This isn’t just their extension, if I am reading this correctly it is any extension(that hasn’t been vetted by Mozilla) is capable of being blocked from running due to this this new quarantined domain list that Firefox 115 has.
However this feature can be disabled, or otherwise overridden at this time by the end user when following the documentation[0].
I can understand the concern here, but this change is being communicated, can be user managed, and the best faith interpretation I can come up with, is in fact for security purposes. It creates restrictions on (at least from Mozilla’s perspective) untrusted extensions. I mean how many extensions are there that do act maliciously? It probably isn’t trivial.
I highly recommend you use a minimum amount of extensions anyway. The OP’s extension is a good one from what I can tell but I really only use uBlock Origin, Bitwarden, and tab containers at this point. I guess whenever I use Gnome I end up having to use their extension too which is frustrating but a different story.
Will have to pay attention to this feature. Thanks for sharing the link.
In the release notes which 95% of users don't read, and in a text label hidden in a toolbar menu. No informed consent or prompt to opt-in. And Mozilla hasn't disclosed their criteria for inclusion of websites, and what they plan to use it for.
The average user isn’t using Firefox to begin with. In fact 5% market share for Mozilla is probably pretty generous.
I agree with you that Mozilla has certainly dropped the ball regarding this change. Much like pocket, the Mr Robot ARG, the Quantum update, DoH with Cloudflare as the default provider, and so on. But again all but the Quantum update have been user configurable, and in my experience, have not been reverted unlike my browser preferences on Windows, where Edge hijacks anything and everything with very little recourse.
> The average user isn’t using Firefox to begin with.
that's... not a valid argument for this discussion?
market share and user conservatism has no connection to concerns about basic safety affecting everyone
judgement should be applied equally, every user and every product
> that's... not a valid argument for this discussion?
I believe the intention was to argue against the notion that 95% of users don't read release notes. The contention seems to be that, because Firefox users are more technical (or enthusiast, perhaps), more than 5% of Firefox users would read be aware of this change.
The grandparent comment was regarding that the average user doesn’t read release notes and I was remarking that Firefox users are not average.
Now I agree that this change is not being communicated properly but to claim that the Firefox user is similar to the average computer user is not something I would agree with.
Disabling apps is different from disabling non-verified extensions. The linked article addresses that Mozilla already has the capability to handle discovered malware, which is separate from this issue.
Is it there fault if you don't read? or it your fault?
Likewise... who's to blame if a rogue addon isn't responded too?
Same arguments get bundled about stuff for iOS and it's absolutely responsible for companies to be proactive about issues with stuff like automatic updates because failure to do is, in aggregate, is worse because of stuff like zero days.
> Is it there fault if you don't read? or it your fault?
I don't know their exact argument, but I would assume a better place for a notice like this would be a popup or some kind of tiny tooltip window when you update to Firefox 115 that says "hey, we can disable an extension at any time if we find reason to believe they're acting untrustworthy and misbehaving, you can disable that behavior by going here."
I cannot fathom how someone would disagree with this user experience suggestion around this new feature.
> Is it there fault if you don't read? or it your fault?
Given that Firefox auto-updates, and most of the time doesn't put up a "What's New" type page after the update installs, I don't think it's reasonable to expect that most users would even know that there's a separate release notes page, let alone that they should read it.
"We've taken away your power and hidden it behind a setting that we have no obligation to maintain" seems to have been the Firefox motto for the last ten years, and continues to go strong.
It is increasingly frustrating but in my opinion Firefox is the only usable browser. The ads and other nonsense, despite being pushed out often, are still user controllable and once configured, I have always had my settings honored. You cannot say the same about Edge and if app manifest v3 actually does what people say does, Chrome will essentially be undergoing the same cut off of extension capabilities that Firefox Quantum did years ago but even worst.
once configured, I have always had my settings honored
totally different experience, FF ESR decided to update itself just the other day and break a bunch of stuff out of the blue, because of course moz://a knows better what I need and when I need it. It is very sad people like me need to put up with this abusive behaviour because the alternatives are worse
You mean besides the forced update? Unfortunately not much I can help with, in my case I was deliberately running ESR 78.14.0 which was force updated to ESR 102.11.0 on May 26 and later 102.12.0 on June 20 (setting is obviously 'Check for updates'). It was a pretty big change first, so I naturally tried to revert back as much as I could. However for example Google Image Search is broken again, clicking it simply crashes the tab (Gah. Your tab just crashed), which could be fixed by tweaking some options in the earlier version iirc. Unless moz://a managed to break it a different way this time
They didn't disable the setting to enable XUL extensions, they rewrote the codebase to something that can't run XUL. And of all the changes in the past decade, that's actually one I'm 100% okay with, XUL was a hot mess that could do way more harm than any extension should have ever even in theory been able to do.
There's "loss of functionality" and then there's "I am enjoying functionality that's due to an extention potentially taking over my system". More of the former, less of the latter please.
I'm wary of Manifest v3, but like you say, it isn't a mandate yet. Is there any reason today why Chrome isn't usable? There's also Brave, which I love on Android.
It’s more or less ideological on my part. There being only 1 browser engine is something I would like to avoid. And unless Safari becomes available on Linux (or that Orion browser from the makers of Kagi), Firefox is the only other option. There is Librewolf and some other gecko based ones out there but other than the TOR browser, none of the others are large enough projects that I would trust with something as important as my Web Browser.
I support plenty of end users on Chrome and Edge at work and will happily oblige my wife by installing and configuring Chrome on all her devices. Firefox is what works for me and what I am comfortable using at this time. Unusable was certainly a hyperbole on my part.
I've never used Linux full-time, but from my understanding, neither GNOME Web nor Konqueror are Blink-based. Are they missing critical power user features?
The lack or nonstandard support for extensions. But looking into it, I see that it looks like at least Gnome Web now can support extensions. Currently not using Gnome or KDE on my Linux install though.
Not sure if this helps, but according to Wikipedia:
> Despite being a component of GNOME, Web has no dependency on GNOME components, so it can be potentially installed on any system supporting GTK and WebKitGTK.
Do you want there to be only one browser, owned by a monopolist megacorporation that is striving for a world where everyone consuming ad 24/7 while having zero privacy? If so, use Chrome or its clones.
If not, your only way of fighting back is using Firefox and Safari, so that people still make websites that work in something else than Chrome and Google's monopoly isn't complete.
> your only way of fighting back is using Firefox and Safari
Then I have no way of fighting back, because I don't use Apple machines and Firefox no longer meets my needs and I have significant performance problems with it.
Ephiphany (Gnome) web browser on Linux uses Apples' WebKit engine.
Over years I've found it really useful to accurately test web-page developments for Apple device compatibility on Linux distros without needing an Apple device or emulator.
That is not to imply the surrounding browser 'chrome' and UI is equivalent - but rendering certainly is close enough that most of the time pixel-accurate comparisons are valid.
Even Debian keeps up-to-date with latest webkit upstream. E.g. right now (Jul 5th 2023) Debian's libwebkit2gtk 2.40.2-1~deb12u1 (on Debian 12 Bookworm) shows this Changelog:
webkit2gtk (2.40.2-1~deb12u1) bookworm-security; urgency=medium
* Rebuild for bookworm-security.
* The WebKitGTK security advisory WSA-2023-0004 lists the following
security fixes in the latest versions of WebKitGTK:
- CVE-2023-28204 and CVE-2023-32373 (fixed in 2.40.2).
-- Alberto Garcia <berto@igalia.com> Wed, 14 Jun 2023 11:00:05 +0200
webkit2gtk (2.40.2-1) unstable; urgency=high
* New upstream release.
* debian/rules:
- Pass -VNone to dh_makeshlibs for javascriptcore to keep the behavior
of the debhelper compat level 11 and earlier.
-- Alberto Garcia <berto@igalia.com> Tue, 30 May 2023 10:19:01 +0200
I'm fully empathetic to this argument, but IMO this wasn't clearly called out in GP's original post. It also doesn't meet my personal definition of "usable". "Ethical" might've been a better choice here.
While I understand the frustration, they're pretty good at keeping about:config settings around. I can't remember the last time they removed one. The same can't be said about Chrome.
You mean those settings that you don't get to see anymore when you type about:config unless you now, every fucking time, click "show me all settings"? The one they also removed entirely from the android release? That about:config?
Because they've been doing the exact same thing to that, packing it away more and more, slowly killing off the parts that made it a great power user and developer browser by just making them a little bit harder to use or get to every time.
Right. They keep the config settings around. They just start ignoring the value, like in the case of allowing unsigned extensions. Or anything related to telemetry and user experiments.
While I've not noticed any settings being ignored, I suggest to use policies(either GPO or "policies.json" when it comes to telemetry. As for experiments I've been running ESR for so long that I don't even know what these are supposed to be or do.
This new "feature" is nothing to rejoice about but balancing against the parent observation not all unique firefox settings dissipate. eg. defeating video autoplay migrated from about:config to a prominent settings toggle listed under permissions.
I normally take the good faith interpretation for things like this, but I'm confused by this one.
What security problem would be addressed by this? Why would Mozilla need to disable "untrusted" extensions for only certain websites? Why would a website need to be quarentined from an extension, instead of the other way around?
I would think that the remote kill switch for a specific extension addresses the actual security concerns, or Mozilla just not allow 'untrusted extensions' by default on any website.
I don't think Mozilla is evil for doing this, but I do find the motivation for this confusing.
Think high sensitivity sites like banking. Personally, I'd love to be able to flag sites as only having a limited whitelisted set of extensions, as they are a serious potential security risk. And I'm fine with the browser shipping with sane defaults. I don't want to have to manually tune this for my family members.
Come to think of it, even better would be to attach this feature to whole containers...
I understand this position, but I do see several trackers ("telemetry") get blocked by uBlock on my bank's website.
This type of telemetry can go die in a fire for all I'm concerned, but these trackers are particularly devious with their constantly changing domains and URLs. Addons that allow for things like regex matching are the only solution that seems to work because the Pihole blacklist doesn't seem to block them sufficiently.
Mozilla has already killed off malicious addons by enforcing their signature requirements. I'm not sure what this adds, I doubt Mozilla will hire someone to monitor the changes to banking URLs around the world (a necessity if this is indeed intended to make banking safer).
They've nipped the crap inserted by adware in the bud. Sure, anyone who can pass a simple malware scan can get an addon published, but there's no doubt in my mind that getting rid of unsigned addons has helped a lot.
The tricky thing is what extensions should be whitelisted and what extensions shouldn't. uBlock is easy, but what about Consent-O-Matic? What about GreaseMonkey and friends? What about Stylus? Where do you draw the line?
uBlock was just an example, of course. There are other addons that do more complex auto detection.
In my experience, banking websites are notoriously ass-backwards and need more hacks and patches than many other websites.
I’ve specifically used Greasemonkey to fix bank breaking pasting into fields and blocking password managers by splitting login form into deliberately broken pieces.
Okay? You have "malicious" extension. Why would you allow it to run everyhere ?
What would just limiting the "fix" of blocking it to inevitably only some set of US banks (as I doubht they get the all URLs to every bank in the world) achieve?
There is no such thing as a "known trusted extension" ever since they killed sideloading extensions and forced auto-updates. 10 years ago not force updating extensions was also a thing they moved behind a flag, and then just dropped.
It gets worse - Mozilla is the fucking worst at checking submitted extensions. They tried to the play into the whole "app store" thing that Google/Apple were doing, but those are justifiable cost centers at those two companies in a way that just doesn't work for a player like Mozilla.
Mozilla's store checks for extensions are fairly pathetic. You can submit a near empty shell with excessive permissions, get approved the first time, then auto-update to a new release (which will deploy to users immediately thanks to auto-updates). That new version has to pass a battery of useless automatic SAST checks, which will happily highlight all sorts of things it doesn't like (it flags words like "hello" because it contains a curse word) but which won't do shit to check if you're hoovering up credentials, browsing data, tracking users, etc.
If you're unlucky, at some point in the next 24 months you'll trigger a real review from Mozilla and get caught.
To be blunt - I have 15 years experience writing extensions. I don't like Google. If you think Mozilla is better you're wrong.
Hmm, I thought I understood until your comment here. It being about known trusted extensions makes no sense to me -- so I guess I'm not understanding the threat model at all.
If an extension is known and trusted, why does there need to be a Mozilla-controlled kill switch for it?
It's the reverse. The purpose of the feature is to put known trusted extensions on a whitelist for sensitive sites while blacklisting everything else.
In my case I'd put uBlock on my "yes I trust this extension" list and when I visit my banking website only that extension would be active.
It's also not "Mozilla-controlled". It's a feature that will, in the future, come with sensible defaults, just as uBlock does with their default blocklists, but in 116 the user will be able to more fully configure the feature. Meanwhile, in 115 the feature isn't active by default because the extension whitelist and domain list are empty.
We need to have ability to set the list of
quarantined domains remotely.
Which sounds pretty Mozilla-controlled to me. I hope that Mozilla will allow reasonable user control over all of this. I'm aware of their stated plans, but until we don't know what will be until they actually implement them.
How many dollars do you want to wager that they are building this feature with the intent to get sued so that they can be forced by the courts to turn it on for sites like youtube?
> How many dollars do you want to wager that they are building this feature with the intent to get sued so that they can be forced by the courts to turn it on for sites like youtube?
Good god, the conspiracy theories are next level with this one...
When I went looking into this feature I saw they're developing a negative permissions list for addons, so you can create exceptions for i.e ublock or dark reader or whatever for specific websites, disallowing them to access your data on that page.
What? No. I've never used incognito mode for that purpose. I still want my banking site to be able to, for example, drop persistent cookies (for example, to indicate I'm comfortable bypassing two factor on that device).
> ...for various reasons, including security concerns.
Security is just a red herring.
Who wins with this move? The cynic in me (who is usually annoyingly right) says Google. Mozilla loses even more trust from its users and Firefox now has a tool to disable ad blockers on websites of their biggest competitor^Wsponsor if they reach a suitable mutual agreement (read: G pays enough for it). Win-win for all the parties that have a say in this. Not users of course, but that's life.
Actually iff it's user-controlled I'd love such a feature. As sibling comment notes, it'd be nice to have zero extensions (or maybe just uBo) running on sensitive sites like a bank, but I'd actually be more interested in running certain extensions only on select sites; ex. there are extensions to force videos to play at arbitrary speeds that I like for video sites, but I want to only let those extensions run on a very short list of sites (youtube, netflix, w/e) and nowhere else.
Actually you can override it, but they made the process so convoluted and privacy breaking that I would guess not many people use it. So yes, effectively they blocked it.
> In a few versions maybe they take that away and you can't block ads ok YouTube because Google threatened them.
And since they already built the requisite system needed to fulfill Google's demand, they won't be able to claim it would be too much work to implement. They're setting themselves up to readily comply with the demand when it comes.
I am also inclined to believe this will be the case. This feature might be sold to sites that want to disable eg. ad blockers. I am a FF user, but the last decade is making me very concerned.
> I highly recommend you use a minimum amount of extensions anyway.
Given the number of extensions silently purchased by people seeking to spy and push malware, I've minimized the use of extensions that aren't vetted in advance by Mozilla/Firefox.
> Recommended extensions undergo full code review by staff security experts to provide a strong additional security check.
> I highly recommend you use a minimum amount of extensions anyway.
This why Brave has far surpassed Firefox at this point.
- Good privacy defaults
- Adblocking
- The iOS browser actually has ad-blocking (this alone is why I shy every layman away from Firefox, fuck Mozilla for specifically locking those users out in the cold)
- Choose your own blocklists
- Anti-fingerprinting
- Soon cookie auto-delete
- Soon port scan blocking
- WebRTC protection
- HTTPS upgrading (less relevant these days but hey)
- IPFS
- Tor
They also have a viable business model beyond “pay
me off, Google”. And that is not to mention how Mozilla has chosen to soak their entire culture in ultra-progressive nonsense instead of rooting it in tech.
Yes, Brave appending affiliate links was scummy (although not particularly harmful to their users). But that is quite some time ago now.
I was a Mozilla / Firefox stan for a very very very long time. I still love Thunderbird, especially the progress they’re making now. But Firefox (and to a lesser point Mozilla) has completely lost its way.
Let's not forget mozilla prioritized renaming master password to primary password before adding back in print to Firefox mobile, and it's still missing..5 years later...
That doesn't even make sense. Nobody says "primary password".
I keep forgetting Mozilla is a political action organization that occasionally distributes web browsers. Or at least that's how they envision themselves. Maybe if they focused more on the bug-fixing and the browser-making and less on trivial updates they wouldn't be at < 5% market share right now.
My best term to describe what is happening (and I've seen it in many other instances under completely different circumstances), is that the organization has been "captured". The stories and narrative in such organizations are then pervasive towards that property (or cause in this instance), at which point nothing else can happen and the people that don't subscribe to that narrative leave, making it worse.
This is hysteria. Mozilla's "political action" is minimal compared to their browser work. Pointing fingers at mostly nonexistent institutional wokeness as the reason for their low market share ignores the many true reasons (including network effects and consumer inertia with a "good enough" product that everyone already knows how to use).
Verticals tabs do have nesting via tan groups. They just introduced vertical tabs, so expect pretty quick improvements and iterating for the next few months.
Two things coming in the (near?) future:
- vertical tabs get a number or background color when collapsed, helping visual differentiation and memorization
- tab ‘+’ button moved to more convenient location
Bookmarks don’t have tags, and I haven’t heard much noise about planned improvement (or users needing improvement) there.
At this point I'm up to maybe 15-20 about:config + user.js changes to make FF work properly for me. Unfortunately I use FF on multiple computers, is there a good way to keep everything in sync? Not sure how well something like a git repo would work.
Edit to clarify, not my GP but maybe similar experience.
All the fixups, for five:
browser.fixup.alternate.* (multiple)
browser.fixup.dns_first_for_single_words
browser.fixup.fallback-to-https
(If I type something in the url bar I damn well mean it! It'd be fine if it tried others, but it tries them and then stays on them, meaning I have to retype urls to get it to load the actual thing I want.)
There's a few others that I don't _need_ but do use that I'm not including here.
System-provided custom CAs, for another, and removing the CAs I don't trust and am not likely to be impacted by removing. I don't need or want trust in a Turkish CA, for example. Cert stuff in particular gets worse every year, and here's another specific example of that:
security.certerrors.permanentOverride.
Enough said, I hope. At least they give me the option to make it temporary again.
There are more, but I hope this is enough to show that they exist. These are the most egregious, for me - if they were removed I would stop using the web entirely the same way I've stopped using my cell phone for everything except work.
That.. is upsetting. Mozilla seems to be determined to ensure that the user base it does have left leave it. I am glad it can be toggled off, but why exactly is there to begin with is the real question.
The ability to prevent an extension from accessing specific sites is an improvement as long as the user can control it and it is not used for centralized access control.
The reason this feature is there is that many extensions play poorly with or should not have access at all to specific sites. For example, Grammarly has no business accessing a corporate billing system and IT might want to disable access. In other cases an extension slows a site massively and a user might want to say, "not that site" to an extension. This could be the start of a big end-user improvement, especially if it can be managed by users and installers.
If that was the case, the feature should have been moved to site settings and labelled "Disable extensions on this site" or even better "Allow only specific extensions to run on this site".
> The best faith interpretation I can come up with, is in fact for security purposes. It creates restrictions on (at least from Mozilla’s perspective) untrusted extensions. I mean how many extensions are there that do act maliciously? It probably isn’t trivial.
My best interpretation of that is it allows organizations to more easily allow some extensions while disallowing others.
Firefox is lagging behind on enterprise configuration options. Adding in additional features that allow sysadmins to deploy policies that can further control Firefox like Chrome and Edge could be potentially behind why this is happening.
This is of course, complete speculation and if it was for enterprise management reasons, Mozilla should have clearly communicated it.
my worry is that by firefox 225 that option will be gone, or will require modifying some text file in your profile.
I say this because I already have had to modify a text file in my profile to get firefox to do what I want (tree style tabs without dupe tab-bar on top).
also, by "firefox 225" I wonder how easy it will be to arbitrarily modify a 'protected' app/system text file (this is already difficult on smartphones)
This is conspiratorial in nature. Firefox has run ads against all users before but why would they specifically do what you suggest when uBlock Origin is shown in the linked article to be a trusted application that this domain quarantine list would not apply to?
> This isn’t just their extension, if I am reading this correctly it is any extension(that hasn’t been vetted by Mozilla) is capable of being blocked from running due to this this new quarantined domain list that Firefox 115 has.
What domains are in this "new quarantined domain list"?
> However this feature can be disabled, or otherwise overridden at this time by the end user when following the documentation[0].
Nefarious features 'enabled by default' is the standard of Firefox. What else have they switched on behind the user's back then?
> I highly recommend you use a minimum amount of extensions anyway. The OP’s extension is a good one from what I can tell but I really only use uBlock Origin, Bitwarden, and tab containers at this point. I guess whenever I use Gnome I end up having to use their extension too which is frustrating but a different story.
You might as well use Brave Browser at this point.
If an extension has been installed on my machine it is by definition trusted. Firefox is not my antivirus solution and it should not try to be. Keep your lane.
Yeah, the site-specific blocking seems... mostly dubious, possibly decent as a "this is a banking website - extensions are disabled by default, but you can click to enable them" thing. Right now it looks much more dubious than anything though.
But even in the very best case, it's yet another custom "premium support" feature either way, like the Public Suffix List. They should push for standards instead, these kinds of things are always leaky and sometimes dangerous.
Anyway. I just meant that extensions are not trustworthy just because they're installed. Malicious vectors exist, and protecting people from themselves / them understandably not being an up-to-date expert in all things tech by the millions-to-billions is largely a good thing.
As far as the browser should be concerned, yes it is trusted.
It's up to another layer of security to help the user not install extensions (or any other software) that they do not want on their machine.
This security is a farce anyway. Firefox is installed in the user profile so any sufficiently advanced malware can just patch the firefox binary and embed itself in there or disable this nonsense. The extension shenanigans is just done to take away user control, with the excuse being to protect users from malware.
> My own extension StopTheMadness stops web sites from disabling your browser's built-in paste and autofill features, a kind of madness commonly implemented by sites that have a misguided, ignorant notion about what makes a login form "secure"
Now, this is an extension I didn't know I needed. I'm baffled that there are some things without which the web is unusable for me. Looking at my extension list, on Firefox I have:
- ClearURLs
- Clickbait remover for YouTube
- Cookie Autodelete
- Firefox Multi-account container
- I don't care about cookies (not updated since bought by Avast)
- Privacy badger
- Tampermonkey
- Tridactyl
- uBlock Origin
I feel like I'm pretty conservative with the add-ons that I install, yet I can't comfortably browse the web if I'm missing one of them. When did everything go so wrong?
Yes, the web is hostile. It's frankly incredible we're still allowed the power to control our user agents like we do. If the web was built today it would be a locked down nightmare controlled 100% by corporate interests.
Wasm seems to have the power to make that nightmare a reality, but if they can just force you to use native apps, then maybe they don't want wasm. The web itself is what they are looking to kill.
> Here's the non-enshittified version of "I don't care about cookies":
The best way to deal with that crap is to use uBlock Origin's cosmetic filters to simply remove those prompts from the page. No extra extension needed, and you don't need to opt-in or opt-out. Remove the prompt and ignore it.
The banner is malicious compliance to exhaust and trick people into giving the same tracking privileges the companies previously assumed they had. Sites are welcome to not have the obtrusive cookie banner if they behave themselves with only relevant cookies.
Malicious compliance is the perfect way to describe websites' behavior. Sites have many ways to deal with regulations, but they choose: Punish the user with terrible UX, while crying 'look at what they made me do!'
These banners are on plenty of smaller sites. Seems the law is unclear, so they have to cover their butts. Doesn't help that many top search results for "do I need a cookie popup" say an unqualified "yes."
A fair point, but the government regulation was a response to corporate abuses. There's a discussion to be had about the efficacy of this particular regulation, but zero regulation and letting corporations run free is not a better solution.
In an ideal world governments are accountable to a well-educated populace and enact the will of the people to rein in the excesses of the greedy and powerful. Of course that is not how it currently works, but that is the ideal to strive for.
It's a point I disagree with, but it's a fair question to ask. I chose to engage with the statement in good faith and assumed the person just hadn't connected the dots fully. People are more likely to be receptive to changing their views if you first acknowledge where they currently stand.
Karl Marx showed 150 years ago that a state under capitalism is a capitalist state and therefore predominated by the interests of capital itself, an observation that has never been refuted.
Look at github.com. There is no banner. Why? They don't have any tracking cookies and only use cookies for essential functionalities, and as a result they don't need to ask for consent. That's how websites should work.
Holy koolaid. The annoyance of gdpr consent popups are the result of data collection and malicious compliance, not the regulation that says don't collect data.
How come I live under those same regulations yet don't have any such annoying popups on my sites? I thought they were cause by that regulation?
Thos awful regulations don't go far enough. GDPR is 1% of the step in the right direction. Any pain is like the first initial pain from poking at a boil. The sane reaction is to lance that fucker with extreme prejudice not friggn back off and let it continue slowly eating you alive.
I think the point of these is that GDPR requires an affirmative action, i.e., there is no need to decline, so just get the shitty overlays out of the way.
Consent-O-Matic submits those forms on your behalf. I don't want that. I'd rather not participate at all.
It's kind of upsetting finding out about stuff like this, that you don't know it could exist.
Adblock is interesting because for adblock to work, you need some engineer hours working to find a good filter to delete ads on websites that don't have active countermeasures, and potentially in websites all over the world in languages as well (I'm bilingual, and I see that ublock origin still works in non-english websites).
Now if you throw in websites with active adblock countermeasures, it seems the proposition that a free, mostly self-governed extension all has that figured out just seems impossible, but it seems to work quite well (albeit with a few notable blocking failures, especially at Facebook which has extremely aggressive anti-adblock features)
Wow, I had ClearURLs installed forever ago and I just totally forgot about it.
I often have to manually delete tracking elements that make my URLs long and nasty, but I just realized that only happens when I copy a link that I haven't visited yet. ClearURL has been on my back this whole time!
The caveat of this is, this don't workaround sites that just declares text unselectable.
The css property 'user-select' exists to allow developer stop user from select something like button text by accident. But end up abused so heavily. And you can neither disable all of them because you don't know if they use it in good faith.
The article is right that we've not seen any communication about Mozilla as to how they intend to use this, so we can only speculate about why they might want the feature.
My own speculation is that this is them warding against extension-takeovers, where people sell off their semi-successful extension to some company which then fills it up with spyware. If Mozilla fills up their quarantine list with domains that're easy targets for stealing valuable information (banks, etc), that'd reduce the incentive to do such takeovers.
> My own speculation is that this is them warding against extension-takeovers
I don't buy that. If they learn that an extension has been taken over, then they can just block the extension.
Also, why the domain list? If some extension has started cryptomining, why will Mozilla protect me only when I visit selected domains? And why the tight lips?
> If they learn that an extension has been taken over, then they can just block the extension.
The goal would be to stop compromised extensions from being able to hit high value targets even before anyone has realized they're compromised. They won't get that valuable window in which the malicious update has gone out, but nobody has realized that it was malicious.
> If some extension has started cryptomining, why will Mozilla protect me only when I visit selected domains?
Because they're not protecting against cryptomining, they're protecting against data theft, which is naturally going to focus on certain high-value domains.
But if they know there was a malicious update, being distributed through infrastructure they control, why not immediately block it altogether? (The notion that they have an explicit list of every, say, bank, stockbroker, crypto exchange, etc., so they could disable it for only those is... awfully suspect.)
Because this would block it from hitting some high-value sites before they know there was a malicious update. I would imagine that once they know about it it'd also get added to the blocked-extensions list.
Per the article, quarantined sites will only allow "monitored" extensions to run.
I presume that this means extensions for which they actually do verify that updates are non-malicious, which probably includes most of the popular extensions. Hard to say exactly which -- uBlock was called out as being one in the article, but there's nothing on its addon page[1] specifically flagging it as being on that list.
Alternative headline: "Mozilla enables a global extension enablement policy for greater security"
Your solution is reactive. If I install a useful extension but want to ensure it can't access internal or sensitive websites (least privilege, basic cybersecurity) why would I want to wait until Mozilla disables the extension, after it is discovered to be malicious?
This seems to provide a user-controllable override of an extension's settings to enhance security, and I'm here for it.
Power given to the well-intentioned will get used by their successors.
I haven't tried servo since right after the transition to the Linux foundation. It seemed good for most of my browsing already, but with a bad ui. I looked for any good tickets for new contributors but all I found was something about xml parsing that I am unqualified for, plus I hate xml. If we could throw out weight behind it I think it could be an alternative for everything that shouldn't be a web app or native app.
I'm inclined to reserve judgement until we see the user-facing UI for this (which is apparently coming in 116, per other comments). It seems like a reasonable feature, so long as there's sufficiently accessible ways to override it.
Wouldn't a better way to deal with extension takeovers B to just turn off the extension instead of blocking the extension from certain websites? Especially since, as the author points out, any such quarantine list of domains is of necessity going to be incomplete?
It blocks *all* (non-monitored) extensions from running on *some* websites. What it should do is block *specific* extensions from running on *all* sites. The security justification doesn't align with what they actually did.
They already have (separate) capability to force uninstall specific extensions, so there isn't much point to blocking specific extensions from all sites.
My charitable guess for this one is block things like Honey (which essentially slurps your browsing history in return for affiliate discounts) from things like banking websites. But I'll disable it for now and see what the UI is later.
I think the idea would be that it's easier to list common targets than to play after-the-fact whack-a-mole with malicious extensions. The former makes it less lucrative to sneak your malicious code into an extension, because you don't get that window of being able to harvest data before it's noticed.
It’s quite possible that a malicious takeover is only diagnosed after the fact. Updates might appear innocuous at first but later be incredibly user-hostile.
I'm not familiar with extension development or their capabilities, but perhaps the extension author can remotely activate the malicious parts after it passes the update process and perhaps Mozilla doesn't have the manpower to manually review the code of every extension update?
I think that's the difference between "monitored" and "unmonitored" extensions, as called out in the article. Monitored extensions are presumably ones where they actually verify the updates, and so they think it's fine to let them run on sensitive sites.
Why do you say easily? Software is an endless parade of creative exploits both intentional and accidental, it's never seemed like an easy problem to solve.
More likely this is preparation for them to comply with DMCA takedowns against uBlock Origin, by blacklisting it on those websites while placating users by not removing it entirely (as they did in this case: https://www.ghacks.net/2023/04/20/mozilla-removes-bypass-pay... )
That's just configuration, easy to change. And if they change that configuration in response to a lawsuit, Mozilla can play the victim and say their hand was forced.
If they had to ban uBlock Origin outright that would probably kill Firefox's (already abysmal) install base. Neither Mozilla nor Google wants that; they want Firefox to remain as an obscure but technically viable competitor. What they're doing now is laying the groundwork for banning uBlock Origin on only some websites while allowing it to continue working on most. This let's Google have their cake and eat it too; Firefox surviving as nominal competition to Chrome but no longer blocking ads on Youtube.
Basically it's intended to be a user defined middle ground between allowing permissions everywhere vs the developer hand curating a list of allowed sites.
If the true purpose of this was to give organizations (or individual users) the ability to control specific websites that extensions couldn't run on for security/sensitivity reasons, then why is it only a subset of extensions that Mozilla determines?
A true user-defined restrict list could, in theory, be a useful feature but as I said, this feature is NOT "here's a list of websites, don't allow ANY extensions to run on it" it is instead "Mozilla is supplying a list of websites, which you can override, but in both cases Mozilla will determine which 'trusted' addons can run on those specific websites using rules/procedures only Mozilla knows and controls."
Claiming this is meant to be org/user controllable is very inaccurate. Just because there's some about:config stuff doesn't mean a Mozilla website list and a Mozilla "trusted" addon list are anywhere close to "intended to be user defined." In fact the evidence shows that is objectively not true.
There's some confusion here that needs to be dispelled.
First, there's two categories of add-ons:
- add-ons that get audited by Mozilla
- add-ons that do not
The ones they audit enjoy Mozillas endorsement in the app store, and an exemption from the quarantined sites setting.
The quarantined sites setting only differentiates between the two categories. The audited apps are known to be non malicious, so they are exempt from the quarantined sites setting. The other add-ons are unknowns, and this sets a default access level.
The ability to granularly opt extensions in/out is being worked on, and will likely ship with 116, per the comment I linked:
As commented, 116 will have a UI to allow the user to better control this.
As I understand it, this just a safetly precaution. They will likely default opt out unmonitored extensions from certain high value sites (banks, email, etc) and allow users to explicitly opt back in. This, to me, seems perfectly reasonable
Oh no, I love it when developers ship features that'll be perfectly reasonable in the next release, and people defend that as if it's some kind of catch 22 versus what they actually shipped. What I said describes accurately the actual thing they shipped. A remote kill switch that's nearly completely opaque to the user. That's what shipped today.
If you want Mozilla to get a free pass, that's your business. To me, what they shipped matters and said about it matters too. It says a lot about Mozilla that they seemingly didn't see how this would look optically, or perhaps simply don't care.
And no, "Chrome is worse" is not a good answer. I don't want good to be the enemy of great, but I'm not making excuses for enshittification either.
Mozilla ran out of good will for me after they used Firefox Studies to promote some Netflix thing, although at this point "whatever Mozilla is doing to torch user trust" has become a forgettable quarterly event, so I honestly can't remember many of the other things they've done that have agitated me. As it is, I have to use Fennec F-Droid on Android to have any hope at a decent browsing experience, and even then installing add-ons that aren't allowed by Mozilla is a Kafkaesque nightmare, instead of being a prompt I can bypass, even in this fork with about:config enabled, unlike the upstream Firefox for Android where they have about:config disabled and I'm not even sure if you can install extensions outside the select few Mozilla enables.
It really makes me sad every time Mozilla pulls stuff like this in Firefox. Firefox is basically the last usable mainstream browser outside of Google's indirect dominion via Chromium, and one of the few somewhat privacy respecting ones as well. I'm glad I project like LibreWolf exists to undo and rip out all of the stuff like this so that I can have a truly private and secure browser that isn't based on chromium instead of having to switch to Brave or something, because as much as I value my privacy and security I also value not giving in to Google's browser monopoly.
Is it FLOSS? Also, I don't really like Apple's software (or hardware), and I'd prefer a browser that was outside of all those large ecosystems/walled gardens. Safari probably is a cut above most though, AppleApple's relationship to privacy is... complicated.
There's an entire universe of useful and well-designed software that isn't FLOSS. Being free or open source isn't the be-all and end-all for most people.
Only requiring developers to sign their extensions so that they can run on firefox wasn't enough – as mozilla had already done back in 2015 or so. No, no, no, in the name of safety we need to make sure your extension doesn't run on forbidden sites.
if you have access to their project tracking, it's under WEBEXT-1351 (would love if someone can post the entire reasoning for the feature here, as their conversations are now behind login which i didn't bother to secure)
The code for what the user can see/allow per-domain https://hg.mozilla.org/mozilla-central/rev/4399291987d9 (not released as far as i can tell) you can see the file locally via `resource://gre/modules/ExtensionPermissions.sys.mjs` in your address bar.
this is already how it works on Firefox for android, with NO USER WHITELIST OPTION... the only workaround on android is to add another hidden setting that points to a user-defined collection in addons.mozilla.org, which will be the allowed extension list instead of mozilla's.
edit; HOLY SHIT!!! just updated firefox for android, and they removed access to about:config there in the last version! (ps: they had already removed since 2020 for "regular lowly users" who do not install experimental version, their words. Now it is also removed from f-droid stable build since last version. I didn't see it mentioned on the release notes, so they either strong armed the maintainer or slipped changes past them)
I noticed this on Android a while ago, and bailed on FF. Their trajectory feels so anti-user, I was like "welp, figure out how to live in a chromium world where I know I'm under constant attack"
The article isn't clearly stated on this point, but at the current time to block this new behaviour, in about:config create a new boolean named "extensions.quarantinedDomains.enabled" and set the value to false.
It's a shame, because I can see where this will lead to beyond the obvious of just extensions today. The domains list will be tied to country codes. So it will become a situation where "if country X then block politically objectionable domain Y!" where Y can be a site that criticizes the ruling party or the usual crew of copyright carpetbaggers wanting various sites blocked from the browser end, etc. And it will actually cover a lot of scope, you already see some of this beginning where they have started blocking some US states from viewing pornography, but with this method, you can block an entire country from all porn domains at once just by making the browser refer to a master blacklist.
On the bright side, Firefox may be able to soon access the lucrative North Korean market since all domains will be blocked.
Interestingly the France government, as well as Porn Hub, both asked for such a a sythem you are describing. Even more interesting is that Mozilla, a few days ago, made a post criticizing this, but it seems that behind the scenes they are pretty much putting all the infrastructure needed for this to be implement pretty soon if they need.
Is there a list of all the things for which Firefox now "phones home"? "Sync", "Pocket", Firefox updates, extension updates, the bad site blocklist,
and this. What else?
I can see the need to deactivate some extensions on certain websites. For me that's mostly a "make the site work" workaround than a security feature but anyway.
I can recommend using different browser profiles for specific setups (e.g. banking). Linux Mint has the Web Apps feature (https://www.makeuseof.com/how-to-create-a-web-app-in-linux-m...) that lets you configure different browser profiles and as a bonus it turns the web site into a desktop app.
The downside of it is that each browser profile needs its own config, i.e. you have a lot of repeated overhead and you need to reinstall extensions into every profile. But on the flipside I can control which extensions I want to have in there.
What I really want is extension integration with container tabs, so that I can partition the extensions myself. For example, I probably want my banking container to have no extensions, but my news container to have all of the ad-blockers, link cleaners, etc.
Not a perfect solution to this scenario, but I have used multiple Firefox profiles in the past this way. The profiles are isolated at the file-system level, so extensions remain separate. So you could have a 'hardened' profile will all the blocking/cleaning extensions, and a 'trusted' profile with no extensions. Profile isolation also covers configuration, so you could even tweak those independently.
I've experimented with that from time to time, but it hasn't stuck. The problem is when I click through. Container tabs handles that, but I would have to be extremely vigilant to prevent sites from loading outside of the hardened profile.
We've almost come full circle with browser extensions, from being rare or non-existent to the zenith of popularity and power in the pre-Quantum Firefox days to now back to being increasingly whitelisted and sandboxed into unpopularity.
I don't think this is new, is it? For at least the last couple of years (maybe longer, that's just how long I've used Firefox on Windows) some sites are hardcoded not to allow extensions to run on them. As an example, add-ons don't run on addons.mozilla.org for security purposes. Is there any reason to think this is a conspiracy about ad blockers? I haven't seen anything that indicates this isn't the same as the addons.mozilla.org situation.
How can you say it's not new when it's literally in the release notes for yesterday's Firefox update?
> For at least the last couple of years (maybe longer, that's just how long I've used Firefox on Windows) some sites are hardcoded not to allow extensions to run on them.
Yes, the setting extensions.webextensions.restrictedDomains is old, and it applies to every extension, including uBlock Origin. The domains are all Mozilla. Here's the complete list:
Once more I an happy to use the ESR version of Firefox where stuff like this tends to only land much later. Add on top of that the Debian patches and default settings and it's a fine user-agent again :-)
Edit: oops, looks like 115 is the next ESR version, does that mean it gets this "feature" but for a long time will not get proper UI go control it? :-(
my first thought: they'll collect money from sites to disable adblockers and other ext. I gave up on Mozilla 5 or so years ago because they ARE sneaky about being corporate sellouts and anti privacy. At least the browsers i use now don't PRETEND to be privacy focused.
Put on a tinfoil hat, the Google search contract is up for renewal this year, and YouTube is getting serious about ad blockers. I could see YT domains sliding into this list over time after a new search agreement is reached.
It's impressive how well Firefox does at making it hard to justify using Firefox. Can't wait until 116 release to see what other feature they removed or anti pattern they decided should be opted into by default for "confidential reasons"
I'm surprised no one mentioned vivaldi browser as alternative https://vivaldi.com/ , I've been testing it for a few months now and I'm quite pleased with it, still need to adapt my habits to control navigation on it (heavy user of Firefox here..), but overall I think it's an interesting alternative.
what the heck is this person crying about. the amount of attention & level of seriousness raised is totally not justified..... after reading the changes, they're fine. ok you're /indie/ extension is safe (or so you claim), but so many out there are extremely dangerous. let mozilla cook
As if we needed yet another reminder Firefox doesn't respect its users' extension choices, after their crippling of Firefox Mobile and the earlier expired certificate debacle.
why is this downvoted? They literaly don't care about their users at all, in any sense. Major features that chrome has for years are ignored in now decades long bug reports while they continue to add google telemetry and waste all the money google gives them on VPNs, pocket and now AI. Is there any other open source project that does this? They are a project, not a comapny. They don't need to pay millions of dollars to a CEO so they can catch the AI train they just need to be a web browser.
I used to use violentmonkey to fix websites that I don't like for various reasons. After they rewrote firefox mobile they tried to and mostly succeeded in getting rid of extensions, which IIRC they claimed they didn't know people cared so much about. Now you need a firefox account and firefox nightly (with even more telemetry) to use perfectly working extensions which aren't included in their whitelist. In what way does this show respecting its users' extension choices?
> why is this downvoted? They literaly don't care about their users at all, in any sense.
Because comments like this add nothing to the discourse. They're angry opinions that serve only to attract controversy. I'd call it flamebait except I do think the comments are made in good faith, even if they aren't constructive or particularly interesting.
Multiple Firefox developers have commented in posts about Firefox. They read HN. I remind them that their choices are still causing grief to their users, at least as long as Firefox has any users left.
Mozilla does do a lot of underhanded or anti-user things, including the boatloads of telemetry some of which goes through Google Analytics. However, Mozilla is still a lot better than Google, and Firefox is leaps and bounds better than Chrome in terms of privacy, even given all of the problematic things Mozilla has done, even if the fact that there's a big controversy every time Firefox does something bad while everyone just expects Chrome to do bad things and so doesn't talk about it gives the impression that Firefox is worse. I think that's actually the reason why there's a big outcry every time Mozilla does something like this — Mozilla Firefox is kind of one of the last browsers to be relatively respecting of people's privacy and definitely one of the last ones outside of Google's Chromium dominion, so it means a lot more when they do bad things.
That from company that force-installed addons for marketing purposes... and you wonder why people are careful around another "genius" idea from Mozilla.
However this feature can be disabled, or otherwise overridden at this time by the end user when following the documentation[0].
I can understand the concern here, but this change is being communicated, can be user managed, and the best faith interpretation I can come up with, is in fact for security purposes. It creates restrictions on (at least from Mozilla’s perspective) untrusted extensions. I mean how many extensions are there that do act maliciously? It probably isn’t trivial.
I highly recommend you use a minimum amount of extensions anyway. The OP’s extension is a good one from what I can tell but I really only use uBlock Origin, Bitwarden, and tab containers at this point. I guess whenever I use Gnome I end up having to use their extension too which is frustrating but a different story.
Will have to pay attention to this feature. Thanks for sharing the link.
[0]: https://support.mozilla.org/en-US/kb/quarantined-domains