do you call that default "on", downvoters? Did you ever actually CHECK your firefox settings? :D

  17. Christian Berger

    That's kinda the minimalist solution

    It's apparently a list of "known bad" servers it won't talk to.

    A more sensible solution would be to drop the most abused features one by one in the roadmap after providing more sensible solutions. For example they could block loading Javascript from foreign domains after they provided their own cross vendor Javascript standard library.

    1. Charles 9

      Re: That's kinda the minimalist solution

      But then wouldn't they just hack that library? Seems you can't win one way or the other without going back to the bad old days, but then we'd just be outvoted by the rest of the public...

      1. Christian Berger

        Re: That's kinda the minimalist solution

        Well the problem is that currently JS-libraries are loaded from their domains which means that those servers will have detailed access logs.

        If the libraries came with the browser by default, you could save those http-requests.

    2. aks

      Re: That's kinda the minimalist solution

      How foreign is foreign? .com when browsing from the UK? Canada from the USA? Using a VPN to disguise your own location? Disguised server IP location?

      Don't forget that .com does not mean USA but simply "commercial".

  18. John Crisp

    Slow page warning

    Will they then be able to remove the intensely annoying warning they have introduced?

    Bloody thing. Even with uMatrix et al.

    Oh, and it you read right to left then please put your Big Mac on the left.

    Having it on the right just makes a bad idea even worse.

    Mozilla. Where great ideas are slowly throttled.

  19. cs9

    Your move, Roy

    Remember when IE10 set DNT on by default and the Apache maintainers, led by Roy Fielding, responded by ignoring DNT altogether on IE10 whether the user explicitly set it or not? Yeah good times. The Apache team is going to need to think very creatively about how to undermine this move.

    1. Charles 9

      Re: Your move, Roy

      Easy. Piggyback on domains that normally have to get whitelisted to get things done. Now it's either bend over or break most of the Internet.

    2. Anonymous Coward
      Anonymous Coward

      Re: Your move, Roy

      IIRC, Mozilla too criticized MS move back then, and left DNT off by default (together Chrome and others). Later MS entered the data hoarding business as well.

      Then came Cambridge Analytica....

  20. Compression Artifact
    Devil

    Bank depends on "cross site tracking"

    Yesterday I noticed that the link on my bank's website to view recent statements was broken. I called their customer service to ask if the site was out of order. They said the link now requires "cross site tracking" to be enabled or it won't work. This used to work properly; and there's an alternate link elsewhere on their site that does work properly, which suggests that only some of their web developers are screwed up. I chewed them out.

  21. Orv Silver badge

    So I won't be able to read Wired in Firefox anymore? Oh well, it's not like I'm losing anything of value.

    1. Charles 9

      Yeah, but what happens when it's your bank that won't work anymore? Oh, and they closed the last local branch some time back meaning it's online or a long gas-guzzling trip?

      1. heyrick Silver badge

        meaning it's online or a long gas-guzzling trip?

        In the words of somebody bigger and better than me: hasta la vista, baby

        Been there, had local bank closed, online version became a complicated mess that didn't work with script blocking and barely worked without. So I looked around for a bank with a local presence, opened an account, and slowly transferred my stuff over. Then I sent a request (by post) to the old bank to close my account along with an explanation of what I thought of them depending upon scripts held on third party servers and exactly why a bank ought to be taking security a lot more seriously than to attempt to show a "you have advert blocking" message and even manage to get that wrong. They are expected to be trusted to competently handle my money (okay, other people's money...) yet they can't build a basic functional glitz free website for such things as, oh, checking the balance...? Sorry, I'm out. If that's how they run their public facing website, imagine what goes on behind the scenes.

        1. Charles 9

          Re: meaning it's online or a long gas-guzzling trip?

          "Been there, had local bank closed, online version became a complicated mess that didn't work with script blocking and barely worked without. So I looked around for a bank with a local presence..."

          And for many, there isn't any, or the only bank(s) around have that same sucky online interface, and since most employers insist on checks or online deposits to more easily fulfill their bookkeeping and tax obligations, it's kind of hard to go without.

      2. Updraft102

        Yeah, but what happens when it's your bank that won't work anymore?

        Then a new bank becomes "my bank."

        1. Charles 9

          And if there's NO "new bank" to choose from? Many places have only ONE bank servicing them.

  22. Version 1.0 Silver badge

    Still using Firefox

    I run noscript and ublock (and have done for a long time) but the problem with Firefox is that ever since they announced that they were the fastest browser, they have gotten really slow at opening many web pages. Will this new tactic speed things up or drag the browser to even longer page load times?

  23. arctic_haze

    Mozilla

    There is one advantage of using Firefox, or another Mozilla code base browser. No large company needs to have all my browsing history.

  24. Anonymous Coward
    Anonymous Coward

    "The planned updates would, however, make Firefox the most aggressive browser when it comes to thwarting trackers."

    or put another, it would make Firefox the least passive and cavalier with user information.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like