
Google Container for Firefox – Prevent Google from tracking you around the web - LukeWalsh
https://addons.mozilla.org/en-US/firefox/addon/google-container/?src=recommended
======
rplnt
I think, and always thought of it as intuitive with the way I use browsers,
that sessions should work as a tree. So only child tabs in that tree should
see the contents of parent's session. If I open a new tab, it's a new tree.
Bookmarks could create permanent root node.

~~~
derefr
The problem with this (and the reason browsers don't already do things this
way) is that it breaks Single Sign-On flows like OAuth.

When your browser redirects a tab from example.com to accounts.google.com to
do an OAuth login, the Google OAuth login cookie that gets set by
accounts.google.com under that tab, needs to _also_ be visible later on to any
_other_ tab whose "root node" navigates to accounts.google.com.

Maybe you can make an exception for just SSO providers—but won't other
nefarious uses (e.g. analytics providers) then just _pretend_ to be SSO flows?

And maybe you can just whitelist the existing SSO providers—but that's an
instant oligopoly.

~~~
esotericn
That's not a bug, that's the point.

"Single sign on" means "contact centralised provider with identifying
information plus site browsed".

The explicit desire here is to stop that tracking.

Tracking _is_ single sign on with the "sign on" being invisible to the user.

~~~
derefr
You're thinking of consumer SSO. There's also enterprise SSO. Per-tab cookie
isolation would break pretty much every bigcorp's Intranet, because they're
composed of a bunch of different services that all rely on a centralized IAM
provider.

(Mind you, Google themselves are working to move enterprises away from this
model, with their
[https://cloud.google.com/beyondcorp/](https://cloud.google.com/beyondcorp/)
effort avoiding the "Intranet as a bunch of services on separate internal
domains" model, in favor of a "Intranet as a bunch of services all living
under smart proxies that make them look like one domain and handle IAM for
you" model. But enterprises would need to move _first_ , before complete tab
isolation could be workable for them.)

There's also even-more-enterprise SSO, i.e. SAML and its "using your bank as
an SSO provider to prove your identity to government services" use-cases. This
actually isn't SSO at all—there are more identity providers than there are
services. The point here is to federate proofs-of-identity by allowing many
different (whitelisted) agencies to vouch for your identity, so that the
government doesn't need to issue you some centralized proof-of-identity. This
would also break under complete tab isolation, and I don't think there's any
good replacement in this case.

~~~
esotericn
Not at all, it's the exact same thing in that case as well, it's just that you
_want_ the tracking.

If you don't want every tab to be connected, every tab isn't connected.

~~~
derefr
How do you suggest enabling these use-cases for users that want them, on top
of a browser that isolates tabs by default, _without_ requiring any technical
aptitude of the user to understand what a "cookie" is (which would normally
suggest "have a UX flow for it") but while _preventing_ arbitrary websites
from triggering such a flow and thereby tricking these non-technical users
into enabling the site to track them?

It's not like the problem is _impossible_ ; nobody is saying that. My point is
that the solution is non-obvious to the point that nobody has solved it yet,
despite likely man-years being put into trying. Firefox Containers are the
best UX we've come up with so far to kinda-sorta solve the problem. Do you
have any better idea?

~~~
Izkata
Easy: take the original comment literally and make the interface like Tree
Style Tabs [0].

[0] [https://addons.mozilla.org/en-US/firefox/addon/tree-style-
ta...](https://addons.mozilla.org/en-US/firefox/addon/tree-style-tab/)

------
_jomo
Containers are a feature built into Firefox. There are extensions that let you
use them more generally with any given website. It's also quite useful to log
into websites with multiple accounts at the same time.

However, to prevent tracking I mostly use CookieAutoDelete [0] which only
stores Cookies for sites that I have whitelisted after the tab is closed. It's
really just a handful of sites I visit frequently and don't want to log in
every time. Cookies aren't required for anything else.

Also, not having a Google account comes in handy to prevent tracking by
Google. My default search engine is DuckDuckGo.

0: [https://addons.mozilla.org/de/firefox/addon/cookie-
autodelet...](https://addons.mozilla.org/de/firefox/addon/cookie-autodelete/)

~~~
mard
>to prevent tracking I mostly use CookieAutoDelete

Removing cookies will not prevent anyone from tracking.

Simple example: I once visited an online shop from browser profile in which I
never logged into Facebook. Few hours later I switched to another browser
profile, used exclusively for Facebook, and I got an ad on my timeline from
said online shop, for the exact product I was looking for earlier in another
browser profile. Facebook associated my two browsing personas without cookies,
most likely using a combination of my browser's request headers and IP
address. Not to mention that JavaScript (if enabled) provides additional and
extremely detailed fingerprinting capabilities.

In my experience, Google seems to have a better track record in terms of
respecting cookies (or lack thereof) as the main carrier of online privacy
management. But I think it's just an illusion. They're just obscuring it to
not freak people out too much the way like Facebook does. The information is
still there. They have it, from analytics, fonts, reCaptcha and all other
means of their creep.

To prevent tracking, you need to have a full control over information you send
to the internet, including browser request headers, IP address, behavior
patterns of web browser, and so on. Cookie management alone is just a fallacy
and gives a false feeling of control over privacy.

This is also why I consider those "privacy containers" broken by design. They
just operate on cookies and don't contain anything besides cookies. I would
even consider them harmful because of their misleading nature.

~~~
amelius
> This is also why I consider those "privacy containers" broken by design.
> They just operate on cookies and don't contain anything besides cookies. I
> would even consider them harmful because of their misleading nature.

Privacy containers could do more interesting things like:

\- Connect through a VPN/proxy, so IP address changes all the time.

\- Change browser characteristics (screen size, available fonts, user agent
string, etc) to fool the fingerprint. I suppose that fingerprints are hashes,
so you only have to corrupt one ingredient of the hash to make the fingerprint
unusable.

Tor browsers do stuff like this.

~~~
specialist
_" Change browser characteristics ... to fool the fingerprint."_

What about hardcoding the fingerprint? So that every end user looks the same.

~~~
cortesoft
The problem is that a 'browser fingerprint' is not some function call that can
have its result be spoofed. There isn't even a single specification for what
constitutes a browser 'fingerprint'

It is simply a series of attributes that are tested and compiled. Attributes
that are consistent for a single browser but have some degree of variation
between different computers.

Put enough of those together and you can uniquely identify someone. The exact
things that are checked, however, will vary between implementations, and can
always be changed in the future, so there isn't an easy way to spoof all of
them to be identical.

In addition, many of these attributes that are tested need to return accurate
results for normal functionality to work, so you are again limited in what you
can fudge to avoid fingerprinting.

~~~
gowld
Much of the detail is irrelevant, though. There are things like languages I
never use, and sofware version point-revision.

------
rcMgD2BwE72F
I prefer this setup:

\- install Cookie Auto-Delete ([https://addons.mozilla.org/en-
US/firefox/addon/cookie-autode...](https://addons.mozilla.org/en-
US/firefox/addon/cookie-autodelete/))

\- set it to delete all local data for all domains, 15 seconds after its last
tab is closed

\- create a Firefox container for untrusted apps you can't get rid of (e.g
Gmail, Facebook) and set these domains to open in this "untrusted" container
by default

\- set Cookie Auto-Delete not to delete the data for this particular container

\- whitelist the few domains you trust so that you can keep their sessions
open in the Default container

Result: No need to use a secondary browser or to install special
"Google/Facebook/etc Containers for Firefox". You always browse the Web
incognito by default! Only when you visit some particular webpages do you
enter a custom container that keep your personal data separate from other
activities.

This has worked nicely for 2+ years, with other essential extensions such as
uBlock Origin, Privacy Badger, HTTPS Everywhere and Decentraleyes.

~~~
sophistication
… all of which is futile as long as NSA records everything and their databases
will leak one day.

~~~
qrbLPHiKpiux
Anonymity will always be greater than privacy. What I'm saying is that there
should be a focus on being anonymous without a care (almost) of what you're
doing.

~~~
sophistication
I just think it's a futile kind of paranoia. Your anomalous behavior puts you
on some list. Writing about it here puts you on some list. As every admin
knows so well, spying on user data is much too easy for that not being done
all over. We'd need to tear down large scale digital infrastructure to make
even a dent into the problem of massive abuse potential. Deleting cookies is
cope.

------
beefhash
This is probably a good idea in theory. In practice, it might lower your
internal ReCAPTCHA score and end up prompting you more actual CAPTCHAs,
possibly up to unsolvable[1] ones.

[1]
[https://patents.google.com/patent/US9407661](https://patents.google.com/patent/US9407661)

~~~
xfs
... a tarpit nominally designed for bot detection and anti-spam. I'm sure the
patent wasn't created with sinister motives but it somehow enforced a system
in which you have to either accept full surveillance or end up being
increasingly excluded from the socioeconomic sphere. This is the danger of
solving the human factor with pure technological means - it doesn't really
solve it, instead the human conflict is transported into a more radical one.

~~~
glogla
Since Google deletes you wife's gmail if you sell your nexus (or how it was),
I don't think so.

~~~
ViViDboarder
Huh? I’ve sold many Nexus phones and my wife’s Gmail is perfectly intact.

------
jmathai
Isn't it possible to have a "per TLD" container addon? I'm fine to be logged
into Google and even have Google collect information when I'm using any of
their services (same for Facebook). What I'm really after is a way to sandbox
every site to only have information I explicitly grant it while using their
service.

~~~
ocdtrekkie
Google has... literally hundreds of domains. Just assuming *.google.com would
miss things like googleusercontent.com or googleapis.com or doubleclick.net.
The Facebook container basically grabs "all domains by Facebook" and sandboxes
them together (so they can still interoperate amongst themselves), while
isolating it off from other sites you visit.

Sure, you could do a lot of this yourself with different browsers/browser
profiles/containers, but it'd be far better to have someone provide that list
as a prebuilt addon.

~~~
baroffoos
I really hate websites that do this because I have to go and whitelist the
hundreds of domains that important resources are coming from.

~~~
judge2020
I would say it's both a blessing and a curse. Yes, it makes it harder for
first party isolation scripts to sandbox a service, but the separation of
domain based on the service (doubleclick for ads, googlevideo.com for video,
etc) makes it easier for ad/content blocker list maintainers to block only the
domains and services it should be blocking.

~~~
pferde
Yes, but they are supposed to be using subdomains for that (e.g.
usercontent.google.com, video.google.com, apis.google.com, ...), instead of
what is essentially DNS spam (guesswhetherthisdomainalsobelongstogoogle.com).

DNS has been made hierarchic for this reason.

~~~
baroffoos
I was told this may have been because older browsers limited the number of
simultaneous connections to a domain name and you could work around it by
having multiple domain names.

------
stdplaceholder
In order to use this supposed privacy-enhancing feature, you must allow the
authors of this extension total control over everything you do on the web.
Add-ons are automatically updated in Firefox by default, so you can review
this code now and it will change later. This seems like a poor trade.

~~~
cmroanirgo
...Or, you can use "Firefox Multi-Account containers" by Mozilla. [0]

This is what I use. I have everything that I log into google for in one
container, social media in a second, and everything else is nicely sand-boxed
away from those horrors.

[0] [https://addons.mozilla.org/en-US/firefox/addon/multi-
account...](https://addons.mozilla.org/en-US/firefox/addon/multi-account-
containers/)

~~~
tjoff
It bothers me that they for some reason doesn't support containers in private
windows. I guess a substitute could be to wipe the firefox profile on start or
something but haven't attempted that route yet.

~~~
speedplane
Is anyone else bothered by Google Chrome's new attempt to suggest long and
complicated passwords when you create an account anywhere? Sure this is a nice
bonus for security, but it also means that you can't log into websites anymore
unless you're using chrome signed into your Google account.

~~~
oarsinsync
I think I understand what you're saying. It almost sounds like you're privacy
conscious but not security conscious, but I don't think that was intentional.

Personally, if I was dealing with someone who wasn't already using strong
unique passwords for everything, and didn't want the burden of having a
password manager, I would absolutely recommend relying on Chrome's built in
password manager and having to be signed in to Chrome everywhere. This might
actually be one of the use-cases that triggered the 'auto sign into Chrome
when you sign into a Google product in a tab' feature, which didn't go down
very well in some circles.

I believe (re)using relatively weak passwords on multiple sites is a bigger
risk to privacy than Google tracking every page I visit. I would assume they
track every page I visit regardless of whether I'm signed in to Chrome or not.

EDIT: Note that I'm assuming this feature in Chrome is similar to the feature
in Safari, where Safari suggests strong passwords, but this doesn't prevent
those passwords from being stored in your password manager of choice.

~~~
speedplane
No, I don't think you're understanding my concern, it doesn't relate to
security at all, it touches on privacy, but it's more about monopoly control.

If you start using Google's password manager with their auto-suggested long
complex passwords, there is no way you can remember the passwords yourself.
You'll need to be logged into Google Chrome to have access to the password.
Therefore, you'll need to be logged into Google Chrome to log into any
website. Currently, there is not way to export passwords from one browser to
another, so if all your long complex random passwords are in Chrome, as a
practical matter, you won't be able to use Firefox, Safari, or Internet
Explorer, you'll be required to use Chrome.

The apprehension over the feature is not about security at all (in fact, this
system is likely more secure). It's about control. If you allow Google to
manage all of your passwords, then you'll need Google to do anything.

~~~
oarsinsync
But does it restrict your ability to also save those passwords into an
external password manager?

Per my previous, Safari has a similar feature, which streamlines the process
of generating secure passwords without needing to switch to the password
manager to generate the password, and upon submission, it gets stored in the
keychain, and also pops up the ability to store into 1Password via the usual
extension.

Sure, all those passwords in the keychain are locked to Safari only, so
Chrome, Firefox, etc are unable to access them, but that's what external
password managers are for.

~~~
speedplane
> But does it restrict your ability to also save those passwords into an
> external password manager?

It absolutely nudges people away from password managers and on to Chrome. You
now you have two options... (1) get a password manager on all of your devices
that properly syncs with Chrome; or (2) only use chrome on your devices.

Many people are going to choose option #2. This will lead to more people
relying on Google Chrome and Google Accounts, and will now you'll need to be
logged into Chrome to log into any other site. It's a way for Google to become
requisite, and add more power when they already have so much.

------
heroprotagonist
I found using this, with an isolation setting for specific domains, to be a
better option:

[https://addons.mozilla.org/en-US/firefox/addon/temporary-
con...](https://addons.mozilla.org/en-US/firefox/addon/temporary-containers/)

An isolation policy will let you treat subdomain different from main domain.
So I can use mail.google.com and still always be logged in, while a search
from address bar or elsewhere will open in a temporary container that lasts
only as long as the browser tab.

The persistent "Google" container I have has domains mail.google.com,
accounts.google.com, and myaccount.google.com.. everything else loads in
temporary containers.

Combine with this to remove the link stubs on SERP so you're not sending back
click data if there's a shadow profile based on IP and browser metrics.. so
shadow profile only knows what you searched and not necessarily what you
clicked, and its cleaner for container assignment when opening links in new
tabs because there's no brief hop to the same temp container google search
loads in before going on to a separate temporary container for the target
site:

[https://addons.mozilla.org/en-US/firefox/addon/google-
search...](https://addons.mozilla.org/en-US/firefox/addon/google-search-link-
fix/)

------
cog74657
not sure why you'd use this over the Multi-Account Containers addon by
Mozilla.

[https://addons.mozilla.org/en-US/firefox/addon/multi-
account...](https://addons.mozilla.org/en-US/firefox/addon/multi-account-
containers/)

~~~
LukeWalsh
The Firefox Multi-Account Containers is a more general extension that allows
you to create containers and determine which sites open in each container.
This extension can be customized to suit your needs for multiple sites and
multiple logins but takes more time to set up than Google Container.

~~~
toastal
Exactly. It's easy to tell a privacy-unsavvy person to install this and the
Facebook-only container rather than explaining how to containerize and set up
all the specific URLs and what the broader concept means. The multi-account
container is pretty cumbersome to set up despite being easy.

~~~
inferiorhuman
The facebook-only container is really slick. If you go to facebook.com or
instagram.com it'll replace the current tab with a FB container automatically.

------
lukewrites
This is a cool idea for an add-on, I use the Multi-Account Containers add on
along with Cookie AutoDelete to do basically the same thing for a number of
sites: Google, Facebook, twitter, linkedin (rot in hell, linkedin), amazon,
etc. I like having my cookies there so I don't have to log in every time, but
also don't want to be tracked around the web.

This looks like a great way to help people who don't want to fiddle with
settings to get the same sort of protection. It'd be nice if Multi-Account
Containers had an option to add these sites. I should cut a PR for that,
probably :\

~~~
halo
I tried using Multi-Account Containers because I loved the idea but found the
user interface rather clunkier and more manual than I hoped.

What I really want is for it to be optimised for the common use case with each
domain automatically put in its own container, with some whitelisting of
common grouped services (e.g. MS and Xbox Live, Facebook and Instagram).

It's very rare that I actually want to share any cookie info between sites as
most of it is tracking. In the rare situation you do, the browser could let
you disable containers or add them to a group.

I'd also like something that automatically opts out of tracking preferences,
as well as something that periodically deletes cookies/localstorage (say every
14 days).

You could then set it all up and forget about it.

~~~
Copernicron
I use the Temporary Containers extension and it does much of what you're
looking for. I have it set up so every tab is opened in a new container and
the container gets deleted when the tab closes. So everything is kept separate
from everything else.

------
ocdtrekkie
I definitely want this, but the only reason I use Facebook Container is
because it's an official Mozilla addon. I encouraged Mozilla to pursue a
Google version, but it seems like they've declined for now, and were just
looking to capitalize on the press wave about Facebook.

~~~
sirn
I'm curious, why not just use Firefox Multi-Account Container[1] and setup
Facebook and Google to open in its own container[3]?

The way I see Facebook Container (as an outside who have been using Multi-
Account Container for a while) is that it tried to ride on the Delete Facebook
wave few months ago to make people aware of Multi-Account Container
functionality, so these Google Container/Reddit Container/etc. always seems
weird to me.

[1]: [https://addons.mozilla.org/en-US/firefox/addon/multi-
account...](https://addons.mozilla.org/en-US/firefox/addon/multi-account-
containers/)

[2]: [https://imgur.com/KZuJmgq](https://imgur.com/KZuJmgq)

~~~
dralley
Facebook container has tha two main benefits over multi-account containers,
which is that it requires zero setup, and that when you click a link on
Facebook it drops out of the container.

~~~
StreakyCobra
As a workaround for your second point, it is possible to right-click a link
and use "Open Link in New Container Tab » No Container". Still a workaround
though.

------
dzsuv
How can I be sure that with all these tools I have really avoided tracking?

I have PiHole/VPN/privacy browser extensions installed. Javascript is disabled
for the majority of the sites. LittleSnitch supposedly takes care of the
chatty non-browser programs. All my 3G/4G data goes through PiHole. I have
only a selected few apps installed on my phone.

Paranoia? Yes. Do I have the piece of mind? No. I just simply cannot stay 24/7
on Wireshark examininig every outgoing packet.

Unless the legislation changes for good I really don't see how this mess can
be tackled.

------
brynjolf
For everyone not knowing why you would use this extension, it is so the
container breaks after Google. Say you Google spaghetti, after you click you
defined food.com to be a food container, with this extension it will break out
of Google container into food container. It is pretty great except it creates
two tabs for me and breaks history. If that could be fixed or would be
flawless.

------
mr_overalls
Does anyone have input on whether Perflyst, the author of this addon, is
trustworthy?

~~~
roryokane
You can conveniently audit the source code of (the current version of) an add-
on by installing the “Extension source viewer” add-on
([https://addons.mozilla.org/en-
US/firefox/addon/crxviewer/](https://addons.mozilla.org/en-
US/firefox/addon/crxviewer/)) and then visiting the page of the add-on to
inspect. I haven’t read through all the code of Google Container, but it only
has 31 lines of JSON and 422 lines of JavaScript – smaller than most add-ons.

------
beaker52
I'm probably in a minority around these here parts but... Am I the only one
who doesn't worry too much about all this "tracking"?

Trying to avoid tracking is like some weird obsession/hobby. You go to all
these lengths and then you realise they were tracking you anyway, so you throw
your arms up in disgust, exclaiming how evil they are and start trying to
block that vector, soon enough rinse and repeat. I was there too only a few
years ago but I've since given up and my life has gotten measurably better
because of it - I no longer feel like I'm trying to "stick it to the man", I
don't have to integrate a bunch of different services in an attempt to keep x
and y in separate products to reduce my "awareness surface area" to any one
company. I just stopped worrying so much. Simple as that. And I'm really not
convinced some evil affliction is going to strike me down as a result. Next
time you find yourself wasting hours of your time trying to make yourself
"private" just think of all the other fun stuff you could be doing.

But if you want best bang for minute spent worrying privacy: Use Incognito,
uBlock, Proton Mail and a VPN. 20 minutes of your life and you're pretty darn
private. This should cover you without labouring over choices of extensions
etc.

~~~
titzer
Congratulations, they beat you into submission.

You now have accepted a fundamentally different world where anything you like,
anything you say, anyone you are with or hope to be with, anything you hope to
do, have done, didn't do, every mistake or misstep or misstatement or
misunderstanding or fuckup, is recorded, analyzed, classified, and mined.
You're being constantly _thought_ about, by the machines, who, if you are
lucky, are only interested in making a buck off you, and if you are not lucky,
have targeted you for increased scrutiny, security checks, auditing, social
classification, digitized karma, and eventually, all of this will translate to
a significantly different experience through life. How will it manifest? Maybe
it'll be something big like being denied a loan for a car or a house. Maybe
it'll be a landlord turning you down for an apartment. Maybe it'll be a
constant drip of ads trying to trick you into buying something. Or maybe one
day beaker _53_ will say something bad about the government, or get involved
with a terror group, or it will accidentally _look_ like you got involved with
a terror group. Or maybe they'll just come annoy you while you're sitting down
to tune your guitar with an ad on how to make yourself a better guitar player,
if only you did this or that or the other thing. Or maybe they'll pester you
because your friends did something or didn't do something or should do
something, or how you'll look better in relation to them if you did do
something.

Speak for yourself. I'm sick of being watched and being "thought about" by all
these damn machines. FFS leave me alone, like it was just 15 years ago. Just
_15 years_ ago.

~~~
titzer
P.S. I reject the assertion that being concerned about privacy is some kind of
"weird obsession/hobby". It is, or _was_ rather, the default state of life to
not be watched constantly not long ago. This new thing of having to fight for
basic privacy is the alien thing. You aren't obligated to think about it 24/7,
and kudos to you (or something) for going and having fun while not worrying
about it. But make no mistake, society has been _radically_ altered while you
were sleeping.

~~~
mduncs
I think there is room for nuance between 'concern' about privacy and 'absolute
dedication' to privacy, and the tone of your opinion ignores it. You make good
points, but I would hope for some critical reading of the original poster's
argument.

Data never being completely deleted, and the unending tracking being a slow
sort of death of personal freedom is a good point, but I read the point of the
poster you responded to as this: We can only do so much to secure our privacy,
do effective and easy to implement solutions. If we want absolute privacy, its
probably never possible until you cut out massive parts the digital world for
yourself, and diminishing returns for your efforts most likely aren't worth
it.

------
tedunangst
I'm not sure an addon per tracker is web scale.

~~~
mastazi
Firefox already has a built-in option to block all tracking[1], the reason why
this add-on exists is that it lets you keep Google into a separated Firefox
Container[2]

[1] see here [https://support.mozilla.org/en-US/kb/tracking-
protection?red...](https://support.mozilla.org/en-US/kb/tracking-
protection?redirectlocale=en-US&redirectslug=tracking-protection-pbm) or,
alternatively, you can use Privacy Badger or one of the many ad-blockers that
let you enable tracking-related lists, such as uBlock Origin.

[2] see here: [https://addons.mozilla.org/en-US/firefox/addon/multi-
account...](https://addons.mozilla.org/en-US/firefox/addon/multi-account-
containers/)

------
aasasd
Still not sure whether, and why, these containers are needed when Firefox's
internal ‘tracking protection’ is enabled.

~~~
mcintyre1994
For anyone else wondering, this is now “content blocking” and by default is in
private browsing mode only but can be set to always on. Sounds like a good
idea. [https://support.mozilla.org/en-US/kb/tracking-
protection](https://support.mozilla.org/en-US/kb/tracking-protection)

~~~
aasasd
I've thought for a minute when looking at that option, and couldn't think of
why I wouldn't want it, so turned it on. IDK if it misses anything but seems
to be working pretty good, judging by messages in the console.

It's rather aggressive, even: blocks Yandex's maps embedded on other sites
(though iirc doesn't block Google's maps).

~~~
slededit
It does trip a lot of “turn off your ad blocker” nag screens.

------
andrepd
Better yet: use uBlock origin in advanced mode (dynamic filtering) and block
3rd party frames and scripts by default.

------
tootahe45
Can somebody tdlr everybody why this is needed in addition to the official
container extension?

~~~
tialaramex
Containers need curating. You could in theory do that yourself, but you
probably don't know how in practice (most users) or don't want to (most
remaining users). These pre-made containers are curated by their developer so
they do all that work once.

------
ha1zum
If I keep my whole Google
([https://myactivity.google.com](https://myactivity.google.com)) and Youtube
history completely empty but still logged in to Google account everyday (gmail
and youtube on Firefox), are they still tracking me around the web?

~~~
r3bl
They shouldn't, but that doesn't mean they aren't:
[https://apnews.com/828aefab64d4411bac257a07c1af0ecb](https://apnews.com/828aefab64d4411bac257a07c1af0ecb)

------
kerng
This is cool, will install. Maybe Firefox embraces this idea and adopts the
fork.

~~~
LukeWalsh
That would certainly make it easier to trust this extension. I'm curious why
Mozilla would ship a Facebook container but not a Google container.

~~~
Holybeds
Because Google pays a lot of money to Mozilla?

~~~
LukeWalsh
Then an interesting question is IF the Facebook container stemmed from
principles 4 & 5 from the Mozilla Manifesto applied to the dominant social
utility; is there a reason other than money that the same principles would not
lead to a decision to build an add-on that gives people an option to contain
Google? It's certainly not a technical limitation.

It seems natural to posit that money is the issue but is it so easy to believe
that a foundation most of us trust would compromise its core values?

As mentioned elsewhere hacky add-ons cannot be the end solution, and will not
be widely adopted unless incorporated as defaults.

------
ayoisaiah
This is cool but I don't think I will be using it. I already use
Searchonymous[1] to prevent Google from tracking my web searches while also
browsing YouTube in a separate container where I'm not signed in.

I really on Google's sign-in mechanism for many websites and this would
probably interfere with that.

[1]: [https://addons.mozilla.org/en-
US/firefox/addon/searchonymous...](https://addons.mozilla.org/en-
US/firefox/addon/searchonymous/)

------
heynewton
It seems to not be working well. I've already have the Firefox Multi-Account
Containers [1] extension, but I wanted to try this extension. The problem is
that it has some conflicts, and now after uninstalling it I can't open any
*google.com domains, it crashes and closes the tab.

1: [https://addons.mozilla.org/en-US/firefox/addon/multi-
account...](https://addons.mozilla.org/en-US/firefox/addon/multi-account-
containers/)

------
badrabbit
They still fingerprint your browser. I hope there are better protections
against that but also,things like mobile device details in user agents would
no longer be sent to the server.

------
AlexCoventry
How does this compare to extensions like uBlock Origin and Ghostery?

~~~
8bitsrule
Two different schemes.

uBlock loads privately-constructed filtersets which are used to decide what
net contents to block. (That blockage can be customized per-site in advanced
mode.)

Each FF container keeps content associated with one or multiple sites
'isolated' (in theory) so they can't be 'seen' by sites in other containers
... all in the browser.

------
ronjouch
Bug warning: this is a neat container helper, but it will break your _Back_
button when clicking on Google searches.

Relevant addon issue: [https://github.com/containers-everywhere/contain-
google/issu...](https://github.com/containers-everywhere/contain-
google/issues/8)

------
auslander
I switched to using Private Browsing windows and tabs, which clears all
tracking cookies on close. And browse via always-on VPN to hide my IP. Much
safer, imho.

Still unresolved are history leaks via Referer, from things like fonts, ajax,
tagmanager google.com API calls, present on all websites.

Why web people link so much Google stuff in their websites is a mystery.

~~~
dgrove
You're not inherently trusting your VPN service to: a) not track you b) not
keep logs c) not disclose this information to your actual ISP

You're also now just sitting behind whatever ISP your VPN uses which knows
everything you're doing and sells it back to who-ever.

If your not rotating your VPN services that still allows you to be tracked via
that IP. At the end of the day all your data still belongs to someone and can
be used for whatever. Until DNS over TLS is complete and rolled out across the
board your metadata can still be used.

Not to mention all of the other things associated with this. Even being
connected to a VPN via your phone will still leak information like your coarse
location, wifi networks and bluetooth beacons nearby which all get sent to
your primary phone carrier and whatever applications you use.

~~~
auslander
No VPN:

\- ISP has your name _and_ history. The AdTech knows your IP's history, and
most likely your Id.

VPN:

\- VPN has your history, but no name (paid via voucher), and is other
country's legal entity. My ISP only knows I'm using _some_ VPN service (DoT
enabled on my router). The AdTech is missing key identifier, IP, to link your
data together (to aggregate).

> ISP your VPN uses which knows everything

Both ISPs know squat, just encrypted traffic from my real IP

~~~
dgrove
And all of your DNS traffic since it's not over TLS

~~~
auslander
Cmon, all DNS queries go via VPN tunnel.

~~~
Godel_unicode
...And are trivially demasked for your VPN provider's ISP by traffic analysis
(DNS requests are pretty obvious when transiting a VPN, then wait for the VPN
provider to forward the packet).

------
est
1\. use google.ca as default search engine

2\. disable cookie & javascript for *.google.ca

3\. disable all google ads & analytics domains.

~~~
SXX
4\. enjoy annoying captcha during every search

5\. switch to duckduckgo

~~~
est
for the first few days, yes. But it's smooth afterwards.

~~~
auslander
Because they linked your IP to your profile. Now your searches are logged to a
person, smooth sailing.

~~~
est
How on earth can they link a IP to an profile with js and cookie disabled?

~~~
auslander
You previously logged in as you from the same IP, many times.

------
mothsonasloth
I've tried this tool and had to remove it after a few weeks as the continuity
breaks when clicking links on google results.

Its just too annoying having to re-google something you search for after
clicking the first result and losing your history.

------
apexkid
Why not just have container for every damn site. No one should track me

~~~
syoc
Have a look at the temporary containers add-on which does just that. It is
completely usable. I just create a permanent container for sites where I want
persistent cookies.

------
zubair_io
Disconnect can block Facebook, Google and twitter

------
ashokcsstudent
Would be nice to have social network container, rather than having individual
google, facebook container.

~~~
arunsathiya
Which websites would you define under social container?

~~~
tadzik_
I'd redefine it as a "mega-website/tracker container", to limit the scope of
those sites that get seemingly everywhere. That would include the social
networks but also the likes of google and maybe amazon.

------
everyone
Question:

I have 0 knowledge of the web and whatnot..

I already have privacy badger, would this also help? or would it make no
difference?

------
JazCE
Could really do with one of these for pornhub and such sites.

------
drngdds
What does this add over Privacy Badger + uBlock Origin?

------
beaconfield
Thanks this will be very useful.

------
und3fined
just facebook.com for Facebook production

With google, i use "Always Open in this Container" each google service, this
better for Container google service

------
carrja99
Facebook too

------
hmmokcool
Incredible!

------
mattio
Too bad I don't use firefox xD

