Firefox 59 Will Stop Websites Snooping on Where You've Just Been

Firefox 59 will reduce how much information websites pass on about visitors in an attempt to improve privacy for users of its private browsing mode. From a report: When you click a link in your browser to navigate to a new site, the site you go on to visit receives the address of the site you came from, via the so-called "referrer value." While this helps websites understand where visitors are coming from, it can also leak data about the individual browsing, because it tells the site the exact page you were looking at when you clicked the link, said Mozilla. Browsers also send a referrer value when requesting other details like ads, or other social media snippets integrated in a modern website, which means these embedded content features also know exactly what page you're visiting.

Re:Change doesn't stop snooping of where you've be

[Kjella]

Meh, in private browsing mode they really should kill the referrer from any top level page. If it's an <img>, <iframe> or <video> tag it's cool... but if I go from foo.com to bar.com via an <a href> it shouldn't secretly tell bar.com I came from foo.com. Transparency in what information you're exposing is essential to security and most people aren't aware it's happening.

Re: Finally

I'm glad they haven't. There's very little real use for it, and those messed-up comments give useful information for judging clueless commenters.

Firefox's other privacy problems need to be fixed.

Unlike many people, I've actually read Firefox's privacy policy.

It turns out that Firefox's privacy policy is quite disturbing, especially when considering how often we're told that Firefox supposedly "cares" about our privacy.

The Firefox privacy policy dated September 28, 2017 makes it clear that Firefox user data can be collected by Firefox and can be sent to various third parties, including Google, some "Adjust" company, some "Leanplum" company, and SalesForce.

For example, there are very worrying sections like (emphasis has been added):

Webpage and technical data to Google’s SafeBrowsing service: To help protect you from malicious downloads, Firefox sends basic information about unrecognized downloads to Google's SafeBrowsing Service, including the filename and the URL it was downloaded from.

and:

Location data to Google's geolocation service: Firefox always asks before determining and sharing your location with a requesting website (for example, if a map website needs your location to provide directions). To determine location, Firefox may use your operating system’s geolocation features, Wi-fi networks, cell phone towers, or IP address, and may send this data to Google's geolocation service, which has its own privacy policy.

and:

On iOS and Android: Firefox by default sends mobile campaign data to Adjust, our analytics vendor, which has its own privacy policy. Mobile campaign data includes a Google advertising ID, IP address, timestamp, country, language/locale, operating system, and app version.

and:

On iOS and Android: Firefox by default sends data about what features you use in Firefox to Leanplum, our mobile marketing vendor, which has its own privacy policy.

and:

Your email address is sent to our email vendor, SalesForce Marketing Cloud, which has its own privacy policy.

Some people will foolishly claim that privacy violations like these are "acceptable" because they can supposedly be "disabled".

No, they're not acceptable at all!

Intrusive data collection/transmission like this shouldn't have to be disabled; the code implementing this data collection and transmission shouldn't even exist in the first place! There should be nothing to disable because Firefox should not be able to collect this data, and it should not be able to transmit it anywhere.

Reading Firefox's privacy policy has made me very distrustful of Firefox and Mozilla, and especially of the people who wrongly claim that Firefox somehow "respects its users' privacy".