
Firefox Now Available with Enhanced Tracking Protection by Default - teddyfrozevelt
https://blog.mozilla.org/blog/2019/06/04/firefox-now-available-with-enhanced-tracking-protection-by-default/
======
whizzkid
It is funny how my browser preferences has changed over last 5 years.

2014 me as a developer had Chrome as number 1 browser for both development and
all rest. Firefox once a month just to check cross browser compatibility. And
Safari was just installed without me using it.

2019 me uses Safari for everything except development. Excellent power
consumption and UX. Firefox for development. And lastly Chrome for all web
apps that only work on Chrome. ( Google Meet etc. ) I feel much much better
that I am not dependent on chrome.

~~~
iscrewyou
I would love to switch to safari. What do you use for ad-blocking?

~~~
Wowfunhappy
UBlock Origin supports Safari: [https://safari-
extensions.apple.com/details/?id=com.el1t.uBl...](https://safari-
extensions.apple.com/details/?id=com.el1t.uBlock-3NU33NW2M3)

~~~
iscrewyou
I didn’t realize unlock origin works on safari. This is very helpful. Thanks!

~~~
latexr
It’s deprecated.

------
ziddoap
>For new users who install and download Firefox for the first time, Enhanced
Tracking Protection will automatically be set on by default as part of the
‘Standard’ setting in the browser and will block known “third-party tracking
cookies” according to the Disconnect list.

Despite other issues, which there are some, I'm really happy to see FF not
only enable more ways for users to protect themselves - but to be rolling it
out as a default.

A lot of non-technical users I've encountered usually want the extra (usually
non-default) protections, but don't know where to begin (or what is even
available) so they continue with the default installation. FF setting some of
the more mature privacy protection features as a default moving forward is a
great sign of commitment to the cause of bringing privacy to everyone. Even
those who don't know how to poke around the settings or about:config.

>Today, we’re releasing the latest update for Facebook Container which
prevents Facebook from tracking you on other sites that have embedded Facebook
capabilities such as the Share and Like buttons on their site.

This is a much needed change that I'm also really happy to see. Not really
containing anything if the embeds still function.

~~~
godelski
My parents are completely tech illiterate. But they are also afraid of this
tracking and becoming much more aware of this power. So they ask me to set up
their browsers to do so. I don't go full in, but basic stuff. There are still
little hiccups but even they are happier to have small hiccups than be
tracked. They see it as a fair trade-off. I think this attitude is common non-
technical users.

Tldr: I fully support security by default.

------
PatrolX
I've dumped Chrome altogether since FF 67 was released.

My only gripe is they still aren't blocking ALL ads, but regardless it's a way
better user experience now than it ever was.

Firefox 67 feels like a whole new beast compared to their older versions.

If you haven't tried FF for a while I recommend doing so and I suggest trying
it across multiple devices. The tab management, syncing, pinning and sending
etc. across multiple devices is awesome.

~~~
Jonanin
They can't and likely won't ever block ALL ads because they are funded through
a search contract with Google. The whole point of that contract is to drive ad
revenue.

~~~
chii
As netizens, is there a way to replace Mozilla's dependence on another private
company for revenue? Govt grants? Or is merely donations the only way?

~~~
ericd
idk, but I’ll happily pitch in a monthly donation for what is by far my most
used software.

~~~
ionised
Same.

I depend on and use Firefox enough that I'd happily pay monthly for it.

------
binarymayhem
I'm not sure why the "Multi Account Containers" are not built into the browser
but I found this add-on to be a motivating factor in switching to FF.

[https://addons.mozilla.org/en-US/firefox/addon/multi-
account...](https://addons.mozilla.org/en-US/firefox/addon/multi-account-
containers/)

~~~
edraferi
When I first tried to switch to from Chrome to Firefox, I got frustrated by
the different approaches to user profiles, but multi-containers fixed it for
me.

Chrome makes it easy to switch profiles/accounts with the account button in
the top right, but Firefox profile management is clunky. You have to choose on
startup and can’t launch a window with a different profile from the browser
itself.

Next time I tried, I found Multi-containers! It’s EXACTLY what I was trying to
do with Chrome Profiles (isolate cookies per persona) and it improves on
Chrome in a couple ways:

\- lighter than Chrome profiles, very fast to create new containers

\- Not tied to a google account

\- multiple containers in the same window

\- Domain-specific rules make sure you don’t cross-contaminate containers
accidentally

\- Profile stuff like History and bookmarks is shared across containers and
securely synced with client side encryption by default.

You can also get a REAL win for privacy by adding the Temporary Containers
extension [0]. This lets you create arbitrarily many containers. It defaults
to being an option (right click -> open in temp container) but can be set much
more aggressively. I have it create a new temporary container every time I
move to a new domain. Amazing.

That DOES require some manual configuration to avoid breaking complex products
like Office365. I created a huge regex that identifies Office365 domains and
triggers a whitelist with less aggressive isolation. Still, not too much more
work than running uBlock Origin with 3rd party resources disabled by default.

[0] [https://addons.mozilla.org/en-US/firefox/addon/temporary-
con...](https://addons.mozilla.org/en-US/firefox/addon/temporary-containers/)

~~~
zamu
> \- Profile stuff like History and bookmarks is shared across containers and
> securely synced with client side encryption by default.

That's actually why I prefer the full profile option in Firefox (i.e. running
'firefox -p' and selecting a profile). I don't want shared history across
profiles.

------
hn_throwaway_99
It appears this would block pretty much all the major analytics tracking
cookies (e.g. Google analytics, mixpanel, etc.) based on the linked Disconnect
list,
[https://disconnect.me/trackerprotection](https://disconnect.me/trackerprotection)
.

While I realize that's kind of the point, in my mind there is somewhat of a
difference between "the site I'm on is tracking me to figure out how I use
their site" vs. "any site I visit is essentially aggregated data because all
the sites use the same major trackers and ad networks". I wonder if the big
analytics companies will need to change their business model, or at least
their tech, to account for these kinds of changes.

~~~
jeena
They could ask me how I use their site, instead of giving the data about every
step I do to 3rd parties.

~~~
creato
People that respond to such questions surely are a very biased sample of the
overall user base.

~~~
chris_wot
So let's make more people respond to such questions. The answer is not to say
"it's biased" but to fix the core issue.

~~~
cortesoft
No. I hate those questions and don't want to answer them. Just let me use your
site and figure out what works from there.

You can still have analytics with this Firefox change, you just have to use
your own domain for the cookies.

------
TazeTSchnitzel
It sounds like this is similar to what Apple added to Safari two years ago
([https://techcrunch.com/2017/06/05/apple-adds-a-tracker-
block...](https://techcrunch.com/2017/06/05/apple-adds-a-tracker-blocker-to-
desktop-safari/)), though I don't know the details.

I will be excited for the day when Privacy Badger is an unnecessary extension.

~~~
floatingatoll
Safari uses a machine-learning classifier algorithm to determine which third-
party sites are trackers: [https://webkit.org/blog/7675/intelligent-tracking-
prevention...](https://webkit.org/blog/7675/intelligent-tracking-prevention/)

Disconnect may or may not use M-L classifiers in their selection process, I
don’t know.

~~~
edraferi
Similar to Privacy Badger?

[https://www.eff.org/privacybadger](https://www.eff.org/privacybadger)

------
telaelit
I can proudly say that I’ve ditched Chrome for Firefox for about a month now.
The first few days were a little rough (migrating passwords and what not), but
now I love it. Keep up the good work FF!

------
SamuelAdams
I'm an existing Firefox user. Is there a short list of settings to check to
make sure this "Enhanced Tracking Protection" is enabled?

In short, I'm looking for a list of instructions: go to Options > Privacy and
Security > Content Blocking > make sure cookies is set to at least "All third
party cookies...".

~~~
floatingatoll
I think you’re just about right - it’s Options > Privacy > Content > Custom >
“Block third-party trackers”.

(It is _not_ “Block all third-party cookies”, make sure to select the correct
one.)

~~~
toastal
And yet you've sadly got some companies like Alibaba[1] telling users to
enable all third-party cookies. This is terrible advice.

1: [https://www.alibabacloud.com/help/doc-
detail/62160.htm](https://www.alibabacloud.com/help/doc-detail/62160.htm)

------
Jonanin
I like these updates just as much as everyone else, but I can't help but think
they seem a little bit like biting the hand that feeds you. What will they do
when Google decides against renewing their Firefox search contract? Mozilla is
highly dependent on the hundreds of million of dollars this contract provides.
The politics of this situation are interesting for sure.

~~~
xfitm3
Mozilla's #1 priority is not to piss off Google, so I'm sure there was a
conversation before this happened. Besides, when it comes to money, Google
profits many times over whatever payout they give Mozilla.

~~~
gavindean90
It was a few years ago that the default search engine for Firefox was Yahoo. I
would think that Google would be happy to see Firefox fighting back at them.
You don't have a monopoly if Firefox is going strong.

------
rukshn
Unpopular opinion on HN - Majority regular net users don't care about tracking
and the FF focus on privacy will not give them the browser landscape they are
losing daily.

They should be focused on giving a better smooth UI, make it faster, remove
unwanted extensions like pocket, make all the sites work.

Let's see how valid this comment is in couple of years.

~~~
ken
Agreed (except for those specific examples). User experience is the gateway
drug. As long as the standard keyboard shortcuts and preferences panel don't
work right in Firefox, it doesn't matter how fast or standards-compliant the
HTML rendering engine is.

Privacy is vegetables -- I know I should eat more, but I'm not going to go out
of my way for it.

~~~
brigandish
How about "Privacy is vegetarianism" instead? Just 20 years ago I'd have
trouble going out for a meal in London because there was maybe one (one!)
dedicated veggie restaurant in the whole city and lots of places didn't even
offer an option on their menu.

Now, everywhere offers a vegetarian option, it's normal. What it took was
dedication by fanatics* and to increase mindshare amongst the young. I'd
venture that the same conditions would reap the same rewards with privacy.

* that's a wee joke… or is it? :-)

------
TheArcane
Multi-account containers is probably why I won't leave Firefox. I have
different containers for Facebook and all its websites(instagram, whatsapp),
google, amazon, Microsoft.

~~~
trickstra
isn't that the same as the Person profiles in Chrome?

~~~
cordellwren
No, Profiles are an entirely separate feature that Firefox also has. Setting
up separate profiles for every major site could achieve something similar, but
that would obviously be unimaginably inconvenient. Containers are like
sandboxed virtual browser instances that nullify most methods of cross-site
tracking, while also enabling you to conveniently stay logged in to all of
your sites. Switching between the containers is seamless, and does not require
any conscious user action apart from initially setting them up. Plus, the real
kicker is using Temporary Containers as the default setting for new tabs,
which can make it as if every Google search or inconsequential browsing
session is done in a Private Window instance. This means there's no way in
terms of cookies and trackers for Google to obtain cumulative data about your
searches and browsing habits, but you can safely keep local records of your
history if you want. There's no way to achieve any of this in Chrome with
anything approaching the same level of simplicity or convenience.

~~~
trickstra
How so? This is exactly what personal profiles do. Keeping a separate cookie
jar, local storage, history, extensions. Basically only the browser version
and OS related stuff is left to track you. Ok, except if Google tracks browser
usage directly. I've been using separate profile for each of the evil websites
I have to use, no cookie leaking.

~~~
edraferi
Firefox splits the functionality of Chrome profiles into two different things:

Profiles contain all your settings, history, bookmarks, themes, sync settings,
etc. They’re stored in a folder on disk. It’s kinda a hassle to switch between
them.

Containers isolate cookies (and other stuff?) within a single tab or group of
tabs. It lets you run a specific website or set of websites in isolation from
your other browsing activity. This has security benefits, but is also great
for logging into the same service with multiple accounts simultaneously.

I was initially annoyed by Firefox profiles because they’re clunkier than
Chrome accounts, but was very happy when I figured out that Firefox Containers
gave me the isolation benefits I was actually looking for, with some real
improvements over Chrome.

~~~
TheArcane
I do wish there was a sync option, since I have to setup the containers and
rules for opening websites in those containers every time from scratch.

------
eudora
Knocking it out of the park, Mozilla, keep it up.

Getting more people on Firefox would do the tech world so much good,
diversifying who controls what in the web.

------
eikenberry
Starting to look forward to July when the next ESR will be out. Really tempted
to just go ahead and upgrade to FF67 now but have grown fond of the stability
of the ESR releases.

~~~
jillesvangurp
I've been on the Beta channel for the last few years. I can't remember the
last time it crashed. It's just not a thing with Firefox these days. But then,
they do push out new betas every few days so I end up restarting the browser
quite often. Either way, stability is fine even with the Betas. I'm pretty
sure there are quite many beta users so by the time a release comes out of
beta, it has already survived many weeks of testing in the field by gazillions
of real users abusing it on all kinds of platform and hardware combinations.

So, stable should be perfectly fine for day to day use if you feel less
adventurous. It's basically the release intended for world+dog. The only
people actually using ESR probably are enterprises that for whatever reason
actually care about which version of Firefox they are using and third party
software integrators that just don't want to deal with major changes every
minor release. Tor browser is a good example.

I'll click the update button after clicking reply. It seems I missed a few
updates. Zero issues that I noticed with this one: 68.0b4.

~~~
eikenberry
Thanks. I switched to Chromium way back when FF first started their fast
release cycle and kept breaking all my plugins. I finally switched back about
a year or so ago and stuck with the ESR releases to be sure to avoid that. But
now that they seem to have a stable plugin API I was considering switching to
the standard stable releases as it doesn't seem like it should be an issue
anymore.

Though that also means finding a good source for them as I currently just use
the packages from Debian Stable (well, upcoming stable as I upgraded to Buster
early).

------
frenchman99
The article starts with: "It’s been several weeks since I was promoted to
Senior Vice President of Firefox, responsible for overall Firefox product and
web platform development."

How is this relevant? Did Dave Camp's SVP appointment trigger these changes?
Honest question, because this is the first sentence of the article and I'm
having a hard time understanding why.

Tracking protection is great though. I hope Firefox gains market share again,
I love the direction it's taking.

~~~
jammygit
A local struggling theatre company has a new president and the theatre is
thriving under him. He told us in private that everything about his public
appearance is curated in order to give the theatre a face, and that its an
important part of saving struggling theatres - to attach a face to it.

Maybe it’s the same thing?

------
temac
Ironically, it triggers on blog.mozilla.org :/

~~~
a1369209993
It's worth noting that this isn't actually inconsistent. If your browser does
security properly, blog.mozilla.org saying "here, have some malware" doesn't
matter because it will be ignored. If it _doesn 't_, one more website serving
(functionality-irrelevant) malware makes it that much marginally more painful
to keep using a defective browser.

~~~
stkdump
Wait, are you saying that blog.mozilla.org serves malware?

~~~
a1369209993
Well, _I 'm_ not, but temac is saying that Firefox's Enhanced Tracking
Protection is saying that blog.mozilla.org serves malware. I'd call that
plausible and presumed true for the sake of discussion but unconfirmed.

------
arendtio
Does anybody have experience setting up and running a custom FF Account/Sync
server?

[https://mozilla-
services.readthedocs.io/en/latest/howtos/run...](https://mozilla-
services.readthedocs.io/en/latest/howtos/run-fxa.html)

~~~
jeena
I set it up 2015 [https://jeena.net/firefox-
sync-15](https://jeena.net/firefox-sync-15) and it's running on my server ever
since mostly without problems. I think it hang one time so I needed to restart
it but otherwise great software, even though the documentation on how to
install it was kind of non existent back then. But now that also improved a
lot in addition that it's now easy to use on Android too.

------
tick_tock_tick
Now if only the could fix firefox to not be the slowest and biggest battery
draining browser on mac.

~~~
mostlysimilar
I believe this is related to using scaled resolution in macOS.

[https://bugzilla.mozilla.org/show_bug.cgi?id=1404042](https://bugzilla.mozilla.org/show_bug.cgi?id=1404042)

I was able to achieve way better performance by changing this to `true` in
`about:config`:

    
    
      gfx.compositor.glcontext.opaque
    

Another note, performance seems way better when changing the following to
`true`:

    
    
      gfx.webrender.all
      gfx.webrender.enabled
    

If anyone with deeper understanding of these options has any reasons why this
is a bad idea I'm all ears. Otherwise it's made my experience way better.

~~~
floatingatoll
The WebRender team seems to be rolling out very gradually and is, if I
remember a recent blog post correctly, restricting based on specific GPUs and
specific platforms that are proven to work without e.g. crashing or breaking
out various things (like window toolbars).

If you set these options, and then later on, you find that your Firefox is
super buggy and won't render anything properly and has weird crashes, it could
be because you set these options — and it might take hours or days to realize
that.

(And then reverse them, somehow, assuming that gfx.webrender.all hasn't broken
about:config!)

~~~
chronogram
I did definitely notice much better WebRender performance on Nvidia than on
Intel, so I turned off WebRender on the Intel laptop.

~~~
floatingatoll
I went looking at the WebRender blog and they are apparently still making
performance improvements every time they post an update, so make sure to clear
your override and let the defaults take effect in a few weeks - either it’ll
be better or (I assume) the telemetry data will highlight your OS+GPU+driver
pairing as needs-improvement (which it can’t with it force-disabled).

~~~
chronogram
Good idea, yes!

------
propogandist
All this does is cause advertisers to look at more advances mechanisms to
track users and make it 'mainstream' \-- like browser fingerprinting. These
are also not explictly governed by existing legislation, so they can also
worry about things like cookie laws and there's little to no defense.

~~~
baroffoos
Firefox has a setting you can enable to resist fingerprinting. It must do
something because every anti abuse measure on the internet flags you as a bot
once you turn it on.

------
agumonkey
Going back to Firefox nightly since the google ad issue. I'm sad to say,
Firefox UI still lags 2x more than Chromium (even abused with 40+ tabs) on my
old machine to the point of being a noticeable annoyance.

Hopefully Mozilla will have funding and manpower to improve this.

Thanks for the work nonetheless.

------
Mikeb85
I like all the work Firefox is putting in. Even though I'm not personally
against Chrome, I've been using FF lately and it's very good.

------
Sujan
The Lockwise addon is interesting - but that they are not using their own
addon site is strange.

~~~
abledon
why use lockwise instead of say, bitwarden?

------
rv-de
Is this setting extending ublock origin or already covered by it?

~~~
floatboth
Mozilla uses the Disconnect lists. uBlock has larger lists that include the
majority of _ads_ not just _trackers_ , but they do cover trackers as well of
course.

------
gzimhelshani
Been using FF for 3 weeks now, love it so far.

------
taurath
Does this block tracking pixels as well? Tag managers?

------
netwanderer3
People were racing to add those social media buttons linked to Facebook back
in the days and now they're scrambling to remove them. It's just funny how
this works.

------
stunt
I always use Firefox and will always use and support Firefox and Mozilla.

------
MikusR
Is there a version of Firefox that protects you from Mozilla installing mr.
Robot ads?

------
miguelmota
The only thing preventing me from completely switching over to Firefox is the
developer aren't as good as Chrome's which is faster and less clunky for
debugging.

~~~
mevile
I have not found this to be the case at all. The dev tools are amazing. I have
not yet had the chance to use them with a webworker or websockets so I don't
know about it compares with some aspects of chrome's dev tools.

------
pinkflounder
Can't compete with Brave.

------
rhaksw
This feature breaks hundreds of websites listed in a 5 year old issue [1]

The last descriptive update was 4 years ago,

> _As the list is increasingly managed according to policy, breakage is a
> feature, not a bug._

[1]
[https://bugzilla.mozilla.org/show_bug.cgi?id=1101005](https://bugzilla.mozilla.org/show_bug.cgi?id=1101005)

Among the broken websites is one I just completed, revddit, "removeddit for
user pages":

[https://revddit.com/user/rhaksw](https://revddit.com/user/rhaksw)

~~~
SquareWheel
Are you the one that created this bot on reddit?

[https://www.reddit.com/user/revddit/](https://www.reddit.com/user/revddit/)

Creating a bot to spam your own website is obviously against the site rules. I
see most of your posts on Hacker News are similarly promotional.

~~~
rhaksw
Promotion through censorship is what I meant to tackle when building the site,
so I'm sorry if you feel the bot or citing it on HN is too promotional. Isn't
this the place for sharing such work? If not here, where?

The bot itself only responds once per user or thread, and I've already
blacklisted some subreddits per suggestions [1]. Feel free to pm me at
u/rhaksw if you would like to discuss it further.

[1]
[https://www.reddit.com/wiki/bottiquette](https://www.reddit.com/wiki/bottiquette)

~~~
SquareWheel
Your bot violates multiple rules of bottiquette:

>[Please don't] write bots that reply to comments or send private messages
without solicitation.

>[Please don't] have your bot reply to every instance of a common word or
phrase

It also violates the site's self-promotion guidelines.

It's a spambot, plain and simple. I have reported it as such.

~~~
rhaksw
The site reflects users' own data, and I built it without pay. There are no
ads. I am sorry you are upset about it.

------
ghusbands
There's a huge political problem with protections that are on by default, and
that's that opponents (advertisers) can easily argue that they are not the
explicit will of the user and hence feel justified in doing whatever they can
to bypass them. So this action increases the justification for browser
fingerprinting and other dark tracking patterns.

The same sort of thing undermined do-not-track headers. The instant they
passed from being user-enabled to on-by-default, advertisers were presented
with a strong excuse to ignore them.

~~~
deadbunny
Bullshit. If I install privacy respecting software over non privacy respecting
software then you have to assume I want to keep my privacy and don't want you
tracking me.

~~~
ghusbands
I'm not tracking anyone. But the majority of Firefox users aren't choosing it
for privacy reasons, so these privacy-preserving features are not a good
signal that the user actually wants that privacy.

It was worse for do-not-track, as all the major browsers enabled it by
default, making it not at all a signal of user preference.

~~~
deadbunny
> I'm not tracking anyone

Context is fun eh.

> But the majority of Firefox users aren't choosing it for privacy reasons

I'd like some stats on that please. Given the market share Firefox has why are
people installing Firefox?

> so these privacy-preserving features are not a good signal that the user
> actually wants that privacy.

I consider installing privacy protecting software a pretty good signal but
maybe I'm being generous.

> It was worse for do-not-track, as all the major browsers enabled it by
> default, making it not at all a signal of user preference.

Seems like a pretty strong signal that people don't want to be tracked to me,
if a browser impliments something as a default then it would suggest to me
that they know more than 50% of their userbase would think not being tracked
online is a pretty fucking good idea.

~~~
ghusbands
> I'd like some stats on that please. Given the market share Firefox has why
> are people installing Firefox?

I don't have any stats, but I think many of the people choosing Firefox are
doing so because Google is getting scary and Microsoft's offering is always
warned against for security reasons, and that sums up the main browsers. In
this choice between three things, you're barely getting one bit of user
preference information.

> they know more than 50% of their userbase would think not being tracked
> online is a pretty fucking good idea.

Which in the mind of advertisers means the other less than 50% don't mind
being tracked and so they should be allowed to track. But maybe they'd just go
with any excuse.

I'm personally hoping that the EU at least slightly fixes things for Europeans
when it starts enforcing the GDPR with big fines. Once every site has the
required 'No, you may not track me' simple button, the nags will be less
irritating because they'll actually be working.

------
jacquesm
I have two main computers. One has for continuity reasons the old version of
Firefox, the other the new one.

The old version is so much more usable that I find myself using that computer
much more frequently. It is rock solid with 100's of tabs open, all my
extensions work and without silly restrictions on what they can and can not do
and it uses a lot less memory. It's measurably faster too. I'm all for
progress and improvements in software but after a long stretch of being a very
ardent FF supporter I really do wonder if they have a future. If a competitor
had a dream about what they could do to ruin Firefox they could not have done
a better job.

Enhanced tracking protection is great but it doesn't matter if you push away
your users.

~~~
zepearl
Just for my understanding, any special reason to have 100's of tabs open?

Meaning: I basically have a mindset which as a programmer would say: "shall I
spend effort trying to optimize my app for users that have 200 tabs open?
Naaaa, I don't see a usecase for that to happen."

~~~
jacquesm
Yes, sure. I do technical due diligence for a living and when researching a
particular company every time I come across another interesting link that
hasn't changed color yet I open another tab. Then I just keep reading until
there are no more tabs open, and no more interesting notes to take. It's part
of my workflow (and one of the reasons why the scrapbook add-on is essential
to me, another reason I do my work on the older machine).

~~~
teddyh
> _the scrapbook add-on is essential to me_

I found the ScrapbookQ plugin, which also is able (with some work, admittedly)
to import data from the old Scrapbook plugin:

[https://addons.mozilla.org/en-
US/firefox/addon/scrapbookq/](https://addons.mozilla.org/en-
US/firefox/addon/scrapbookq/)

------
misterman0
Sorry but I can't make the switch from chrome to ff because I don't buy ff's
agenda any more than I do Google's. Neither is in the browser game to make
money from great browser product.

I want someone to be as dedicated to the product as id was to doom. I want to
be able to use their browser for free for a year or three. If I still like you
then I'll mary you. Then I'll pay a yearly fee for as long as I live.

Edit: until you start to act a fool. If you do then you're out. Can someone
please create this product?

~~~
jmichaelhudson
I truly, truly do not understand what is going on here at HN.

2 weeks ago mozilla deactivated by super-incompetent accident all of their
security add ons and required a completely opaque 'studies' tool to push an
update.

With the security features deactivated tons of people who need to get work
done or didn't understand what was going on used the web with all of the
tracking features turned on, no doubt allowing tons of previously anonymous
stored data on users to be de-anonymized. They don't have to be able to track
everyone all of the time, you just have to really get a unique identifier on
the browser tracks left in the databases. Many FF installs in linux
distributions ceased to function at all.

These simple observations went hardly remarked on HN.

BoingBoing.net which has previously covered security issues well, somehow did
not notice/report this event, which stands out in recent memory as one of the
worst privacy catastrophes. An inquiry to Mr. Doctorow himself in regards to
this, as well as why there is still a tracking F on the page in 2019, has gone
unanswered.

Now, a month later, without any further discussion of this event, Firefox
wants us to trust it to single-handedly defeat tracking with a single new
catch-all feature.

On HN, top rated comments, rather than expressing skepticism and asking for
details, are about a completely different browser, Safari.

Perhaps the best comment after the firefix addon-aggedon noted, FF does not
have to have a studies feature, it does not have to push automatic updates, it
does not have to have a single signing certificate for all of the add-ons
which creates a single point of failure. This line of inquiry is devastating
to the true nature of mozilla and the loyalties of the individuals behind this
code.

I am posting this as a response to the lowest rated, yet in my opinion best
comment in this topic, hoping that other people who notice the complete
distractions and consensus cracking going on all over the place above the
fold, will know where to look for someone saying something intelligent about
the situation.

And so this: the problem is not the computers and the software, it is the
nature of these institutions and the people in them. Semi-corporate half-
charitable, expansive things like whatever Mozilla is lend themselves easily
to the same sort of infiltration and takeover as normal, evil, corporations.
Do you not think the fbi, cia, air force and mossad have been spending years
getting their agents into the 'key positions' at mozilla? Does mozilla(or
canonical) seem to you like an organization who could resist this sort of
effort?

It is now obvious that Firefox is run by the enemies of open culture, and
having only the choice between FF and Chrome, developed by an even less
trustworthy institution, the internet as dreamed of by people who care about
freedom and liberty of the individual is in serious trouble.

So the comment to which I am replying is the best, what shape of institution
will create software to make the internet open and fair, and facilitate free
speech without infiltration and subversion by spies and paid propagandists?

Why can all of the kings horses and all the kings men not create a functional
browser that doesn't publicize reading habits and de-anonymize with extremely
obfuscated input analysis, if not outright keylogging and password theft and
intentional malware backdoors?

The browser has replaced the television for most people, if you haven't
noticed, so this is important and how discusion platforms like hackernews deal
with the discussion of this, reveals all we need to know about the institution
and individuals behind hackernews.

Something is rotten here and it could not be more obvious to anyone still
capable of independent thought.

------
The_rationalist
Please tell me I'm misunderstanding something! By enabling by default the
blocking of those third party scripts:
[https://disconnect.me/trackerprotection/blocked](https://disconnect.me/trackerprotection/blocked)

This Wil have three consequences: _Many websites will partially break? Which
ones?_ webmaster will lack many data necessary to understand what users do on
their platform, where they missclick, what they don't use etc, thus
diminishing the ability of webmasters to make great products. *the most
dramatic one: People will see ads but the owner of a website will no longer
earn ad money, because those are the third party scripts that allowed to prove
to the ad platform that a user had effectively seen X ads.

~~~
zwaps
Webmasters should have thought of that before littering their website with
hundreds of off-site scripts and packaging all data and behavior and sending
it off to dozens of tracking companies.

"great products". Yeah, websites used to be much, much better before loading
every bit of text with a remote javascript.

Here's a behavioral data point: Go back to making good websites and stop
leaking private data everywhere. That's a great product.

~~~
antisemiotic
>loading every bit of text with a remote javascript.

This update is only about a select list of "bad" domains, though. I don't
think most users would want to block literally all third party scripts
(Source: I use uMatrix set to do that, and every other site I visit requires a
complicated ritual of unblocking layers of scripts, frames, and XHR. Don't
even get me started on static sites that display blank without scripts from a
dozen CDNs. At least it's a good opportunity to rethink if I really want to go
there)

~~~
zwaps
What good is blocking google tracking subdomains while neatly packaging the
exact same data and sending it off to google cdn and tagmanager?

