Hacker News new | comments | show | ask | jobs | submit login
How Firefox Got Fast Again (hacks.mozilla.org)
2180 points by bpierre on Nov 13, 2017 | hide | past | web | favorite | 687 comments

I switched back to Firefox 54 from Chrome when multiprocess browsing ("Electrolysis") came out of beta. It's been absolutely great. It's fast and I trust and like the nonprofit behind it. And all the extensions I care about are available.

My main issue with Chrome was the endless nags to sign in to a Google account, and just generally wanting less dependence on Google. I also like that Firefox has a built in tracking protection (not just Do Not Track toggle but actual blocking of trackers). That's something that's just not in Google's interest to put in Chrome.

Browsers are becoming more and more aggressive in protecting the interests of users. Becoming true "User Agents," in other words. See also Safari iOS allowing content blockers and now in iOS 11 blocking some popular tracking behaviors by default. It's absolutely great. And it's not surprising to me that Chrome is not a leader here. It's owned by the biggest advertising company on the internet. I predict Chrome will continue to lag on pro-privacy, anti-nag features.

Thanks for the reminder. I just downloaded the latest FF beta and exiled Chrome to an "only when needed" role.

All the back-and-forth about speed and features is understandable, but misses the point that Firefox needs our support if we are to have any real non-proprietary options for what is quickly becoming the base system abstraction layer for most computing.

Indeed this is the main point, and the reason I've stuck with Firefox ever since it launched, despite being rather slow a few years back. This is the only browser engine that is not shaped by major corporate interests. And frankly it has no major downsides as compared to Chrome. The latter only enjoys the market share it does (in my opinion) because of being aggressively pushed on Google.com and being bundled everywhere.

I gave Firefox a try a month or two ago when people started saying it was good again. I think I had a problem with uBlock origin not working well enough - too much crap was getting through. What are people using for adblock?

I think I know what you're referring to, if you were using one of the unstable (beta, nightly, developer edition) channels with Firefox 57. There was a brief period I noticed during which the uBlock Origin WebExtension edition wasn't fully up to par with the old XUL-based version, letting some ads slip through. That's been fixed since then.

Though not a adblocker, Privacy Badger[0] works well as adblocker for me

[0] https://www.eff.org/privacybadger

uBlock origin with uMatrix

I use uBlock Origin plus uMatrix but I have to say that it's probably only for people who are really serious about security. It breaks nearly every site by default.

This really depends on the lists that you use in each. Research exactly what you want to block. I personally don't like a few of the lists for that specific reason, they block everything all together, not just tracking pixel domains and things of that nature. There is also an official uBlock Origin Extra extension that I find very handy for blocking websocket garbage. This is becoming more important as websocket connections become more prevalent. https://github.com/gorhill/uBO-Extra/wiki/Sites-on-which-uBO...

uMatrix doesn't have any predefined lists though, you have to configure each site's matrix on first-visit, and it defaults to deny.

Does uMatrix really give a lot more security on top of uBlock Origin, in exchange for all the inconveniences?

I tried several times, but ended up sticking to a sandbox (firejail) + uBlock Origin + HTTPS Everywhere.

I wonder this, too. I use uBlock Origin in medium mode (advanced settings available, no third-party scripts or frames until enabled), and it seems to do what's needed. It breaks a lot of things, but also makes it easy to fix them.

You can just run uBlock in medium or hard mode...

On one of my laptops I downloaded a hosts file with a comprehensive list of advertising hostnames. This was to be able to browse with Edge back when it didn't have extensions and certain ads made it freeze. It was a bit of a pain because I had to go through the whole file to make sure there was nothing dodgy going on. But it did the trick.

I thought of making a script that updates that file automatically, but I can't say I've seen any ads on that laptop even without updating the file for months, so hasn't been my first priority.

AdBlock Plus was working well, until now, when they were forced to change the UI in 3.0 to be compatible with Firefox's new version. Now it is practically unusable.

Unfortunately Firefox breaks usability features at notion.so and app.intercom.io, so I still have to use Chrome (on Linux).

BTW: if using Android, if FF is not for you, try Brave instead of Chrome.

It feels exactly like Chrome (it's Chromium-based), but has a built-in adblocker, tracker blocking, HTTPS everywhere, no nagging to sign in, and does not throw "suggested news" (with no opt-out) upon you. Brave's founder is ex-Mozilla's CEO (Brendan Eich).

However latest FF on Android is actually not bad, at least if you have a modern phone (the UI feels slowish though on pre-2016 phones).

Use FF nightly on Android. It's got the quantum update and it's great. I haven't had it break on me yet, but I keep a working APK just in case.

Has it actually got Quantum DOM as well? I was under the impression that it was merely Electrolysis and Quantum Compositor (i.e. the speedups from Firefox 54), and that the massive on from 57 was still set to arrive?

The prioritization parts of Quantum DOM have landed. There is some work around preemption that still needs to happen. We should have a post talking about this coming out in the next few weeks.

I tried Android Nightly but there are still 2 small yet noticeable things Mozilla should improve (which are not at all linked to the page rendering in itself) - when it's done, it could really rival Chromium-based browsers:

- when you swipe fast, the page only scrolls by like 30%, instead of scrolling by 200% like in Chromium browsers. Basically it's impossible to quickly scroll a long page on Firefox (maybe it's configurable somehow in about:config?)

- when you long-press a link, it takes like 2-3 seconds for the menu to open. As I "open in new tab" by default, this quickly adds up.

Do you have to install the nightly build manually or can you opt-in via the default version?

Nightly and beta releases are available as separate apps.

Google Play store link for Firefox Beta: https://play.google.com/store/apps/details?id=org.mozilla.fi...

Google Play store link for Firefox Nightly: https://play.google.com/store/apps/details?id=org.mozilla.fe...

Wow, I didn't know Nightly got into play store, I installed it as an APK from mozilla site (upgrading APKs is painful in comparison to play upgrades).


From what I've read, Brave doesn't block ads -- it replaces them with other ads. I don't think that it's a good idea.

Firefox for Android also allows browser extensions, which gives some control of the software back to the user.

Except that it does actually block ads and doesn't replace them. Don't believe everything you read on the Internet when you can just try the product :)

Except it does. It has the functionality to do BOTH.

The tagline of giving the option to either disable ads or replace ads is to provide a way to enjoy an ad-free experience or to receive only optimized advertisements.

A big reason some users dislike ads isn't because of their entire existance but rather their tendency as of late to be malware-ridden or cause drops in webpage performance. These are the things that cause some users to enable ad-blockers, and Brave is the only way I've heard of that has pushed the envelope of a BETTER ad experience.

From their blog, the first is a great introduction to what Brave is about[1], as well as their response to an attack on their ad-replacement ideology[2].



Also a quote directly from Brave:

    [The user interface] shows the major choices that Brave enables:

    You’re game to try our default mode of operation, for a better ad-supported Web. Just leave the Replace Ads item checked. This is the default mode of operation. We insert ads after blocking without hurting page load speed, and those ads will support the sites you browse. We choose ads based on browser-private user data with no remote tracking — not even by our servers.

    You want to block all ads and trackers, but you’re not sure about our plan to insert better ads with high performance and privacy. You can do this with Brave by checking Block Ads. We want you on board even if you’re just blocking everything.

    You’d like to try Brave without ad blocking or replacing, to get whatever ads and trackers you would experience in other browsers. Check Allow Ads and Tracking. We still protect you with HTTPS Everywhere and other defense by default.

>A big reason some users dislike ads isn't because of their entire existance but rather their tendency as of late to be malware-ridden or cause drops in webpage performance. These are the things that cause some users to enable ad-blockers, and Brave is the only way I've heard of that has pushed the envelope of a BETTER ad experience.

AdBlock Plus also does something equivalent through their default option to show "Unobtrusive ads."

The problem with AdBlock Plus is that, as far as I can tell, the way to get on their "unobtrusive ads" list isn't to actually be "unobtrusive" to any meaningful standard, it's to pay them to qualify you as unobtrusive.

That's not my experience with ABP. So far I haven't found any actually obtrusive ads and as far as I am concerned, they are holding up a good standard.

That doesn't have anything to do with experience, that's just a fact. Advertisers pay ABP to get on the list.

Yeah but that doesn't change the fact about the requirements to even be able to pay to get on the list.

It's a trust issue in summary. You either trust them to do a good job at screening or not.

IIRC, you pay them (not a lot) to check out your ads and verify that they are, in fact, unobtrusive. I realize it's distasteful that money changes hands at all, but I can imagine it takes a non-trivial amount of person-hours to vet these things on a large scale, and it should be easy enough to tell if they're crooked or not just by using ABP and seeing if the permitted ads are intrusive.

When I used it (until after their ad whitelisting came in), I found that they did a poor job of blocking obtrusive ads, then. Either that, or their standards for "unobtrusive" were low.

I switched to a better adblocker, so now I just whitelist sites whose ads I'm willing to see.

> Don't believe everything you read on the Internet when you can just try the product

I read about it on their own website:


"Brave’s goal is to speed up the web, stop bad ads and pay publishers. One of the ways we plan to accomplish this is with ad replacements."

"Step Two: Brave Replaces Ads"

I'm using Brave on Android and it does block ads, here is the ad block engine they use: https://github.com/brave/ad-block. The replacing of ads thing isn't implemented yet, and I expect that it can be turned off when that feature has landed, like the Brave payments thing that is currently opt-in on the desktop version: https://www.brave.com/publishers/.

I was not aware of it - thx for info. A bit strange indeed.

Link for the other if interested: https://www.brave.com/about-ad-replacement/

Edit: from the link content, I understand they actually backtracked from this proposal after a backlash from publishers.

I use ff on my galaxy s5 and the ui isn't noticibly slow, but I'm on lineageos (cyanogen) and keep apps from running when not needed so ymmv

I switched to Brave a few days ago and have never been happier. The problem with firefox on Android is that it is extremely slow, though apparently not for everyone. Slow in the sense of tapping a link, then having to wait 5 to 10 seconds before the GUI updates and the link starts loading. It's incredible and I never found a solution to this problem. It's a pity really.

i would be using FF on Android if the scrolling was not so crappy. It's pretty terrible :(

... <scrolls down and up> ...

What do you mean?

There are two distinct problems I've noticed with FF scrolling vs. Chrome on Android.

First is that certain elements block scrolling. I use FF primarily for Facebook (since FF allows me to use my – shameless plug – idle-time faker extension [1]). If my scrolling thumb lands on the "Like" button of a post, the screen just stays put. So about 1/3 of my "scroll" gestures are in vain.

Second is that "flinging" motions don't register very well with Firefox. With Chrome, "flinging" sends the web page flying at a predictable speed; with Firefox, it lags for a fraction of a second before scrolling at a random speed which is usually much slower than that in Chrome. It's as if Firefox doesn't register the final thumb flick of a "fling", but Chrome does. Since "flinging" is my primary method of browsing longer web pages, ultimately my thumb has to physically do more work, and gets exhausted more quickly, when using Firefox than Chrome.

A third nitpick is that, while (non-flinging) page scrolling keeps up with my thumb, it does so in a jerky manner, like it can't quite keep up with rendering, or it doesn't see all the touch events. Reminds me of an old PDA. In contrast, scrolling in Chrome is very smooth. This looks ugly but I could live with it.

It is the first to two issues that prevent me from using Firefox on Android for anything but Facebook.

[1] https://addons.mozilla.org/en-US/android/addon/social-networ...

There are some values you can tweak in about:config, but I've never gotten it to be as smooth as Chrome. I know the FF team are well aware of the issue, but I figure all resources have been tied up by the upcoming FF57. As far as I know, WebRender will help.

Thank you for an in-depth explanation! I guess I use browser quite differently (qnd on simpler pages) so I never noticed any of these things.

Well dealing with certain sites covered in Javascript elements (YouTube comments on the mobile site comes to mind) the browser's 'memory' of clickable elements don't always update with each swipe. So tapping one element on a site ends up triggering something else on the page.

Have you tried the Nightly or Beta builds?

using FF on a BQ Aquaris X. I don't notice any issue of speed or scrolling.

I have moved entirely to Firefox Focus. My only problem is that the GOOGLE BAR on my home screen still throws trending suggestions and opens up chrome. Does anyone know if I can change this?

Install a non-exotic alternative launcher. I use Nova, it's very similar to the Google launcher and well polished. Not sure if all vendor images allow it. I have a Moto G5 with the vendor image.

I find it quite interesting that Android even has all the interfaces and permissions to allow alternative launchers. What a great feature in this generally fairly locked-down space of non-PC OSes.

I don't know about Focus, but you can configure Firefox for Android to act as a replacement for the Chrome Custom Tabs API, which apps use to launch those mini-Chrome windows. Caveat: I use the Nightly builds, and I'm unsure how new this feature is.

Can you install add-ons in Focus? When I tried you couldn't and that made it less privacy friendly than vanilla Firefox with Ublock.

Anecdotally, I have found that Brave chokes on some obscure websites (i.e. it won't play video or audio).

FF57 stable is arriving tomorrow. But you can get it from the FTP server today:


> exiled Chrome to an "only when needed" role

It's been my second browser for Twitch and Netflix only for a while now. I'm bit even sure how useful that is anymore if I'm honest as I've not tried them in firefox for a while - but they used to be unusable and I've become accustomed to having another browser for them

You don't need Chrome for Netflix anymore; it seems to work fine in current Firefox.

I'll try again soon-ish but I was seeing the netflix home page freeze for 5-10 seconds on open and often going unresponsive which is just intolerable tbh

Was that with FF 57? 57 is a whole new browser, any impression you have that was created with a pre-57 version needs to be re-tested.

Yeah but for our support we need to start getting in depth with Firefox devtools again.

They have features not in chrome and Visa versa. But to blindly switch means taking a productivity penalty, at least temporarily.

The signing into an account in chrome is the killer feature for me. I have work and a couple of personal accounts that I have signed in in different browser windows. That allows me to keep things separate (extensions, mail, browsing, bookmarks, etc).

How do FF users do this?

The signing into an account in Chrome almost got someone fired at a small customer of mine a few weeks ago. Fortunately they called me first to look into it, I pointed out that the porn bookmarks in question were years old and that since Chrome was signed into a personal account it was pretty likely that the same account had been used by other family members at home.

I also wrote this up for the owners to send to their staff, feel free to reuse if appropriate for you:

We’ve seen at least one situation recently where a user “signed in” to Chrome when prompted, which brought that user’s personal bookmarks and website logins onto their work computer. While Chrome offers this as an option, there are no situations where your personal account should be linked to a browser at work – if you need to be using personal email, etc. please do so from your own phone or other device on your own time. This is for your own privacy and security as well as for the practice – we want to not have your personal data on our systems, and you don’t want your private email, bookmarks, etc. accessible to anyone else who happens to be at your desk while you’ve stepped away.

If you have linked your browser to a personal account, please remove that connection using the instructions below.

You can check whether Chrome is linked to an online account by clicking on the small person icon at the top right corner of the window – just to the left of the “X” to close the window. • If you click on that and it asks you to sign in, you’re not linked to an account. • If you click on that and it lists a personal account, click on “Manage People” to open a new window listing connected accounts. On each account there are 3 dots in the top right corner – click those and “Remove this person” • If you see a name rather than a generic person icon, click on that and use “Manage People” to remove that connected account.

Firefox offers a similar but less-used version of this that would have required creating a Firefox account to use Firefox Sync. If you have done this with Firefox please disconnect it; if you’re not sure then you almost certainly haven’t done this in Firefox and don’t need to worry about it.

I think the idea that you only access personal stuff from your own devices on your own time is unrealistic. There are restricted environments (intelligence agencies and such) where it's necessary, but outside of those I think people commonly expect that if they get their work done and avoid illegal / pornographic / other NSFW content, they can do some personal browsing at work, typically on work-owned hardware. The company can expect otherwise, but it may not work out well for morale / staff retention. I don't know anyone who comes in, maintains 100% focus on work for 8+ hours, and then goes home.

Of course, if someone is signing into their personal account using work hardware, they're basically saying they trust the company not to do any intrusive monitoring, where "intrusive" is something I'm deliberately leaving a bit vague. The company probably has some idea what sites they visit but employees expect that the company is not stealing their credentials or having someone virtually read over their shoulder without a very good reason. If outside intruders get into work device management servers and such, employees' personal stuff is at risk also, but they're willing to accept this for the sake of convenience.

I have, on my work-owned laptop, both work and personal Chrome profiles. (The analogous Firefox feature is multi-account containers.) I might only bring a work laptop when traveling for work. Most of the time, and certainly if I'm presenting during a meeting, I'm using the work profile. I'll use the other only when I'm alone. I lock my screen when I'm not there; I have sensitive access, so this is expected for reasons other than protecting my personal data.

Conversely, work allows me to access my work email and some other internal sites from my personal phone if I agree to certain device management restrictions. I do this rather than carry two phones. Some people choose otherwise.

> I think the idea that you only access personal stuff from your own devices on your own time is unrealistic.

Once upon a time that was the case - "Cyber Monday" as a prime case in point. Some limited amount of non-work browsing is generally still fine at most offices I deal with, most notably checking news, weather, sports scores, etc.

However as a person responsible for making sure there are no breaches (particularly reportable ones) at offices, I'm moving more and more to the "No personal use. Period. No debate." position. I can control the kind of filtering, AV checks and attachments that come into the office via the business email as an example, but if people are checking their personal email on company systems I may not be able to catch the "Huh, I don't remember ordering from them, I wonder what this invoice email is all about?" person. Antivirus is all well and good but it's not 100%, and while I can look at the mail filters and see that there were 400 PDFs with variations of "Delivery Notification" or "Invoice 1234567" blocked in the last half hour to a ton of different addresses, Jane Smith in Billing or Accounts Payable may only see one or two - and on a really bad day, opening just one may be all it takes.

Also, these days a huge percentage of people not only have smartphones but use those smartphones as their primary devices for Internet access. 5 years ago that wasn't the case, but now? George with the iPhone 7 Plus can quite easily check his email or do plenty of other things that would have been much less pleasant on an iPhone 4.

I dunno. I can see your concern, but it seems to me like a Wal-Mart anti-theft guy saying we need to search all employees before allowing them to leave the store. I'm sure it would solve some problems and reduce your personal headaches, but that doesn't necessarily make it reasonable.

> I can look at the mail filters and see that there were 400 PDFs with variations of "Delivery Notification" or "Invoice 1234567" blocked in the last half hour to a ton of different addresses, Jane Smith in Billing or Accounts Payable may only see one or two

Wouldn't Jane Smith from Accounts Payable anyway open a PDF invoice email, regardless of the address?

I've been going back an forth between Chrome and Firefox for the past couple of months with the number of posts that I've seen on HN. Every time I always realize that Firefox doesn't have workspaces. This comment made me realize that containers are the alternative. Hopefully, I'll be able to switch over to FF more full time now that I have this solution. Thanks for this comment!

> I pointed out that the porn bookmarks in question were years old and that since Chrome was signed into a personal account it was pretty likely that the same account had been used by other family members at home.

So the offence was merely having porn bookmarks in their browser - not visiting porn sites at work? Wow.

This is in an environment with multiple people at a long open desk with patients on the other side of the counter. Someone sat down to check something, or check someone in or out, I don't know the details. They hit the Bookmarks button, and right there on the list was a PornHub link to something about a teen and anal sex. This caused a bit of an uproar about inappropriate use of the computer systems, though it may have stayed behind closed doors.

It wouldn't surprise me a bit if the person whose account it was didn't even know that bookmarks exist in Chrome - it's not like Google makes it obvious these days. I suspect there were some awkward discussions at home that evening, or possibly on the phone with college-age children.

Eh, I mean fair enough. Somebody else goes to use the browser and notices the bookmarks, what else would they expect?

I imagine porn bookmarks showing up in an official screencast, presentation, or live product demo would do wonders to a company's image and reputation.

This story would deserve a blog post of its own. Google might not realize it, but the ease of being tracked by them is also a risk in work place.

> Google might not realize it,


@fencepost - do u know if it is possible to transfer all those chrome accnt pref from a personal gmail to a gsuite accnt?

For this reason my place of work hosts Firefox rather than Chrome.

FF just came out with multi account containers about a month ago ->


Firefox containers are awesome. Once you've got a GMail account it's really easy to fall into the trap of letting Google track your everything. GMail, Google searches, Google Maps, You Tube.

Containers splits them out beautifully, with minimal tracking.

With Chrome / Chromium, Google wants you to log-in using a Google account, so you fall into the trap again.

Does Google actually track web activity when logged out whilst logged in to Chrome? By this I mean connecting e.g. searches done on google maps with your account, not just storing the history.

Google of course has all the information server-side to do this; I'm unsure if they actually use it. There's usually a line on tracking that (you think) a company won't cross; e.g. I wouldn't expect Google to use browser fingerprinting to track you when logged out in a different browser, but I'm not sure about web activity in Chrome. Sounds plausible either way.

The use case for this is that you want to leave your gmail/youtube/etc all logged in, but not let Google track you all over the internet. My primary use for this feature is this specific use case. I created a "Google Spyware" container and configured Google-related things to open in there. If I go to google.com outside of that container, I'm a non-logged-in user. If I open it in the container I AM logged in, so I get all the convenience of staying logged in without the downside of all the surveillance. Of course there are other means to track me, but this is a big step in the right direction.

I know. I've been using containers ever since it was an experiment :)

My question is independent of container tabs, it's a question of whether we know the level of tracking Google does on a signed-in chrome where your google account is not signed in in the session (is this even possible?)

You can find pretty much all the data that Google has on you - they allow you to examine the history of it. As far as I know they don't track your entire web browsing history but they do record all uses of their sites with your account.

But personally I certainly don't need to be logged in using any of Googles services except for GMail so I'd rather just not build up the history rather than having to go about deleting it (or not because there's so many other things to get distracted by)

> don't track your entire web browsing history

Entire or not, does Google analytics apply here?

Yeah, I think this is where things start to get fairly pointless with avoiding being tracked. I'm imagining that even at a basic level they can match up any Google searches / GMail you use to your IP address and then follow that via Google Analytics.

I'm happily using DDG as a replacemet for most Google searches. But I guess I need to stop using GMail.

I've been a happy customer of https://www.fastmail.com/ for some years now (and used Gmail before). I highly recommend them for anyone considering leaving Gmail. You pay them with money instead of data.

ProtonMail or Tutanota are great replacements.

Why wouldn't they? Judging from the RLZ related files I had to clean off of my Mac, Google is bundling RLZ (Google's tracking library) with Chrome on all OSes. I'd be shocked if they're deploying but not using something like that.

And prior to that you could run multiple Firefox instances with different profiles. Not super hard.

> you could run multiple Firefox instances with different profiles

But not at the same time, which is a showstopper to me (still using Firefox Nightly as main browser).

You can absolutely run multiple different instances at the same time.

I've been using Firefox this way for over a year, 2 instances open right now.

It is possible, but it's messy in terms of which one is the default (clicking on links outside of the browser), taskbar/launcher buttons (OS- and DE-dependent, some configurations have issues e.g. with pinning) etc. I think there was something else - minor and just slightly inconvenient - but I forgot.

Compared to ProfileManager, Container Tabs are absolutely awesome. Completely different experience, smooth and nice.

ProfileManager is a bit awkward indeed. You can pass `-p primaryprofile` and `-p secondaryprofile -no-remote` to make sure that links from OS are not opened in the 2nd instance, but then, when you close Firefox and click an external link, it will open Firefox with the last opened profile, which might be `secondaryprofile`.

The solution for me was to use one Firefox installation per profile: primary = stable, secondary = nightly.

Container tabs are way nicer than this, but since I open lots of tabs, I still like the distinction between stable and nightly (stable = regular browsing, nightly = FB).

Thanks to you I found something really useful. With this I can finally have the convenient replacement for the good old private window which gets overused for logging in to multiple accounts simultaneously.

Do they sync?

What do you mean by that?

If your use case is not covered, you surely can write a WebExtension to provide the functionality. Containers as well as sync are exposed in the API.

I just wanted to know if the containers will be automatically synced across devices.

It's not clear to me what exactly you expect to Sync.

Container settings (names, colors, icons, assignments) should be synced (if not, please file a bug). Open tabs will be synced, not sure how they will open on another machine (considering URL-to-Container assignments should be synced, they should open in the respective containers – maybe there's a possible improvement here).

I expect the different Cookie stores to be synced as well, if not, that's a bug.

I can't even get them to persist after restarting FF. :/

Please describe the behaviour you're seeing vs. expecting. Is the session not restoring the URLs in the right container? That sounds like a bug to me. The container names (if you change from default) should be stored in the settings – if not, something is wrong on your machine. If you want to always open some specific URLs on start, pin those tabs.

I updated the container names, colors, and icons. Opened a few tabs here and there. Installed a user agent switching plugin. Restarted to enable said plugin. While the session was restored, including the containers, the non-default container names/meta info were not. Tabs in non-default containers showed up with no labels, and there was no apparent way to open up a new tab in one of the custom containers.

Also, changing a container's color does not change the color shown on existing tabs.

Please check and file these bugs here: https://github.com/mozilla/multi-account-containers – I assume you are using this extension?

But now that Google has fundamentally broken users' trust by locking people out of their own Google Docs through automated machine learning algorithm, can't you see why people are wanting to protect themselves from a corporate culture that allows those kinds of zealous and intrusive policies?

It was locking out journalists drafting stories!

How can you trust Google anymore? There's something rotten festering in Mountain View.

People seem to have the laughable idea that somehow only government censorship is bad, or that corporations aren't capable of censorship in the first place because they're private entities. I mean, yes, the world will look like that if you reduce everything to contractual relationships like libertarians seem to do, but personally I hope we could hold corporations accountable for actions like these. Like it or not, we've become extremely reliant on cloud services; Google closing someone's account without the possibility of appeal may not be politically motivated censorship, but it's still arbitrary censorship (even if you did click on the "agree" button on the EULA nobody ever reads).

Why shouldn't we hold corporations to the same standards as governments? If we don't want the government arbitrarily censoring people, why are we OK with corporations doing it?

> If we don't want the government arbitrarily censoring people, why are we OK with corporations doing it?

Because the "opt-out" process is orders of magnitude easier. You don't have to use Google. Microsoft has online document creation applications, as does Apple, assuming iWork still exists. Or you can just write documents offline using any of several thousand tools.

Corporate censorship is entirely under your control. You can always stop the censorship by simply not saying it using that corporation's tools. Corporations can control how you say something, but not what you say. Governments can control the act of saying it. One is far worse than the other.

I'm sorry but in most areas of online life the system monopolies of Google, Amazon, Facebook, Apple, and Microsoft are crushing our freedom and choice in tons of ways. You DO have to use Google Docs(for your PTA, your kids soccer team, your communication with your accountant or your church), because everyone else does. Most people won't be running their own mail server or Diaspora. There are many many examples of this by now, and this technolibertarian babble among many of my colleagues in Tech is getting pretty old.

I'm no libertarian; I'm just pointing out the difference between legal force and social pressure. You do not have to use Google Docs. You may really really need to, but there's no literal threat of imprisonment hanging over your head if you don't.

Again, by all means, protest Google/Amazon/Facebook. I'd love to see the state of affairs change too. Just don't pretend like missing your church bulletin is equivalent to actual imprisonment.

There used to be phonebooks on the Internet where you could put in your personal information and if everyone else did so too then you had this giant database of contact info where you could look people up. These of course had to make money somehow, but when you're sitting on a giant pile of personal information that's quite valuable in itself. It's a pity most uses of personal information for financial gain is morally dubious, but as long as you stay cash flow positive you don't have to turn evil.

Everybody understood implicitly that you only put in your own information. Giving away other people's personal information to a some company for which it is clearly valuable is not considered nice. It's simply not yours to give away. For the few who didn't understand this most companies had this in their terms of service anyway, as there could be legal risks involved.

All those companies are gone now. They are out-competed by a select few very large companies who did everything possible to make it very easy for people to input everyone else's contact information in their database, including making that behaviour default in the software that ships with your phone. In the beginning you could ask people nicely not to input all your personal info in third party phone book services. That's not really possible anymore.

The days when you could practically opt out of these companies are long gone.

Until all the big corps start censoring the same kinds of contents and behaviour by an unspoken consensus. At that point it becomes effectively as easy to live without all the major online services as it would be to live as an outlaw.

Easier or more difficult to get by without shouldn't distract us from the core point GP made, that corporate (arbitrary) censorship, with no redress, should be taken as seriously as govt censorship. These days they are just two arms on the same chimera.

Consider this: imagine the guy sat next to you at work starts yelling at you with a loudhailer all day. Every day. And he never ever shuts up. (Alternatively, imagine that he just whispers "fuck santosh" all day.) Would you expect him to be free to continue doing it? Would you expect the government to stop him? Or would you expect your employer to stop him?

The answer is: groups of people (and corporations are groups of people) are free to limit speech according to whatever rules the group decides upon. What you're proposing is that certain large corporations be treated as quasi-governmental entities. Which is a _free-speech restriction_.

Not saying it's a bad idea, necessarily. But I'd rather my freedom to say that certain types of speech are unacceptable was guaranteed.

In which case there needs to be easy to employ mechanisms to redress grievances, which tech corps currently don't have. For example, account lockouts and DMCA takedowns (when done by error or if the user thinks is unfair) are pretty much permanent. Your best option is to accept the data loss, move on and create another account.

My point is censorship is a huge responsibility and power, especially when it is done at the scale govts and multi-national corps do, and therefore it needs serious transparency and checks and balances, in both cases.

I don't see this happening to satisfaction. Instances of regrettable censorship stay regrettable, and keep recurring.

I'm with you for almost all of that journey. Companies should be held accountable for their actions. There are consumer protection laws, and I think it's reasonable for those laws to include protection against things like automated takedowns with no appeal process.

I just can't quite go as far as to say that Google or Facebook should be treated as governmental entities. The bill of rights restricts what government can do. It has never been interpreted as restricting what an individual person can do, even if that person heads a giant corporation.

Solve these problems another way, not by literally nationalizing social media.

Telling companies that they can't terminate user accounts without a redress or data recovery mechanism (which is what my original point was) isn't a restriction on free speech any more than us telling corporations they can't sell you poisonous food is. This sort of American "reductio ad free speachum" is really peculiar, especially when it's stretched to fit corporate actions like this that aren't even remotely related to anything anybody would classify as speech

This argument doesn't apply if you are suddenly locked out of your account. Then your option to switch still incurs the tremendous costs of the loss of possibly years of work. The original provider must still be accountable.

> Why shouldn't we hold corporations to the same standards as governments?

Because one of these organizations can throw you into a cage to be raped and tortured for the rest of your life, and the other can deny you access to some fairly useful web apps.

Denying someone's access to his own email inbox can have dramatic consequences on his life. Not as dramatic as being detained and tortured obviously, but still pretty serious.

There is already a case where private companies can't shut down their service to you as they wish, it's utilities (water, electricity, gas). I hope we can recognize at some point that Internet access should count as a utility too, and some core services like email service too.

So if that risk is so scary, build an e-mail service that protects someone's access to their inbox by contractual or technical means, and try to convince them to switch.

Any power that you take away from (comparatively weak, subject to competition) Google by giving it to (already terrifyingly powerful and monopolistic) USG is not a move in the right direction.

I think you're getting downvoted mostly because of calling Google "comparatively weak", but I think your point and your comparison is correct. Google is weak in comparison to the U.S. Government and, importantly, is subject to competition.

There are other email services which offer what people want. Want people are proposing is imposing their will on Google and the people that run it, even though there is competition out there that people could use instead and get what they want. Gmail and Google Apps are far from the only options people have, and far from the only free options people have. But if it is so important that people have an email address, then the USG could actually offer that (I've long thought the USPS should offer verified email addresses with strict spam protection by aggressively pursuing violators). Otherwise, let people pay what they want for the level of assurance they want.

The other side of this argument is that there are some things we do want to enforce companies do, such as offer a base level of health care in a package. I support this as well, because that solves an endemic problem where people have restricted choice and it also hurts society as a whole. That is, I think Hobby Lobby should have to provide birth control in their health plans because of the reasons outlined above, but I don't think any non governmental service provider that isn't a monopoly (and Google isn't a monopoly in cloud apps, even if there is an argument that can be made about them being one in search) should have to adhere to dictates about what what content they must allow on their service. That's a pretty slippery slope in my view.

> Why shouldn't we hold corporations to the same standards as governments?

Because you have choice of what to use. You don't always (or even often) have choice of what country to live in, and there's not a lot of unclaimed land that's hospitable. Some people may want a service they know the operators of will be proactive about keeping certain content off. Others will want a service that makes it their goal to not do that and protect everything on it. Choice is key here, and the government stipulating what needs to be done is actually restrictive, not freeing (you're just imposing your own views on others systematically). When there isn't a choice of what service/product to use, that's when other laws may come into effect. Anti-trust laws.

But weren't they locking those users because their algorithm thought it saw malware? It's not like Google said "You're writing a story about bombs or some other inappropriate subject so we're locking you out".

This sounds like one of those "damned if you do, damned if you don't" no-win solutions for Google. Users (and Google) don't want Google to allow people to use Google Docs to distribute malware and harvest passwords, they don't want someone at Google to look at their documents to see if they are "safe" (which Google couldn't realistically do even if they wanted to), so then people got upset when the automated software Google uses to look for these problems did a bad job for some people.

While it'd be nice if every system and process worked well 100% of the time and had no bugs, that's just not a realistic expectation.

Sign up for Google Gold and you can make as many abusive documents as you want, without any risk of automated censorship!


Now this is ridiculous. Thanks for sharing this article.

Firefox containers[1] are new, but you could always do this with Firefox profiles. If you're on Linux or Mac, open a terminal and type:

    firefox -ProfileManager -no-remote &
(I alias it to `ff`.)

Create different profiles[2] for each separate browser you need, and then make shortcuts to launch them.[3] Each Firefox profile will work like a completely separate browser.

[1] https://addons.mozilla.org/en-US/firefox/addon/multi-account...

[2] https://support.mozilla.org/en-US/kb/profile-manager-create-...

[3] https://developer.mozilla.org/en-US/docs/Mozilla/Command_Lin...

Or just "-P" if you want to be concise :)

That's got nothing to do with 'signing into an account in Chrome'.

Chrome supports multiple profiles, which may optionally be associated with a Google account. Firefox has the same thing, minus the Google account.

Firefox has supported multiple profiles for ages. Just run it with -P. It allows you to have separate history, extensions, bookmarks, everything.

The new panel containers are also handy. They allow you to have shared history and bookmarks but separate cookies and sessions. You can be logged into the same site on different accounts in two tabs in the same window.

There's no easy way of switching between them, starting a new firefox instance requires running from a command interpreter with -P specified, even the selection window isn't great. The containers feature is the alternative you want to propose here.

I went deeply into trying to use containers as a profile replacement, replacing Chrome with the new Firefox beta for one month, and I can report that it is not the right direction to go in:

- New tabs do not inherit current container

- No way to make Ctrl-T do this by customization (I investigated extensions (can't remap Ctrl-T) and even system-wide Ctrl-T remapping with Karibiner; neither gives you what you want)

- History is shared across containers. So e.g. work URLs mixed up with personal. That's contra to one of the main purposes of Profiles.

- External applications do not open a tab in the current container. So e.g. clicking in a link in work slack will fail because it will not open in a tab which has work cookies / google account etc.

Evidently Containers are not designed as a Profile replacement. I'm not sure what they are for but I don't think it's a need that I have.

As I understand it using the long-standing Firefox profiles feature is the way to go, but personally I switched back to Chrome after a month of the new Firefox Beta because of the convenience of Chrome profiles. I should try Firefox profiles, but I exhausted my experimentation energy on Containers.

> - New tabs do not inherit current container

Middle-clicking or Ctrl+clicking the New Tab button does inherit the current container. It also opens the new tab to the right of the current tab instead of at the far right of the tab strip. These actions are one in the same, so any extension that opens a tab to the right of the current tab (like Always Right or All Tabs Helper) also make the tab inherit the current container.

It's strange that such a useful feature is barely advertised at all in the UI, but it's there.

But your other criticisms of using containers as profiles are spot-on.

You can make OS links (e.g. different shortcuts on the desktop to different profiles) to start with different -p [profilename] then starting different profile is just a click away. I do it all the time using such configurations.


Also don't forget to add -no-remote option to each of the links to enable starting such browsers in parallel. Sadly it's not mentioned behind the URL above.

This works fine, but the problem is that it is not near as layman friendly as Chrome's "Switch User" feature that is available a click away on every Chrome window. Only tech aware people will fiddle with command-line switches and create shortcuts, yet even an average user would like to use multiple simultaneous profiles/users.

Firefox needs to improve on Chrome here. The erstwhile "Profile Switcher" addon provided a nice UI but is sadly gone after the WebExtensions transition and I cannot find an equivalent so far.

Well, you could add about:profiles to your bookmarks. But I agree that the UX around profiles in FF is a bit clunky.

But containers don't have separate extensions, bookmarks and history so they can't completely replace profiles.

exactly. i cant believe nobody here seems to know about profiles or about:profiles. its the perfect solution. my setup is tree-style tabs (recently made to work with 57) and a different profile for each task (one profile for each language im learning, one for music, and one for each research topic i might be pursuing). whats your setup like?

But does about:profiles work bug-free for you? From my experience it has had a long standing bug: when you select a different profile to the one you're currently using and click the "Open profile in new window" button, it actually loads the current profile again in another window. I read on a forum somewhere (forget the link) that this was an acknowledged problem and would be fixed sometime in future.

So at least until then, about:profiles is no replacement for using the -P command-line switch to start the profile manager.

Using multiple profiles seamlessly is one area Firefox can and should seriously improve, or Chrome's "User" feature will always have the edge.

i havent had this problem, no. have you tried it in 57?

Just playing with profiles and I can't see in way to make the different windows stand out, which are in different profiles.

Anyone know how to make the windows visually distinct?

Yes, use a different theme for each profile?

Yes, as other people have said containers does this magically. I even have Facebook, Instagram and WhatsApp sign-ins in their own container. Everything is separate and I honestly feel safer on the net because of it.

I've been using Pinboard for bookmarks since before browsers started offering sync. I can create and search those bookmarks in any browser, and since I use multiple browsers on multile machines, that's handy. My webmail is also accessible from any browser.

Syncing extensions and browsing history is not something I feel I need.

Pinboard seems to be minimally maintained. I've tried contacting the developer (it is just one guy) and have had no response. A bit concerning, if you ask me.

I have seen him being very responsive to paying customers and his charges are reasonable. However, it seems he did get deluged with delicious users whining at him after he saved that service, and you wouldn't reasonably expect a one-man business to be able to handle that.

You could always try tweeting him. He's also on HN.

Eh, I moved on. I paid for a year, but decided I didn't want to invest too much in a service that seemed more likely to vanish than others.

You can always try Pocket. It's both mobile and desktop browser base, and supports search and tagging. Oh, and it's and it's built into Firefox now.

DISCLOSURE: I work for Mozilla, and Pocket in particular.

Thanks...since Firefox Quantum blew me away the other day, I have been playing with Pocket. It's actually pretty cool.

Firefox 58 has "persona" tabs. Coloured tabs that keep their own sessions. You can just configure multiple personas and work on them all simultaneously from the same window (or you can use different windows, if you prefer).

It's good even for creating fake accounts, test accounts, testing apps from the perspective of different user sessions etc.

They're available in earlier versions, but I think you have to turn in on in about:config.

> You can just configure multiple personas and work on them all simultaneously from the same window

Really? I can configure two personas to go through two different proxies? I can disable javascript in one and leave it enabled in the other?

Those are features I need in Containers, but as far as I've been able to read, they aren't present and there are no plans to allow for them.

Can I check I understand: Firefox has

- Profiles

- Containers

- Persona tabs


Just two things: Profiles and Multi-Account Containers. The original poster was referring to Containers when saying "persona tabs."

I use separate Firefox profiles. Try 'firefox --ProfileManager' to create one.

-P for the lazy.

> I have work and a couple of personal accounts that I have signed in in different browser windows.

Don't do that. On one hand you mix work and personal related issues (not recommended) on the other hand it makes it easier to track you (as your accounts can be correlated). As a dev I have my own (personal, work, ...) users/accounts even at home (if I do remote) to separate the stuff - maybe that's paranoid, but for me it was great to improve work-life balance.

Yes, it's paranoid, but I respect your decision to do it. However the imperative mood used in your first sentence is totally inappropriate. That's exactly what Profiles are for; the vast majority of people are going to want to process personal issues and work issues without signing in as a different user.

I am also worried about this, but how do you deal with it on mobile?

Container tabs in Firefox lets you do this within a single window.

about:profiles gives you the same functionality as Chrome's profiles; it's just a bit harder to discover.

For most Google SPAs I use an appify tool, that contains the site in a single app webview with no shared cookie store. Then in my main FF browser I have cookie crushing on, so that when I navigate away from a domain, all cookies that were created are destroyed.

Ok, I spend my life filling in captchas, but to me that’s a signal that it is working and Google aren’t overly sure who I am.

QubesOS. Makes fucking up accounts even harder to do.


For those who don't know, if you sign in to your Google account in Chrome, Google will automatically save all the searches you've done in the omnibox.

I don't remember Google ever warning me specifically that this was happening in the background, and after I checked https://myactivity.google.com/myactivity and noticed it was doing that, I was so furious that I deleted all the data Google kept on me there, and paused all tracking in the Activity Controls page. I also stopped signing in to the Google account in Chrome.

This is why I'm a big supporter of EU's "explicit consent" idea. I should be knowing stuff like that without having to read a 5-page privacy policy that's often hidden somewhere on the Help page.

Speaking of Firefox, version 57 also makes it easier to enable Tracking Protection in settings now (before you had to switch to the private windows to benefit from it, although you could make it so that FF always opened private windows by default).


You can download FF57 from their FTP servers (they published it today), if you can't wait for the auto-update tomorrow:


It's pretty easy to accidentally enable uploading all your cleartext passwords to Google's cloud service too (the dialog to do so is a dark pattern). I similarly was furious when I discovered that. Firefox is now my go-to, and what I recommend to friends and family.

Do note that if you enable Firefox's sync functionality, all of your passwords will be encrypted with a function of your Mozilla Account password, and that Mozilla can target your browser instance with JavaScript to steal your account password at will (their protocol specifies that they never see your plaintext password, but they serve JavaScript to hash the password — which means they could serve JavaScript to send the password anywhere they like).

Firefox is more secure than Chrome, but it's not very secure. The sad thing is that it used to be more secure and Mozilla deliberately weakened their security.

I agree that is a valid issue, but it's still quite a different scale than using Google.

If I understand correctly, you're saying that we should be careful about saving passwords in Firefox if we could be the target of a National Security Letter from the US. The attack would be detectable, so it cannot be used very often (and they would need a really good excuse for doing so).

By contrast, Google takes all our data and can do whatever they want with it, without a warrant/NSL?

Oh, I certainly don't recommend Google over Firefox. But I do not recommend using Firefox's Sync functionality, which is indeed insecure by design.

I have no idea why so many downvotes. Can anyone disagree that a system in which Mozilla is able to decrypt user data is insecure?

One note: the attack is not necessarily detectable, unless you are in the practice of verifying the JavaScript you receive for each page. If there were some public registry of hashed versions of Mozilla-served JavaScript, it would be detectable.

Also, you need not worry only about the U.S. government, but also about any government which can compel Mozilla to act, and any government which can compel an employee of Mozilla to act, and finally any employees at Mozilla with access. And also you need to worry about bugs in Mozilla's JavaScript: since they did not design a system in which they can't know your password (which is the key to all your secrets), an implementation error might send them your password (and thus allow them to decrypt all your secrets).

We can run our own Firefox Account servers. A privacy-focused hosting co-op could run that as part of their services, or someone could run their own at home (but that's not useful to the general public).

People get annoyed of being told x-y-z is not secure, while not being offered any practical solution, especially if the risk/probability of attack is low.

(I'm assuming Firefox has a good reason for working the way it does, but I guess the first step would be to have more documentation about that.)

> We can run our own Firefox Account servers.

Which can themselves be compromised. The old Firefox Sync protocol was immune to remote compromise, completely and totally.

> People get annoyed of being told x-y-z is not secure, while not being offered any practical solution

I agree: the problem is that there was a practical solution: just keep the old Sync protocol.

> I'm assuming Firefox has a good reason for working the way it does

The short version is that people wanted to be able to only have one device and still get at their data, and Mozilla didn't want to confuse them by separating their account passwords and their sync passwords. Never mind that combining them has results in a wholesale loss of security.

thanks for the direct ftp link, and congrats to the firefox team! i've been using 57 (and 58) via the developer edition and really like the improvements.

but i think i'll stick with 56 as my default browser for a little longer since quantum breaks some great legacy add-ons:

  * NoScript -- control script execution
  * RequestPolicy (and its variants) -- control content requests
  * Blend In -- use the most common user agent string
ublock origin can somewhat replace the first two (although i think its UI could use some improvement) but the latter one and a few more that i use don't have direct equivalents (yet).

NoScript should be released either today/tomorrow or soon. The dev was planning to have it ready for 57, but I don't know how far exactly he got.

It won't be quite full-featured yet, though. He's planning that for Firefox 59, which will be the next Extended Support Release and what Tor Browser will be based on (which needs NoScript).

There's a handful of compatible user-agent switchers already...

I switched from RequestPolicy to uMatrix earlier this year and have found it to be an acceptable substitute. I think my motivation was RequestPolicy being incompatible with multiprocess.

Blend In can be replaced by setting privacy.resistFingerprinting to true in about:config.

It'll set the user agent to the same as the Tor browser, Firefox 52.

That data is never truly deleted, not for a while at least.

I suppose it has benefit now with Android, and multiple devices, but Google, and Youtube both started saving searches long before the release of Chrome.

Quite terrible.

Isn't it the same thing no matter the browser?

If you are logged in you Google account, every Google search will end up in your Google history. It doesn't matter if you search from Chrome's omnibox, google.com or Firefox's search bar.

Does Chrome also uploads search made with other search engines? That would be a bit more worrisome. Though considering that Firefox saves your history in your "Firefox Sync" account, I wouldn't be surprised if Google did the same.

Firefox Sync is intentionally designed so that we can't read or recover your data; it's all encrypted client-side.

Chrome is specifically designed to do the opposite: Google explicitly states that when you sign into Chrome, "your experience in other Google products is personalized by including your Chrome history with your Web & App Activity." (https://support.google.com/chrome/answer/185277)

A good point. Firefox sync has zero-knowledge encryption, Chrome sync doesn't. It is just that if Firefox sync stores your history, Chrome sync probably does it too.

And interestingly, you could have a page showing your search history with Firefox sync just like with Google. Just because a page shows you private data doesn't mean someone else has access to it, and the more common opposite is also true.

Not exactly zero-knowledge, just end-to-end. They have the encryption key (called kB), but it's encrypted with a key derived from your password.

(Note, that while the password and key derived from it never normally leave the brwser, the login page is served from the network. So, you trust Mozilla's servers to not get hacked and serve you insecure login page.)

The system also has a notion of "class A" storage, where Mozilla knows the key (called kA), but AFAIK nothing ever used that. Maybe its already gone.

Oh, the device names (and types - like desktop vs android) are not encrypted. Probably because of attempts to add push updates (normally, sync is just polling for updates). And the profile data too (not a part of Sync at all - its Accounts).

Google has optional client-side (also, E2E) encryption, for some types of the data (e.g. passwords and autofill data). One has to opt in explicitly. When opted in, data is encrypted with a key that's is derived form a passphrase you provide (and sync implementations would error and ask you for the passphrase). I'm not sure, but IIRC protocol has provisions that allow to not encrypt some data at client's (= Chrome's) discretion, as the encrypted flag is set per-object. I'm not aware if this is used or not - was a very long while since I've looked at their sync server implementation.

That said, for E2E encryption both system have feature parity, but Mozilla's one has it by design and Google's one only as an opt-in.

You can tell Google not to keep your search history.


I hate that it saves it enough that I often perform 'dumb' googles in an incognito window just so it'll never suggest "how do I parallel park" again. But how is this unexpected behavior? It also saves every URL you visit - in your browser history. And those URLs encode the search terms. If you want it to not save what you do, then you use incognito mode.

How is it not unexpected that a piece of software uploads and saves everything you search for on a remote corporate server? When did this become so commonplace that users don't even blink an eye to it? And more importantly, why would anyone find this acceptable?

That's what the feature says it does! When you create a new Chrome profile and it asks you to sign it, it says "Sign in to Chrome with your Google Account to get your bookmarks, history, passwords, and other settings on all your devices." That's a valuable feature to many people including myself.

Yeah it's a widely advertised feature and you can obviously pull up tabs from one Chrome on one computer onto Chrome from another computer. There's no other way for this to work and it's actually useful. There's nothing underhanded going on here, except perhaps if (when) they sell the data to other parties.

I just grabbed FF57 from the ftp link :), couldn't wait!

It's a Google box... did you not assume that this went to Google?

Google is just the default, you can set it to whatever search engine you like.

I am so vexed by your complaint that I had to create an account just to ask what you thought signing in to Chrome does. What did you think it was going to do? The fact that it syncs your history to your account is front and center in the description, not buried in some legal document:


"When you sign in to Chrome, your info is saved to your Google Account so you can get it whenever you need it."

It is literally the first sentence. I also support some of the various EU privacy initiatives but I don't support them because I think users should be militantly ignorant about what they're doing.

>My main issue with Chrome was the endless nags to sign in to a Google account, and just generally wanting less dependence on Google

One thing they have been doing very well is allowing history to sync between multiple devices on different OSes.

Right now I use Chrome everywhere because :

- It feels pretty fast (I still have to try the new FF)

- Any replacement needs to come with an extension covering this feature and working across all my OSes.

Firefox has had syncing built in for a while: https://www.mozilla.org/en-US/firefox/features/sync/

Haven't tried it on iOS yet, but it worked great on my Android.

and this is where Chrome has a good hook on me.

In order to switch, both FF desktop and mobile need to be better than Chrome.

Does FF support a version of Chrome tabs too ?

Damn, they have built themselves a good moat just with features I will miss.

I prefer FF over Chrome on mobile. FF mobile allows extensions such as uBlock Origin and Google Link Fixer which I find essential. FF supports sending tabs to other devices, if that's what you mean by Chrome tabs.

Firefox on Android has awful scrolling physics. I will never be able to use it while the scrolling is different to every other app on my phone.

Last I checked they were using the native Android scrolling physics. I could be mistaken though.

If so then I don't know why it has felt so different to every other app on all 3 of my Nexus devices (currently the 6P).

I guess it depends on the phone. Scrolling is smooth on my HTC One.

It's definitely smooth. Too smooth, in fact. It feels like my finger is slipping on the screen. No other app does this.

Glad I'm not the only one - I love everything else about the app but, as you said, it scrolls differently to every other app on my phone. So frustrating. Sticking with Chrome for now.

FF is insanely slow on mobile. Scrolling in janky and rendering seems to be about 50% slower than Chromium

Maybe it's your phone?

Nexus 6 and yet doesn't make sense that all my non Firefox browsers are perfect

I don't know about iOS but the Firefox Android app is great and works with Firefox Sync, of course.

Yes it does. The feature is called Custom Tabs in FF but it's there.

Will it sync with another browser though.

That's asking a lot (chrome does not do that AFAIK) but that's the only way to allow me to use multiple browsers on different devices fluidly (and also to continue using chrome where it has an edge, like on mobile with chrome tabs)

The Firefox equivalent of Chrome Custom Tabs on Android is Firefox Focus, IMO. I use Focus for opening links from other apps, but full Firefox (beta) for actual browsing.

I've been using FF sync for at least 3 years now, probably more. And FF 57 is definitely on par with Chrome in browsing speed. Still not quite there with WebGL, though. The debugger is much better now, too, and surprisingly more responsive than Chrome's.

With regard to WebGL, it depends. This demo, for example, runs at 30fps in Firefox for Android and 4fps in Chrome on my Nextbit Robin: https://www.shadertoy.com/view/Ms2SD1

Shadertoy is just drawing a plane with a shader. Many less graphics calls than a regular WebGL app (which is where Chromium still shines). Even then, Chromium renders that link full screen a bit smoother than FF in Linux desktop.

JS debugging in particular or do you mean the developer tools in general?

(I'm the Chrome DevTools tech writer / advocate)

Yes, mostly JS debugging.

Funny how you are replying to a comment about privacy and less reliance on google and you are saying chrome is good becuase you can send all your browser history to google.

I've been on Firefox since I can remember it being out, but the latest versions, 56+, have me using it only intermittently due to battery drain issues on Mac[0] :(. I am really hoping they get this fixed shortly.


Honestly, if you are on macOS, just use Safari. Most extension you want/need are there (or the are suitable replacements. cVim and sVim are pretty close if you don't dive to deep, for example). Adblocking is actually faster than on any other browser because the blockers use the same Content Blocking API as on iOS Safari. And then the battery life... you easily get 2-4h more just by using Safari.

Which brings me to my other point (which I always keep hammering on in browser threads): why don't 3rd-party browser focus more on battery? If you're on Windows, Edge is king in battery use. On macOS, its Safari. On Linux, none (but then Linux doesn't have good power management in general). We live in a mobile-first world these days, why not focus browser development there?

Edit: I'm not dissing the Firefox or Chrome team their efforts, but almost all the news articles or blogs I see speak about Chrome or Firefox getting faster. And they do, by significant jumps. But when there are battery improvements, they are usually pretty middling (say 10-20m more battery life). So all I'm saying: why not flip the focus?

It looks like people are downvoting this. Perhaps it's because of the tone of the first sentence; if we rephrase it to "If you're on macOS, why not just use Safari?" I think it's a reasonable question.

There are reasonable answers -- Safari's extensions aren't quite as capable as the other two, so it's possible you're relying on an extension that Safari doesn't have and can never duplicate, and of course if you need to sync bookmarks and other browser data across OS platforms, Safari falls down in the way all iCloud-backed apps do. But Safari does focus a lot on battery conservation, and if you're on a laptop that can make a big difference. And, while I'm sure there are benchmarks out there to quibble over, in practice Safari seems to be just as fast and just as compliant as Chrome and Firefox are.

I've been using Safari as my main web browser for years without feeling like I'm missing out on either performance or killer features. I keep copies of Firefox and Chrome around and keep them up to date, mostly for web site testing purposes; neither of them have added features compelling enough to make me want to switch back. I doubt Firefox 57 is likely to change that equation, although I'm happy to hear that they've got their groove back, as it were.

Firefox is my default browser anywhere but macOS, owning an iPhone and iPad I end up using the continuity features in Safari quite heavily when I've been browsing something on my phone or tablet and want to pick it up on my iMac.

I love Firefox, and owning an iMac I'm not terribly concerned about the power efficiency difference between the two - but damn if it isn't convenient to have the ability to just pick up where I left off.

I've long held your viewpoint. I push friends and family to use their platform's native browser. Most often than not, it saves on battery and reduces energy usage. I use Safari on iOS and on my desktop I've always used 2 browsers. 1 for browsing and a 2nd for long-running media. Thus on my desktop I use Firefox and for media, Edge.

I don't have a laptop, but will when the Qualcomm Snapdragon Windows10 machines land, and will probably use Edge exclusively there.

It's important to watch where incentives run. Google has the incentive to profit from you. Microsoft and Apple have the incentive to make sure your browser and device work as efficiently and well together as possible. Mozilla focuses on privacy as their main feature.

Exactly, Firefox is slower for both me and my girlfriend, I am a kind of "typical non-typical" and she "typical typical" user, and it got annoyingly slower for both. And now I've just lost all the extensions too, including NoScript and the dictionary(?!?)! See my other post here for details.

I think most people don't know this, but you need to download the nightly, NOT the regular version of Firefox (56 as of now) to see the speed increase.

The regular Firefox is much slower than Chrome still. The nightly is now noticeably faster than Chrome.

This all mozilla's bragging about speed is premature. They should've published this article after firefox 57 reaches stable.

Yup this article confused me as well.

The current stable release 56 just can't compare to chrome.

Apparently they have decided 57 is stable already but plan to make it official tomorrow.

From my unscientific testing, 57 is only as fast as chrome, while the nightly (59) seems to be faster than chrome. They should have waited until 59 was stable.

I would be using the nightly as my main browser if I didn't have experience with crashes and bugs with nightly versions before.

57 stable starts rolling out today (14/11).

I've been using firefox since forever too. (Actually, since Mozilla 1.0 (aka Nutscrape) in 1993 or thereabouts.) I'm at that point where I'm about to dump it again, as I have periodically in the past.

They keep making it more and more like Chrome. If I wanted to use Chrome, I would. It's gotten to bloat maximum.

It's slow as hell. It's less flexible and less easy to personalize. They have broken some of my favorite add-ons.

This piece is pure propaganda.

I was feeling the same, but FF57 really is much better.

It does break some extensions, but many have converted. Which are you having trouble with? The main one I'm missing is "Disable Ctrl+Q".

My notes: https://www.bidon.ca/fr/random/2017-10-05-webextensions-supp...

The main one I've been missing is Pentadactyl (for quite a while). Vimium-FF is ok I guess.

My main objection is still the sheer size and the amount of memory it takes, and the continual feature creep to make it more and more like Chrome. I know I'm in the minority, and also that it's heresy to say anything bad about Mozilla here. Oh well.

I only wish I had lots of money and/or time so I could help revive the development of xombrero, but at least it's still available.

Have you looked at Qutebrowser if you want a standalone browser?

Other options for Vim-like web extensions are Saka key, Vim-Vixen and Tridactyl.

Counterpoint: as a longtime Firefox user, I have to restart it every couple day. It still hemmorhages memory and just gets unusable after a while.

Even if it's the extension fault, why they aren't sandboxed properly, or even why there eisn't basic reporting about the offenders boggles my mind. Maybe it's because of the API... I find it hard to believe it isn't possible to retrofit some of that on the current design to be honest.

And now, because they couldn't handle it, we're getting extensions with crippled power, that are very (very) far away from feature parity with the old ones.

I wasn't happy before, and I'm not happy now, albeit for different reason.

The fact that I'm using Firefox of course means I'm not thinking too much of other browsers. The fact an extension in chrome can't add a frigging sidebar is a personal pet peeve of mine.

I remember when Firefox was the lightweight alternative to Internet Explorer 6...

This sounds genuinely odd, could you be using a add-on that is causing a problem ?

I leave Firefox open for months on end without problem and with several hundred of tabs open, multiple windows too. I do use a tab unloader, that unloads an inactive tab after a while. Its precisely because of this that other browsers are not suitable for me

I loaded up Firefox 56, went to Engadget website, on a Friday, at work. Then was called away from my desk. Came back Monday morning and Firefox ballooned to 3.5gb of memory...

Never had such an issue with Chrome, but man FF57 is my new default. SO FAST. I don't care if I need to restart it this thing is awesome.

Could you link the tab unloader addon you are using, and is it compatible with new firefox?

I have exactly the same problem as the one you replied to.

It seems like some resources never get cleaned up, so if I in the span of a day open 100 tabs and close them then I will not end up with much higher memory usage than initially.

I have investigated this with about:memory and while not seeing something conclusive I did sometimes see domains taking up memory which were not loaded in any tab (ghost windows) or high amounts of memory used for "media".

I will try disabling the handful of addons I use beside uBlock Origin which is too essential to disable.

The about:memory display is pretty easy to read and can force memory collections across the app. Should be fairly easy to track down the cause. I run the developer edition and tend to restart weekly or so to pick up new updates but I don't notice excessive RAM consumption.

Are you using Firefox nightlies? As I read the article, the Quantum improvements they're talking about are nightly-only today; they get released tomorrow. So I think when you say "now" you're still talking about pre-Quantum.

That said, I don't know if Quantum fixes the specific memory leaks you have, adds (back?) the extension hooks you miss, or adds the reporting you're looking for.

Not "nightly-only" but also "beta" channel since weeks/months. The today beta version is in fact the tomorrow stable one (57.0).

Firefox 56 is actually pretty good. It's now fast again. I am using a fresh new profile.

Please let me increase "content process count" higher than 7. Chrome opens hundreds of child-processes (no problem at all on my PC).

And I am still keeping an older Firefox 48 around, as it's the last version that runs Firebug and other good but now unsupported addons. Firebug had this "DOM" panel which showed the non-default DOM attributes in a different color and showed them as first few entries, and the rest below. The DevTools in new Firefox has a less useful DOM panel (it shows all attributes not grouped or colored differently, makes the DOM panel useless and chaotic) - please improve the DOM panel to be feature-equalent to the old Firebug DOM panel!!

dom.ipc.processCount in about:config

Thanks a lot! I increased it to 50, it Works great. Please remove the UI restriction with the next release.

You will be pleasantaly surprised when you get updated to 57 :) Have been running the beta for 3 weeks now, very stable, fast, snappy. Amazing work.

54 is not even fast compared to 57 ("Quantum", launching tomorrow 11/14). Seriously if you think 54 is fast, 57 blows it out of the water.



you need to use the dev edition. this is fast...

I found Electrolysis still quite slow. but the new engine ("Quantum"), is ridiculous fast. The last ~5 versions were such big improvements, that I even switched from Chrome. It's so good know that there is no need to keep Chrome. Firefox isn't good enough again, Firefox is the browser again.

The most anti-user "User Agent" thing of Chrome, in my experience, is their refusal to let me open my myriad dev sites with bogus certificates claiming some bullshit HSTS problem, without giving me a "do it anyway, you stupid browser" button.

So, literally, I still use Chrome (because I'm too used to it), but I do all my dev work on Firefox, which has a dev-friendly user policy.

I believe if you type "badidea" at the error page it will let you through unconditionally.

Holy crap. I have Google'd a zillion times for a workaround and they all were insane "do about a zillion steps on Keychain access or just fix your server." THANK YOU BOTH.

I wish I knew that when adding auto-HTTPS and HSTS functionality to a product - typing out "chrome://net-internals/#hsts" almost became muscle memory.

FWIW blocking sites with bogus certs and not allowing a user bypass is exactly what the HSTS RFC requires. If you were testing the HSTS feature of your website, Chrome is doing the right thing. It's possible to clear Chrome's cache of HSTS-enabled sites btw: https://www.thesslstore.com/blog/clear-hsts-settings-chrome-...

type badidea

"Becoming true "User Agents," in other words"

I remember the early browsers as smaller programs that were oriented around retrieving content for further viewing/interaction using other applications. As I understood it, this was one of the ways that MIME was useful.

The problems with "modern" web browsing that annoy users probably have less to do with what, back then, would have been separate programs. They have more to do with the retrieval step. User have little control over 1. the content the browser requests and retrieves and 2. whether and how that content is processed (i.e. the "default settings" of the browser decide and to my knowledge few users today manually adjust MIME settings or whatever today's equivalent is). Because users today expect the browser to do everything. It is more than a user agent i.e. http client, it is an "all-in-one" program that can seemingly do anything. No auxiliary programs are needed. This comes at a cost. I would argue that cost includes many hassles that users experience, including "speed".

The point is that this blog post is talking about #2, the processing of retrieved content. But is that really what causes most of the user annoyances? Is that what ultimately affects "speed"?

Or could it be, at least in part, that some web page is controlling the web browser to have it make dozens upon dozens of DNS and HTTP requests, not only for tracking, but in some cases for "content" the user does not want.

The first task of the user agent, #1, to retrieve content, is not nearly as complex as the second, #2. It probably has not changed much since the early days of the www. (I still use original netcat from 1996 as well as other 1990's tcp clients to great effect.) Retrieval of content can be user controlled. The complexity is manageable. The "user agent" can be small, open source and easily compiled by the user. And with todays memory and networking retrieval can be very fast.

When I think of a "user agent" I think of a tcp or http client, a small program that can make TCP connections and HTTP requests, not one that is also a graphics rendering engine, a video player, a programming language interpreter or a PDF viewer, etc.

It is the disappearance of the MIME idea in favor of a highly complex, all-in-one application called a "modern web browser" that is at the source of every known problem I can think of that is associated with "modern web browsers" today, whether it is browser "speed" or privacy or security or whatever. It is the price one must pay for not having separate programs with separate privileges to accomplish separate tasks.

How would you propose "splitting" a modern web app between two programs, one to retrieve its content and another to render it, without the sort of tight integration between these two programs that would be needed to again lead to the kind of "kitchen sink" situation that we have today??

IMO the problem is not the kitchen sink nature of web browsers, the problem is the kitchen sink nature of the web itself. It needs to be split into functionally separate parts that can be interfaced with different programs and workflows, instead of being a huge, integrated 'web' that is in turn parsed by a similarly huge, integrated program, the browser.

https://github.com/Eloston/ungoogled-chromium removes many of the nagging and background features related to Google services.

Unless Chrome has features you can't survive without (and I admit its dev tools are pretty good), then I don't see the purpose of this.

If staying free of Google becomes a goal, then by using Chrome you're still helping them, even if your Chrome is un-googlified.

This is because you help Chrome become a monopoly in the marketplace, I view it as the new Internet Explorer already. Many people here probably don't remember, but IExplorer also won on technical merits, version 5 being an excellent browser compared with its competition. Market dominance that allowed Microsoft to screw the web for a decade at least. And no, in this context its open source nature does not matter much for as long as Google controls its implementation and distribution.

Firefox is right now truly the best browser, at least for my usage patterns and needs, but even if it weren't, I would still use it, because when web standards are endangered due to a monopoly, then I consider it my duty to support the underdog.

Now don't get me wrong, it is true that Google and Chrome have helped the open web. But that doesn't matter that much, because they can always turn and you can see how lately Chrome is making bold changes without waiting confirmation from W3C or the other browser vendors — like disabling forms auto-complete or deprecating certificating pining.

They are at a point where Chrome has enough market share to implement whatever the heck they want. DRM? H.264? Lost battles after they ended up in Chrome.

> Firefox is right now truly the best browser, at least for my usage patterns and needs, but even if it weren't, I would still use it, because when web standards are endangered due to a monopoly, then I consider it my duty to support the underdog.

I just love that the web community actually thinks about this, and actively works to avoid monopolization and nonstandard behavior on the different browsers.

Recently, I have moved into desktop development (using Qt and GTK+), and it is atrocious just how difficult it is to deploy a non-trivially sized native application on the three common operating systems. I really wish that the desktop development community could have unified around a similar set of standards for all the OSes when it comes to desktop applications too.

The web application platform is painful in several ways too, but I think they have nailed it with attention to standards compliance and weeding-out monopolistic behavior

As someone that has been doing desktop development since the MS-DOS/Amiga days, and is quite happy to only touch Web development when obliged to do so, I wonder what those problems are.

Without knowing what the parent really intended, I assumed they were talking about the difficulty of deploying the same application across platforms rather than with desktop development on any single platform.

Different system libraries, different window management environments and user expectations for layout and interaction, different handling of hi-dpi displays, different filesystems with different filename restrictions and different handling of filename encodings, different application packaging, different code signing and sandboxing requirements, different package distribution mechanisms. I've probably missed a few, but those cover some memorable enough annoyances for me in recent years.

I don't enjoy web development, but I do enjoy web publication and distribution.

Browser vendors influence upcoming web standards. If you use ungoogled-chromium then your vote still goes to Google.

They are a good ways behind stable: https://github.com/Eloston/ungoogled-chromium/issues/262. You might be opening yourself to security issues being this far behind.

> Browsers are becoming more and more aggressive in protecting the interests of users. Becoming true "User Agents,"

I really like the built in free VPN that Opera provides.


This only means that Opera have all your data and can aggregate it in one place.

that's true with any VPN though.

On the verge of switching back to Firefox. Then Pocket. I don't want to give my private data to any cloud service out there. Full stop. The only way the cloud gets my data is encrypted with a key I solely own.

I like new Firefox but if Firefox is removing search bar than address bar should take over all functionality from search bar and it doesn't.In search bar there is easy way to add new search engine with + sign and in address bar there isn't.

> I like new Firefox but if Firefox is removing search bar than address bar should take over all functionality from search bar and it doesn't.In search bar there is easy way to add new search engine with + sign and in address bar there isn't.

Where do you see the search bar being removed? I can't see any announcements, I don't think it's going away. Also, I don't think the combined bar is missing functionalities, at least not the one you're describing.

On Firefox Developer Edition 58, in the menu you can choose between :

Use the address bar for search and navigation


Add search bar in toolbar

This decides between combining the address bar and search bar into one, or having a separate address bar and search bar. You can also pick a keyword for each search engine.

Even if you decide to use the combined bar, I just tried adding "+ddg" keyword[1] on Duck Duck Go and type "+ddg test" and it searched for "test" on Duck Duck Go instead of my default search engine.

[1] https://support.mozilla.org/en-US/kb/add-or-remove-search-en...

I use bookmark keywords [1] to register new search engines.

[1] http://kb.mozillazine.org/Using_keyword_searches

Good luck with it all

> I also like that Firefox has a built in tracking protection (not just Do Not Track toggle but actual blocking of trackers

Here's something I find curious.

When Apple does it, it's because they want to kill the open web and drive more people to their closed Apple News platform. When Mozilla does it, it's because they're saints.

How am I able to reconcile these two?

Perhaps because Mozilla doesn't have a News platform? So it is easier to believe that they are doing it for you. I don't mean to imply that Apple have any other motives, I know nothing about them except that there appears to be a greater likelihood of a conflict of interest.

In my mind, the distinction is simple: Apple is a for-profit corporation, while Mozilla is a charity operating in the public interest. I sometimes agree with Apple's actions while simultaneously distrusting their motives, and I sometimes disagree with Mozilla's actions while simultaneously _trusting_ their motives.

> How am I able to reconcile these two?

It's like reviews on Amazon. You skim the highs and the lows and you read the rest. People who say Apple is killing the open web are at the extreme. Skim what they say just to be familiar with their argument, but be careful not to get sucked in.

Because more then one person has opinions on the Internet, so sometimes you hear inconsistent opinions.


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact