
Firefox Multi-Account Containers - nachtigall
https://blog.mozilla.org/firefox/introducing-firefox-multi-account-containers/
======
ff_
I LOVE this feature, but it has only one problem: when I'm in a container and
I press Ctrl+T (new tab), the new tab opens in the default container. This
doesn't make sense, I want it to stay in the same container.

This was also discussed in the issue tracker, in a now closed issue, in which
the intuitive behaviour (staying in the same container) was proposed, but got
sidetracked and in the end implemented something totally different.

So if anyone from Firefox is listening here: please PLEASE consider
implementing Ctrl+T in the same container :)

~~~
groovecoder
(Someone from Firefox here)

It's a popular request; about as popular as everyone who wants Ctrl+T to open
in the default container. :)

So, for our core experience we picked the default behavior that helps maximize
the privacy and security protections of Containers.

The good news is that, with the contextualIdentities extension API (exclusive
to Firefox!), add-on authors can make their own add-ons to change this
behavior. Like Taborama is doing:

[https://github.com/kesselborn/taborama](https://github.com/kesselborn/taborama)

Check out [https://developer.mozilla.org/Add-
ons/WebExtensions/API/cont...](https://developer.mozilla.org/Add-
ons/WebExtensions/API/contextualIdentities) for more info on making Container-
aware extensions.

~~~
iamvfl
If both are equally popular, it would make sense that this be an easily
configurable option in the browser's settings. Favouring one option over the
other will inevitably alienate about half the consumers of this awesome
feature, which seems like a bit of a waste to me.

~~~
Jarwain
It seems like the Firefox team intends to only have what maximises the privacy
security protections, and that this extra functionality (hereafter referred to
as SameCon, versus the current DefCon) is ideally implemented as an add-on.
I'd imagine they're thinking that if a user wants SameCont, that user can just
add it as an add-on

I don't think this is the ideal solution, because I'd imagine there are a
population of users who just wouldn't consider the possibility that SameCon
could Be an add-on. Especially if the community is split roughly down the
middle.

I think yours is the ideal solution, making SameCon a configurable option, but
having the default option be DefCon. That way, the privacy and security
protections are the Default behavior, but a user has the option to change it
Built In

~~~
groovecoder
Very good point; and you get a +1 for "DefCon"

------
nicoburns
This is incredibly useful. It's basically like Chrome's 'profiles', except
per-tab rather than per-window. So I can now have my personal gmail, my work
gmail, and the 3rd gmail account for a client set next to each other, and
colour coded.

This, along with the speed improvements (both the UI and content processes) in
Firefox 55 have made it my default browser for the first time since Chrome was
released.

~~~
dingaling
However it doesn't appear to containerize extensions / add-ons, so it's
probably still prudent to use a separate clean profile for banking to avoid
the risk of malicious data-slurping add-ons.

Despite their claims for it: "Maybe you want to keep your bank’s website
farther away from your Pinterest board"

~~~
oAlbe
Would you trust using a potential "data-slurping" add-on at all? I honestly
wouldn't, neither for my bank info, nor for my search queries.

Just be mindful of what add-ons you install.

~~~
grok2
I think the OP is sorta saying the same thing -- they perhaps don't want their
banking container to see add-ons (except the container add-on :-)). It's
perhaps okay to be relaxed about some add-ons in some environments, but not in
all environments.

~~~
jlgaddis
Isn't this what profiles were designed for?

~~~
efreak
I always thought profiles we're designed for multiple users on one login;
they've been around for ages, and I assumed it was because windows 98 wasn't
good with multiple profiles/users.

------
notheguyouthink
Cool!

As an aside, I've been migrating away from Chrome for a while - and I posted
here a while back being dismayed by how terrible Firefox was, how slow/etc it
was, etc. Many people suggested I switch to nightly.

Nightly is .. a night and day experience. I've been fully switched from Chrome
now, thanks to Firefox. Note that on OSX I've had no complaints with Safari as
my Chrome replacement, so I've stuck with them - but on windows it's all
Firefox.

Keep up the great work guys, the new stuff is amazing. Hope you can push it to
stable branch soon for people. :)

~~~
sinaa
Just installed Nightly thinking "how can it be any different from the
Developer Edition?" ... Wow, I couldn't be more wrong!

It is indeed a night and day experience! More approachable UI, and much faster
performance... Big well-done to everyone working hard to keep Firefox
competitive :-)

~~~
SubiculumCode
As an aside, whenever I click on a Slashdot article about Mozilla and
Firefox...ALMOST ALL the comments bash Mozilla and Firefox to pieces...and
mostly from anonymous posters.

On HN we seem to get reasoned arguments for or against Mozilla and Firefox,
but not seemingly mindless hate.

Now I know that HN is a higher class forum these days--Slasdot is not still in
its heyday--but I have to say it is refreshing.

------
wslh
For historical reasons I cannot avoid to mention that I achieved this with my
Cookiepie extension 11 years ago (a billon Internet years ago indeed):
[https://youtu.be/2Pfg-kJ4nAw](https://youtu.be/2Pfg-kJ4nAw) Cookiepie was
written only in JavaScript and was very hackish because Firefox APIs didn't
have a way to correlate network requests with the tab in the UI, so I
traversed network and UI objects recursively to find unknown relationships
between them. It was very difficult to support because even minor Firefox
releases broke it.

I even posted my Cookiepie extension for the first Firefox extension contest
[1] and there was no prize or mention for it.

[1] [https://blog.mozilla.org/press/2006/03/mozilla-announces-
win...](https://blog.mozilla.org/press/2006/03/mozilla-announces-winners-of-
extend-firefox-competition/)

~~~
groovecoder
As a Firefox engineer, then, let me say props for being ahead of your time!
(And waaaaay ahead of mine - I'm new to PrivSec engineering at Firefox)

I'm not sure if Cookiepie directly inspired the engineers who built
originAttributes and Containers features here, but after working with this
Firefox team I can definitely say that the core Containers tech is not hackish
at all - great engineers here.

Anyway, thanks for contributing!

~~~
fabrice_d
originAttributes and Containers can be traced back to the appId cookie/storage
separation implemented for b2g (aka FirefoxOS) apps. I remember that baku
wrote an early Fx add-on abusing appIds and docShells to provide a container-
like functionality.

~~~
bholley
In more detail:

For the original FirefoxOS security model, sicking and jlebar rototilled all
the security checks in the codebase to switch from comparing origins to
comparing (origin, appId, isInMozBrowser) tuples.

Later on, for the eventually-abandoned FirefoxOS New Security Model (NSec), we
needed to pass around a signed package id instead. So the options on the table
were to rototill the codebase again, or to do something out of band with the
cookie service (sicking's proposal).

When I found out about this I wasn't particularly happy with either option,
and used my sec module ownership to insert myself into the discussion, and
push for a more general approach (i.e. OriginAttributes). Sicking was
initially kind of peeved about this, because they were on a deadline, but
eventually came around. So we did one more pass of the rototiller to switch
everything from appId+mozBrowser to the general and extensible mechanism.

Years later, FirefoxOS is no more, but OriginAttributes are still used to
implement Private Browsing, Containers, and First-Party Isolation. Here's to
general/reusable solutions!

------
raimue
I am a long-time user of the deprecated Multifox extension and I have switched
to the Firefox containers ever since they have been introduced to the stable
releases about a year ago. This feature is actually builtin in Firefox, you
only need to change some config settings to enable the UI (probably this is
also all what the linked extension does?).

As Multifox was one of the old XUL/XPCOM extensions, I am glad that this
functionality was integrated natively before Firefox 57 will disable all
extensions that are not WebExtensions.

It is a great way to login to multiple accounts on various sites such as
Twitter, without going through the hassle of a full logout/login cycle. You
can use the accounts side-by-side in different tabs, which will be color coded
to indicate which container they belong to.

More details can be found on the Mozilla wiki:
[https://wiki.mozilla.org/Security/Contextual_Identity_Projec...](https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers)

~~~
groovecoder
The add-on flips the config setting, but also:

1\. Implements the browserAction pop-up UI for managing containers & tabs 2\.
Adds the ability to assign sites to always open in a certain container

~~~
xahrepap
how do you do #2? I can't find it? For example, I want Facebook to always open
in my "Facebook" container.

EDIT: I guess I just had to ask then my brain figured it out. :) Open the page
in the container you want, right click the extension icon and choose "Always
open in this container"

~~~
groovecoder
You can also assign the site to the Container in the browserAction pop-up UI.

------
ihateneckbeards
That's great, I hate when Youtube recommends me all kinds of videos about
turtles just because I stumbled over a video of turtle 6 months ago

~~~
mjard
I've found it useful to purge my Youtube history every once in a while. If I
click on random Youtube links on irc, they always get opened in a
private/incognito session. I'm annoyed this is something that I think about.

~~~
efreak
It's not terribly useful for people who open stuff from within the browser,
but for the past couple of years I've actually had my default browser in
Windows set to incognito/private mode of whatever browser I'm using. This way
I don't have to think about it, and I also don't have to deal with things like
Gmail deciding that I've already seen some emails because my inbox loaded in a
background tab.

~~~
breakingcups
Heh, a bit like Firefox Focus on Android. That's a great idea.

------
Jeaye
I was in the test pilot for this and I had one singular gripe which I don't
think has been addressed or brought up anywhere else I've seen: _I want to be
able to move a tab from one container to another._

It's so easy to open a tab in the default container, or the wrong container,
and being able to move that tab, along with all the data it has spawned (like
cookies) would make this a killer feature for me.

The only other thing, which admittedly makes my one singular gripe less
singular, is that I didn't see any separation in the history, as far as what
was in a given container. In an ideal world, each container would have its own
"Show all history" data.

~~~
groovecoder
[https://addons.mozilla.org/nn-no/firefox/addon/context-
plus/](https://addons.mozilla.org/nn-no/firefox/addon/context-plus/) does the
first part.

~~~
Jeaye
Thank you! This is absolutely essential for a good container experience.

------
mey
I use Chrome profiles heavily, so I am very happy Firefox is exploring this
feature. When doing consulting, I like to keep different client activities
isolated to their own profile, so I have less things to juggle if they use the
same cloud service (AWS, G Suite, Jira, etc).

One limitation I currently see to that workflow (that works better for me in
Chrome) is that this appears to all reside under a single Firefox Account
which essentially creates master set of data to Sync. I would like to be able
to setup Containers to be pegged to different Firefox Accounts (or not at
all).

~~~
Manishearth
I mean, this is distinct from Firefox Profiles, which work pretty much exactly
like Chrome profiles and sync the same way.

~~~
mey
Learned something new, thanks. This doesn't look terribly user friendly
[https://support.mozilla.org/en-US/kb/profile-manager-
create-...](https://support.mozilla.org/en-US/kb/profile-manager-create-..).
Edit: And in testing I can't have multiple profiles open at the same time.

~~~
poiru
You can also use about:profiles, which is a little nicer than the profile
manager.

~~~
mey
So that seems broken as well, when you click "Launch profile in new browser"
it doesn't actually appear to be creating a browser tied to that profile, as I
just setup my personal sync account it caused all the open browsers (across 3
profiles I setup) to all sign into that account.

------
emerongi
This has been extremely useful for the past month or so that I've been using
it. I separate work accounts and personal accounts and that has tremendously
simplified using the browser. For Youtube, I can use a different Google
account without logging out of my main one. I call it my "Entertainment"
container - maybe it will also make it harder for agencies to connect my
leisure activities to other activities.

I even have a "Testing" container when I'm testing a webapp and need to log in
with 2 different users in the same window. Very convenient.

~~~
sleavey
This is exactly how I would like to use this feature, but from what I read,
Firefox Sync only supports one of the accounts. Does that affect containers?
I'd like to sync all of my bookmarks, history etc. from both work and personal
containers.

~~~
482794793792894
Bookmarks and browsing history are not separated by Container Tabs. So, it
will sync both personal and work bookmarks, just like it would without
Container Tabs. The idea being that you look towards the internet like several
users, but on your end it still behaves like a single user.

If you do want bookmarks and browsing history separated, then yeah, as the
other guy said you'll want to use classic profiles. Easiest way is to type
"about:profiles" into the URL-bar and then the rest should be self-
explanatory. Another (scriptable) way is explained here:
[https://support.mozilla.org/en-US/kb/profile-manager-
create-...](https://support.mozilla.org/en-US/kb/profile-manager-create-and-
remove-firefox-profiles)

And then you'd create a second Firefox Account and give each profile a
different Firefox Account to sync to.

------
SubiculumCode
I've been using containers in test pilot for about a month and I love it.
Google is separated from my news reading, is separated from my banking, is
separated from my shopping, is separated from my leisure activity, is
separated from my work activity. Once you set it up to aways open a site
within a designated container it is all smooth.

However, I wonder. What is the technical reason for not making it default to 1
container by site? Sure that would mean hundreds of containers...but does that
pose performance problems?

~~~
Sylos
> However, I wonder. What is the technical reason for not making it default to
> 1 container by site? Sure that would mean hundreds of containers...but does
> that pose performance problems?

It would break some webpages. Also, yes, the vast majority of broken things
will be tracking, but as a browser vendor you sort of need to not piss off
webpage owners (which often benefit from tracking, directly or indirectly), as
otherwise they'll stop testing their webpage against your browser.

Also, as far as I understand things, Tor Browser actually has what essentially
is a separate Container Tab per domain. It's described somewhat more precisely
here:
[https://wiki.mozilla.org/Security/Contextual_Identity_Projec...](https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers#An_extended_origin)

------
newscracker
I've used this from the days of it [1] being in Test Pilot (an add-on for
experimental features) [2] and really loved the idea. Usually I'd use a couple
of different browsers or shuttle between normal and private browsing/incognito
modes for using multiple logins on services (from a privacy standpoint, I
don't like linking accounts together on any service, like for example how
Google allows users to do).

I did provide feedback to the developers on the following:

1\. Opening new tabs should have better intelligence about which container a
user wants to go with.

2\. Improving the look of the tab bar for better tab visibility and clarity on
which tab was the current one.

3\. Detailed and clear documentation on how containers work across normal
windows and private windows, because I certainly wouldn't want to use
something believing that it's providing me isolation while it does not in
certain scenarios. In my limited knowledge, the behavior of different
browsers, in keeping cookies/storage isolated, in private/inprivate/incognito
mode varies when it comes to multiple windows, multiple tabs and closing
windows/tabs. That is already not clear enough (to me) that I don't open more
than one private/inprivate/incognito window at the same time.

I would love for this to get into Firefox main instead of being an extension!

[1]:
[https://testpilot.firefox.com/experiments/containers](https://testpilot.firefox.com/experiments/containers)

[2]: [https://testpilot.firefox.com/](https://testpilot.firefox.com/)

------
kodablah
I am building my own Chromium-based browser with a similar concept called
"bubbles" [0][1]. Not doing a show-hn on it until next week because I need to
build another release but feel free to try it out (I recommend building over
using the one in the releases area as a lot of bugs have been fixed in
master).

Oh and for the commenter wanting Ctrl+T in the same container, a Ctrl+Shift+T
in Doogie does open a child page in the same bubble.

0 - [https://github.com/cretz/doogie](https://github.com/cretz/doogie)

1 -
[https://cretz.github.io/doogie/guide/bubble](https://cretz.github.io/doogie/guide/bubble)

~~~
akerro
Instead putting your effort into a single person project you could do it for
Brave browser or ungoogled-chromium, it would be more useful and you would get
more users.

~~~
kodablah
I have fundamental disagreements with those projects (primarily the UI).
Adoption is not an explicit goal.

------
tjoff
I _really_ like this, but why for everything that is holy does it not work in
Private Windows?

I use Private mode _a lot_ and it doesn't really make sense to group
everything together just because it is "Private".

------
the_common_man
Press and hold in the '+' button shows the container menu. Took we a while to
figure this out.

------
josefresco
I implement "containers" simply by using different browsers (one for each
screen). Chrome runs my (Google) email, calendar, drive. And then I use
Firefox for my client work, where I log in/out of various client identities. I
have Firefox set to "nuke" all session data on close - an absolute must-have
feature for testing caching issues and making sure I don't end up with
"hidden" active sessions around the web.

------
gangstead
I've been wanting something like this for Android / ios.

I've had the problem that many restaurant rewards program have gone from "10
punches on this card and your next sandwich is free" to "type in your phone
number / scan this card" on each visit and have now become "install our app"
to get that free sandwich. That's more than I'm willing to give up for a cheap
meal once every few months.

~~~
foobar20198
My equivalent is to use incognito/private browsing (depending on browser of
choice). However, once again, browsers are opinionated, and don't offer to
save passwords in private/incognito mode (with no overrides). Which means I
just avoid the whole experience when possible.

Similarly, things like Focus let you access a throwaway experience even more
easily. Still no password saving though.

------
nothrabannosir
I've been using this for over a month now, and while I'm convinced it's the
right idea, the implementation leaves much to be desired. Currently, it costs
more effort than it's worth.

[EDIT: comments show this does exist! great] Missing: easy way to open a new
tab in a specific profile. ctrl-T always opens in Default profile, not the one
you're on. So have to go File menu -> New tab -> select profile. And that menu
changes items around slightly, so no muscle memory. I end up going to a tab
already open, middle clicking a random link, ctrl-L, and using that as a fresh
tab. I see on their little drawings they show some cool drop down under the +
button at the right of the tab row, but I can't find any such functionality.

[EDIT: Comments show exists. Good enough!] Missing: a way to fix certain hosts
to certain profiles. E.g. { _XXX_.myclient.com -> always open in "Client X"
tab}. E.g. with links from GitHub (which is client independent) into custom
CIs (jenkins etc). You forget, "why isn't this logged in? oh, profiles", go
back, right click the link, open in new container -> select container. Ugh.

Missing: a way to disallow any non-whitelisted hosts from a tab. E.g. having a
gmail tab is useless, because every link you click will open in that profile
(and you won't notice because hey, it works) and now your gmail credentials
and cookies are available there. Again defeats the purpose. Especially for a
"Banking" tab, for example.

Missing: clear warning that this doesn't do _anything_ meaningful against
tracking. It's a complete waste of time to separate your Facebook into a
separate profile if you don't want to be tracked across other domains.
Fingerprinting goes _well_ beyond cookies. They don't need your account cookie
to link your visits.

Missing: segmentation of plugins!! Different NoScript or µblock settings per
profile? yes please! Or even just native Firefox settings (3rd party cookies,
clearing policy, etc) per website per profile would be lovely.

All in all: I'm stubborn so I'll keep using it, but I'll be honest: there's
quite a low ROI on them, as they are. Good start, hope they improve.

EDIT: Another missing: clear cookies only from a certain profile. E.g.
discover I've accidentally been browsing youtube in work profile (or
whatever), I want to delete all youtube cookies _but only from that profile_.
Can't do it. I encounter this problem often with GMail, where I want to clear
a friend's login but not log out all my sessions from different containers.

(PS: Sorry for using "profile" and "container" interchangeably---it was a bit
stream of consciousness. I mean "container" for both words).

~~~
daenney
> Missing: a way to disallow any non-whitelisted hosts from a tab. E.g. having
> a gmail tab is useless, because every link you click will open in that
> profile (and you won't notice because hey, it works) and now your gmail
> credentials and cookies are available there. Again defeats the purpose.
> Especially for a "Banking" tab, for example.

You can mitigate some of this with Cookie AutoDelete which has support for
contextual identities. After you close a tab it'll nuke cookies for any non-
whitelisted domain for that context.

~~~
drdaeman
I think parent comment wanted something more like First-Party Isolation
(privacy.firstparty.isolate and
privacy.firstparty.isolate.restrict_opener_access in about:config, use with
caution - it _will_ break things, including breaking Cookie Auto-Delete
extension)

[https://www.reddit.com/r/firefox/comments/6y7lpw/what_is_fir...](https://www.reddit.com/r/firefox/comments/6y7lpw/what_is_first_party_isolation_how_does_it_work/)
(sorry, don't know any mozilla.org link for FPI that has any good description
what it does and how it works)

------
provemewrong
Another fan of containers. I switched to Chromium/Safari a long time ago, but
installed Nightly 57 the other day out of curiosity, and containers is
definitely the best feature in it. Only thing I would love even more would be
a private/incognito container (or basically private tabs alongside regular
tabs without the need for opening a private new window).

------
rb666
Great feature! I switched to FF Nightly some months ago, and I can confirm the
performance is great. Sadly I had to switch back to Chrome, the quality of
extensions in Chrome is just much higher.

Now, I only just learned recently that in theory you can use Chrome extensions
in Firefox, does this actually work well? Or just so-so.

~~~
482794793792894
So, this extension quality problem isn't new. Firefox's current extension API
is really powerful, but really complicated and it's not really an API, it's
more-so just a way to fuck around with Firefox's source code, so if Mozilla
changes things then generally extensions break and need to be updated.

Because of that Mozilla has wanted to move to a different extension API for a
long time, they just couldn't really afford to, because it would require
breaking all extensions for good.

Now they are at the point where they do feel like breaking all extensions
weighs up with the benefits. Another big factor here is the new multiprocess-
architecture, which is the foundation for most of those performance
improvements that you've seen, and also requires breaking all extensions.
(Currently those old extensions can still be used, but Firefox will then drop
back to singleprocess - another quality problem that you likely encountered.)

So, now they needed that new extension API. And instead of writing and testing
a completely new API, Mozilla decided to base it off of Chrome's extension
API.

Some smaller Chrome-specific APIs were left out / adjusted, but short of that
and potential bugs in the implementation, Firefox is going to be compatible
with Chrome extensions. (They are also adding new APIs that Chrome does not
support, because they want to offer more extensibility, so it's essentially a
superset of Chrome's extension API.)

For most extension developers, the only porting work is going to be to test
it, work around bugs if they run into some and then upload it to
addons.mozilla.org.

The more or less 1.0 release of that implementation is going to be with
Firefox 57 on November 14th, which is also when the old extension API is going
to be disabled. But most of this new extension API (called "WebExtensions") is
already in Firefox as of today, there's just still some bugs left to be
squished.

So, that's why and how you can run Chrome extensions in Firefox. It's up to
the individual extension developers to port their extension.

Well, that's the normal path, which is not going to be so-so.

As I said, the porting work is often minimal. So minimal that it can almost be
automated. That's why this extension can exist:
[https://addons.mozilla.org/en-US/firefox/addon/chrome-
store-...](https://addons.mozilla.org/en-US/firefox/addon/chrome-store-
foxified/)

Assuming there's no bugs, then the only part which can't be automated is
signing the extension. Haven't done it myself yet, but from what I hear, it's
a matter of creating/having a Firefox Account, uploading the extension-file
and then waiting for a few days or so.

So, to summarize: Firefox now supports Chrome extensions with minimal porting
work necessary, meaning that lots of those will get ported over. You can try
to port things on your own and if there's no bugs then it shouldn't be hard
(and it's not hard to find out if there are bugs). And lots of old,
unmaintained and problematic extensions will get thrown out with Firefox 57,
making it much easier to find the qualitatively better ones.

------
ComodoHacker
I doubt this will help much with privacy. People's laziness plus cognitive
effort needed to track what container you are in plus various tricks from
advertisers and publishers will keep vast majority of users perfectly
trackable.

Chrome's approach at least helps to keep multiple profiles visually separate.

~~~
zimbatm
Yes it shouldn't be used for privacy-sensitive identities. Right now opening a
new link in a new tab will use the default profile, this makes it super easy
to link profiles. Even if that was fixed, all the tabs have pretty much the
same browser settings.

The main use-case is when you have home/work split with multiple accounts.

------
dexzod
The article says: "online trackers can’t easily connect the browsing", which
seems to imply that they can still connect the browsing. Why can't they be
completely prevented from tracking other browsing. The second question I have
is how is this different from Firefox profiles?

~~~
stefano
They can still track you through your IP address, or by a combination of many
browser/computer/OS properties available through JS, for example window size,
browser agent, OS, fonts installed, etc. All these things don't identify you
by themselves, but with enough of them you can build a fingerprint which is
(almost) unique.

------
feanaro
I wonder if there is any reason each tab isn't spawned in its own container.
It seems the natural thing to do once you have implemented this, since it
maximizes privacy. Unless the resource usage is the limiting factor, I don't
see a downside. Am I missing something?

~~~
groovecoder
That's what Containers on the Go does:

[https://addons.mozilla.org/en-us/firefox/addon/containers-
on...](https://addons.mozilla.org/en-us/firefox/addon/containers-on-the-go/)

It wasn't our core use-case, but there's a Web Extension API for others to
build on!

~~~
feanaro
Very interesting. I'm thrilled that there's a Web Extension API, this sounds
like a killer feature.

Now if only Pentadactyl/Vimperator could be reproduced on top of Web
Extensions without loss of functionality... ;-)

------
maxerickson
Can any browser historian explain why the original models of cookie sharing
weren't more like this?

I figure it comes down to some combination of lack of consideration and
performance concerns, but that is just speculation.

I suppose restricted cookie sharing is also a lot more complicated for the
user.

------
wutwutwutwut
I just want to be able to open a new tab in a brand new container. Similar to
File->New Session in Internet Explorer.

If I want to test my web app with say 4 different identities then figuring out
which container is "free" becomes cumbersome.

~~~
the8472
Extensions can spawn new containers, so this should be easy to implement if
you want to.

[https://developer.mozilla.org/en-US/Add-
ons/WebExtensions/AP...](https://developer.mozilla.org/en-US/Add-
ons/WebExtensions/API/contextualIdentities)

~~~
groovecoder
In fact, "Containers on the Go" seems to do this:

[https://addons.mozilla.org/en-us/firefox/addon/containers-
on...](https://addons.mozilla.org/en-us/firefox/addon/containers-on-the-go/)

------
hobarrera
I've been using the tests version of this for some time now. It's great.
Keeping work/personal sessions from mixing is really useful (eg: I want my
work google account whenever I visit gmail, but my personal one for youtube).

You can also set certain domains to open on certain containers by default.

It's available here for now, but I really hope this ends up making it into
firefox itself:

[https://addons.mozilla.org/en-GB/firefox/addon/multi-
account...](https://addons.mozilla.org/en-GB/firefox/addon/multi-account-
containers/)

------
gaius_baltar
This is _great_! I have been emulating this feature for years with multiple
profiles, but let's get things right: it takes some work and it is hard to
teach non-techie folks how to do the same.

Time to test the thing.

------
jqs79
How does this compare with using multiple profiles and the -no-remote flag?
Does this manage only cookies, or does it also separate local storage (HTML5
session/local/global/web sql database), webcache, window.name caching (if the
same tab can use multiple profiles), web history, flash cookies, for those who
still have flash installed, etc.

People might get a false sense of security if all of these methods of saving
data in the browser are not also separated along with cookies.

~~~
groovecoder
Check out
[https://wiki.mozilla.org/Security/Contextual_Identity_Projec...](https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers#What_is_.28and_isn.27t.29_separated_between_Containers)
for the details of what is - and isn't - separated between Containers.

~~~
jqs79
Thanks. So it appears that most of it is separated, with the exception of web
history and search and form data (which can be identifying). This was also
interesting:

"Users can log into multiple accounts on the same site, even when the site
does not natively support concurrent sessions. ... Current solutions: Users
open multiple browsers (this takes users away from Firefox). A user opens one
account in Private Browsing mode (this has a limit of 2 accounts, and forces
one to be ephemeral)."

There is no mention here of the -no-remote flag which has been available for
many years.

~~~
482794793792894
Well, the vast majority of users have no idea of the -no-remote or -new-
instance flags, let alone of Firefox profiles.

------
drvortex
So this basically replicates the functionality provided by
[https://sessionbox.io/](https://sessionbox.io/)

Is multi-process here already?

~~~
yoasif_
> Is multi-process here already?

Yes.

------
DoubleMalt
That might bring make me bring back part of my browsing to Firefox. The
identities functionality was what made me use Chrome almost exclusively the
last two years.

~~~
Manishearth
Chrome doesn't have this. Chrome has profiles, which Firefox has had for
years.

~~~
foobar20198
Switching between profiles in Firefox is the most painful experience ever.
Running multiple Firefox profiles simultaneously requires using a terminal
command.

Switching between profiles in Chrome involves clicking on an easy to find
button, and lets you easily run multiple profiles in parallel. No terminal
involved, accessible to anyone.

To be fair, running multiple chrome profiles in parallel kills my (somewhat
old) machine (mostly by virtue of having too many tabs in each profile), so
Firefox does win there.

~~~
poiru
Check out about:profiles! While not nearly as nice as the Chrome UI, it is
definitely more approachable than using a terminal.

------
35673567
Love that they have decided to add this feature officially. I was using using
sandboxed tabs -> Priv8 for years so that I dont have to be logged in to
facebook and old emails globally.

The one thing I miss over the old plugins is the ability to set home pages per
profile, which I know doesnt really fit in with the new tab ethos of default
Firefox, but I would love a plugin to be able to add the functionality back.

------
piyush_soni
Not sure. I've been using separate "Work" and "Personal" profiles at my
workplace, and can beautifully have two Firefox sync accounts syncing their
own stuff. This limitation of the new Container extension prevents me from
using it as I'd never want my personal and work set of extensions, bookmarks,
and history to mingle with each other. Big oversight.

~~~
482794793792894
Well, that's just the two different use-cases. Container Tabs are not trying
to replace profiles.

------
winterlight
I tried this feature when it was available only in pilot mode. It was very
nice and fitted quite well my uses. But the UX back then could use some
improvements. For example, opening a new tab in a specific container took way
too many clicks. And you couldn't just to CTR+T because it would always open
the tab in the default container, rather than that of the active tab.

------
greggarious
One issue I see is that it seems to be based on domains.

(Ex: if I want a container for my streaming apps, there's no way to segregate
Amazon Video from the rest of the "shopping" app)

Then again I may be getting too fine grained with my personas but segregating
Reddit, HN et al away from my Google account and away from my streaming
accounts seems to kick tracking in the ass.

------
Entangled
I've been doing multiple containers for multiple accounts opening five
different browsers (SF, FX, CR, OP, TR). Now I only need Safari for my regular
browsing, Firefox for multiple accounts and Opera for free VPN.

~~~
TheRealPomax
Free, but you get exactly what you pay for: a rather bad VPN bordering on
"this is not a VPN at all". Of course, you should not believe a random
commenter on HN for that, so hit up [https://thatoneprivacysite.net/vpn-
comparison-chart/](https://thatoneprivacysite.net/vpn-comparison-chart/) and
use that as a starting point to verify for yourself whether or not Opera's VPN
is any good.

If you want security rather than security veneer, use a real VPN instead, with
browsers set to either use or ignore the system proxy, depending on what you
want out of each browser.

------
mderazon
I like this but I like chrome multi profile model better.

I like that extensions are separate for each profile.

For example, I have two separate LastPass accounts. One for work and a
personal one. There is no way for me to keep them separate like this.

~~~
Rusky
Firefox already has that sort of profiles, though they are somewhat less
visible than the equivalent Chrome feature.

~~~
mderazon
Do you know how ? Through which extension?

~~~
Rusky
No extension at all- it's built in. Try visiting about:profile or launching
Firefox with the -p flag.

------
stevenhubertron
I would swap to Firefox in a second if I could live with their font
renderings. It's just so different than what I am used to in
Chrome/Safari/Opera and for some reason its really hard for me to read.

~~~
MattSteelblade
What OS?

~~~
yoasif_
Must be macOS. It looks fine for me in macOS, FWIW.

------
ams6110
Firefox has supported multiple profiles for a long time. How is this better?

~~~
groovecoder
This is a lighter-weight approach. It's per-tab so it doesn't require a whole
other Firefox process to run.

------
matt_f
Can anyone from Mozilla here explain what this is written in, or how it works?

"Containers" makes me immediately think of Docker-like containerized
applications, which I suspect is not actually the case here.

~~~
groovecoder
It's a Web Extension add-on, so it's written in HTML, CSS, and JavaScript.

There should be a post on hacks.mozila.org soon.

------
amelius
Meanwhile, the websites I visit are tracking me across containers :(

------
thinbeige
This is my most wanted feature for a browser. Anyone knows if every instance
has not just a different cookies set but also different canvas fingerprints?

~~~
steveklabnik
I think you want to read this thread:
[https://news.ycombinator.com/item?id=15258485](https://news.ycombinator.com/item?id=15258485)

------
pbreit
This is the one feature that keeps me from using Safari.

------
mattacular
Can someone give a quick summary of how this differs from Google Chrome
"People" accounts? On the surface they seem very similar. Thanks!

------
witten
Dumb question: Does the implementation have anything to do with containers?
E.g., Docker? Or is this just overloading an existing industry term?

~~~
mrmekon
Docker didn't invent the term 'container' for... well, _containing_ an
environment.

It's not really overloaded here. 'Container' means a contained environment
that can see itself, and cannot see other contained environments on the same
machine/network. It has the same basic meaning for both Docker and Firefox.

Docker was released in 2013, so if you search for "software container" or
"software virtual container", or "chroot container" on Google filtered to
before 01-01-2012, you will find plenty of examples of it from the past.

LXC - Linux Containers – was released in 2008... Virtuozzo Containers since at
least 2000.

Here's something called Aurora for containerizing CORBA services in 1998:
[https://link.springer.com/chapter/10.1007/BFb0054506?no-
acce...](https://link.springer.com/chapter/10.1007/BFb0054506?no-access=true)

~~~
witten
Sure, I'm familiar with the history. It's just that, all prior art aside, the
term "container" at this point in time has a pretty particular connotation.

------
wakkaflokka
I'm on the nightly and it says the extension is not compatible with my version
of Firefox. Is this only for <56?

~~~
jacobmischka
Nightly has this built in actually, though the icon looks a little different.
Enable it in about:preferences#general in the Tabs section. The icon looks
like a file cabinet.

~~~
chrismorgan
The built-in functionality doesn’t have nice things like “always open this
site in such-and-such a container”.

~~~
evilpie
You can still install the github version in addition to that, which should
give you that feature again! [https://github.com/mozilla/testpilot-
containers#readme](https://github.com/mozilla/testpilot-containers#readme)

~~~
chrismorgan
Indeed: that’s how I use it. (I use this to keep work and personal stuff
separate because of a couple of services that don’t support multiple
simultaneous logins.)

------
lucaspottersky
this is _AWESOME_!!!

maybe the best feature since HTML5 has gone mainstream!

i'm so tired of using Icognito Window for that!

------
Tajnymag
Do these separate history as well?

~~~
nachtigall
No, but please upvote if you also want this feature ;)

[https://github.com/mozilla/testpilot-
containers/issues/47](https://github.com/mozilla/testpilot-
containers/issues/47)

------
1024core
> and online trackers can’t easily connect the browsing.

For what definition of "easily" ?

------
teekert
Huh? Did I just add this and got a "Firefox screenshots" icon with it?

~~~
sp332
That's a built-in Firefox feature.
[https://screenshots.firefox.com/](https://screenshots.firefox.com/) I thought
it was only included in Nightly builds but I guess they pushed it to Beta?

~~~
pbhjpbhj
I think they pushed it to main? It appeared unsolicited on my toolbar (on
Kubuntu) with last update I did -- I would have thought they'd been warded off
adding unrequested feature buttons by now. Would it be that hard to have an
update page that says "do you want to add $commercialTieInButton"?

~~~
sp332
There's no commercial tie-in though. It's 100% first-party.

~~~
pbhjpbhj
It was more a general point, like for the Telefonica button, the Pocket
button, etc., this links to a particular image upload tool though doesn't it?
Only looked at it long enough to find if I'd got malware.

~~~
sp332
Yes but it's run and hosted by Firefox. It's even covered by the Firefox
privacy notice.

------
MadWombat
But is it going to work once FF drops add-on support?

~~~
yoasif_
Firefox isn't dropping add-on support, they are deprecating their old add-on
model.

But yes, this continues to work after Firefox 57.

------
lasermike026
Awesome! I wish the UI was a little tighter.

------
anovikov
Will be cool for many Upwork account brokers

------
Multiuser
I have just downloaded Firefox Multi-Account Containers but I can't find
information on how to use it.I am not an expert.

------
esaym
Is the "initial" version really "4.0.1"?

~~~
urda
Why are you so concerned with a version number?

It is just a number.

------
timthelion
I love this! I tried to do this by running multiple instances of firefox in
separate Docker containers using software I wrote for the task (see
subuser.org), and while it works, for more than a few different accounts it
gets slow to switch between them because my system won't keep all of the
instances of firefox in memory.

------
akerro
How did they know I have multiple personalities? Are they watching me?

~~~
fukusa
They are watching all of you.

------
doe88
Just a word of caution, anecdotely I installed the _Container_
extension/feature 2 weeks ago when this was discuted on HN, I opened some tabs
in different contexts, copied important links I wanted to keep, then decided
to _hide_ them, then finally yesterday I wanted to read one of these links, I
go look in the menu... Pouf gone, all my links gone... Least to say I was
happy.. Therefore not only I have uninstalled this feature but also _Test
Pilot_ altogether. I decided from now on to keep things simple because it
seems this is only what really works. Maybe I'm rambling a bit, but the sad
truth is I don't have much trust in Firefox anymore, I use it because it is to
me the least worst browser, not because I really enjoy using it.

