Naked Security Naked Security

Firefox makes it easier for users to dodge ad-trackers

Firefox has introduced a new set of controls to make it easier for privacy-conscious users to protect themselves from online ad trackers.

Firefox has introduced a new set of controls to make it easier for users to protect themselves from online ad trackers.

The browser’s redesigned Content Blocking section makes it easier for users to switch off cross-site trackers. These are mechanisms that advertisers and data brokers use to track your activity across different websites, giving them a clearer picture of what you’re doing online so that they can target you with marketing messages more accurately.

Firefox has gradually introduced more anti-tracking protections for its users over the years. In 2015, it began blocking trackers by default in its private browsing mode, later expanding that to include optional tracking protection in non-private browsing mode in November 2017.

To block both trackers, Mozilla works with Disconnect, a company that makes free and premium anti-tracking tools. It creates a list of known trackers to help protect its users, and Mozilla uses that information to spot and block trackers.

In October 2018, Mozilla began enabling users to optionally block cross-site ad-tracking cookies alongside traditional trackers. A Mozilla spokesperson explained the difference to Naked Security:

Cookie blocking prevents domains on the list from using cookies and other browser storage when they are loaded as third parties. Tracker blocking blocks the loading of all content from domains on the Disconnect list.

The revamped interface is the latest step in a longer-term effort to enhance user privacy called Enhanced Tracking Protection. The Mozilla spokesperson said:

Enhanced Tracking Protection is a suite of protections encompassing both the traditional tracker blocking introduced in Firefox 42 and the cookie blocking feature introduced in Firefox 63. Both tracker blocking and cookie blocking have made use of the Disconnect list since they were introduced.

Mozilla’s latest measures get it further along the path to a long-term goal of blocking third-party trackers by default, but it has to walk a delicate line. Blocking trackers too aggressively can break the functionality in certain websites.

To help users decide for themselves what to block, Mozilla has revamped the tracking options in Firefox 65 to make them easier to configure. Selecting content blocking options from the ⓘ in the address bar brings up three broad tracking options.

Standard mode is the current default, which blocks known trackers in private browsing mode and doesn’t block third-party tracking cookies at all. Strict mode blocks known trackers in non-private browsing mode too.

Finally, there’s a custom mode that lets users set their own anti-tracking options, selecting either basic or strict Disconnect lists. The basic list, selected by default, blocks common trackers used for analytics, social sharing, and advertising. The strict list blocks all known trackers including content trackers, and is more likely to break websites.

In future, Mozilla hopes to turn on third-party tracker blocking by default in Standard mode, it said.

While Firefox’s policy blocks the use of cookies for cross-site tracking, it isn’t yet blocking some other techniques. Parameter-based tracking attaches a unique identifier to the end of a web address to track user activity. Supercookies store data persistently so that they survive standard browser cookie resets. Browser fingerprinting identifies a user by their browser properties. Nevertheless, all of these are in its sights. It said:

While this type of tracking is not currently blocked in Firefox, we may apply additional restrictions to the third parties engaged in this type of tracking in future.

Firefox will also allow some tracking techniques designed to protect users, such as those that help to authenticate clients during the login process, or those that help to filter out bots.

Leave a Reply

Your email address will not be published. Required fields are marked *