Slashdot Mirror
Mozilla Launches Facebook Container Add-on To Isolate Your Web Browsing Activity From Facebook (venturebeat.com)
Paul Sawers, writing for VentureBeat: On Tuesday, Mozilla announced a new tool it said will help keep Facebook from tracking your browsing across the web. The Facebook Container add-on for Firefox promises to make it "much harder" for Facebook to track you when you're not on its site. Mozilla has been working on the technology for several years already, accelerating its development in response to what it called a "growing demand for tools that help manage privacy and security," according to a statement issued by Mozilla today.
Most people are probably aware that data they directly give to Facebook -- such as "liking" a Page or updating their relationship status -- may be sold to advertisers. But fewer people know that Facebook can also track their activities on other websites that have integrated with aspects of Facebook's tracking technology, such as the pervasive "Like" button. And it's in this scenario that Mozilla is now hoping to play the good guy.
Most people are probably aware that data they directly give to Facebook -- such as "liking" a Page or updating their relationship status -- may be sold to advertisers. But fewer people know that Facebook can also track their activities on other websites that have integrated with aspects of Facebook's tracking technology, such as the pervasive "Like" button. And it's in this scenario that Mozilla is now hoping to play the good guy.
Comment.
But you still sniff my DNS traffic in the nightly releases right? Christ, whos running mozilla these days... https://www.theregister.co.uk/...
Good people go to bed earlier.
This isn't new coming from Facebook. This has happened many times before. Why is everyone scrambling to try and fix something that can't be fixed.
FB should just close up shop if they are thinking of doing anything moral or ethical (Which they are not. Dollar Dollar bills yall.)
The millennial that doesn't like most of the stuff designed for millennials.
When a website can track you, it's no longer a website. I call that malware. Why did we let this happen again?
It's browser tracking. My enemy is running on my box.
Not long ago, Javascript was optional. There was an easy option to disable it, meaning the web "programmers" out there had to cope with the fact that some fraction of their wares^H^H^H^H users out there were "no Javascript".
Browser vendors have been hiding, then removing such options, on the pretext that users are too stupid to flip that switch at will.
I can understand the likes of Google, Apple and their ilk "nudging" users into being a more docile crop, but Mozilla? I'm deeply disappointed. Seems their perception bias can only envision a "brave new world" where the user is the slave of apps. Thank you NOT!
And yes, Mozilla: I'm really angry at you *because I do care about you*
Instead of picking on Facebook specifically, you could have a setting that refuses to load any off-site data, unless it's on a whitelist. Then make it the default. Problem solved.
The new Waterfox was released yesterday. Use it and stay in the world of powerful XUL extensions. Pale Moon and Basilisk as well.
Forget one little domain like facebook which can easily be blocked, what about the biggest data collector and serial tracker Google which is almost impossible to block?!
This isn't new coming from Facebook. This has happened many times before. Why is everyone scrambling to try and fix something that can't be fixed.
Sure it can. We can collectively make Facebook irrelevant/unprofitable. Ask MySpace what that looks like. Facebook will be a tough out but they aren't invincible. Facebook seems determined to explore where the line for "too far" actually lies. For me it is way behind them. Others have different opinions but everyone has a limit. Sure this new revelation isn't exactly shocking to many of us but to many people it is actually surprising. Don't overestimate how much attention people pay to corporate shenanigans.
I understand that Disconnect does this, but not just for Facebook. I had "Block third-party cookies" enable in my Chrome and draw.io thought I had Disconnect installed and gave me instructions on how to whitelist them so I can use Google Drive.
"Everybody's naked underneath" -- The Doctor
I keep things separate by having many user accounts on my PC, using a last name:
smith -- used for most websites that don't need logon info
smith_g -- for google
smith_fb -- for facebook
smith_b -- banking
smith_nf -- netflix
smith_s -- secure login (clear brower cache before each use)
smith_o -- outlook
smith_y -- yahoo
smith_e -- other email accounts
The problem is tracking people by logins, to GMail, Facebook, ISP portals, whatever.
What's needed is a general solution that lets me stay logged in (to any site that's not stuck in the retarded 90s with login timeouts and "use our mobile app just to stay logged in" nonsense), but reduces the power of cookies irrevocably and understandably, across the board, not with some manually-maintained whitelist pushed down by a central party that can sell off corruptions to the whitelist as a revenue model like AdBlock. The "3rd party cookie" thing didn't cut it, either, just broke stuff without any security gain. "Profiles" in Chrome sort of do that. I can have a separate profile for Facebook. but they are cumbersome and not really intended for this. It should be automatic.
As a side-benefit it will make XSS less exploitable.
This is something they should have done about 8-10 years ago. FB has more than enough dirt.
Some services collect your information from Facebook, thereby giving Facebook a starting profile of you even if you have everything related to Facebook blocked and never had an account.
why is google impossible to block?
"New" Waterfox is still 100% dependent on FF ESR, which still supports XUL.
The real test will come when ESR update amputates XUL from ESR later this year. I have no idea how they are planning on keeping XUL support after Mozilla stops support for it in ESR. It's one thing to just copy/paste relevant updates with minimal tweaks. It's a whole different beast to actually have to find the bugs and fix them yourself.
It's not sold to advertisers... Facebook is an advertiser. Don't allow this bullshit "Facebook only helps the advertisers" meme stand. Make Facebook own their shit.
Also, they're never going to sell data on you, cause renting it is far more profitable.
Your ad here. Ask me how!
This is perfect. Although I don't use FB at all (it's so toxic that I block all of their domains and networks at the firewall) ... there are other sites that I'd like to be able to run "in a sandbox". Yes, I can open a Private Browsing window (or Incognito in chrome's parlance) but it's definitely time to have browser sandboxes that can isolate sites from each other. The trackers have become too powerful and we all need to start resisting them.
Tired of FB/Google censorship? Visit UNCENSORED!
It's amazing how much effort people put into making a broken service usable. Just stop using Facebook.
As for other web sites, just use the browser's privacy mode. It's a minor inconvenience since you lose your browser history, but it isn't worth it. If that really matters, just clear your cookies every day. Years ago, clearing your cookies every time you closed the browser, or every 24 hours, was an option in Firefox. It meant web sites worked but you had to login once a day. Seemed like a good compromise, so it is a shame they removed it.
Because nearly ALL of Mozilla's revenue comes from Google default search contracts.
One of the biggest things Mozilla could possibly do for its user base would be to renegotiate the contract with Google to make StartPage the default search engine in Firefox. Google still makes money, Mozilla would still make money (albeit somewhat less), and it would be a HUGE step for privacy for tens of millions of people.
Can we please get Mozilla to comment publicly on this? Why not StartPage?
Google tried to enable the election of a homicidal maniac. Fortunately, they failed.
Mozilla started going downhill after Brendan Eich was forced out. Brave is going to overhaul the browser industry.
As far as I know, Google hasn't enabled the election of a moron to president like Facebook has. Everything else, I can forgive.
Well, it's a good job Facebook failed and that America elected its current stable genius. Yes, he's doing a lot of harm but that the world (and by "the world" I mean "Murica" because that's all there is, right?) hasn't ended already is testament to how little actual power POTUS' have.
Debate is a form of harassment. Do not question my truth.
Why needs containers when APK's HOSTS File Engine is available? My browsing is free from all tracking, and FAST since all blocking is done at the kernel level.
APK for FCC Chairman 2020! Get this man a gianter sized mug and make this happen, Trump!
OK, Facebook sucks but then so do Google, Microsoft, Amazon, Apple, Oracle, etc.. We're supposed to believe that the internet is a revolutionary force for good and that it's making the world a better place. Yeah, right. Keep drinking the cool-aid https://youtu.be/4tLvzyb3_Uc?t...
Debate is a form of harassment. Do not question my truth.
uBlock Origin
Add the following to your /etc/hosts file:
0.0.0.0 connect.facebook.com
0.0.0.0 static.ak.connect.facebook.com
0.0.0.0 api.connect.facebook.com
0.0.0.0 ssl.connect.facebook.com
0.0.0.0 www.connect.facebook.com
0.0.0.0 graph.facebook.com
0.0.0.0 connect.facebook.net
I just checked, both Firefox 59.0.1 and Firefox ESR 52.7.0 both still have the option to clear cookies when the browser is closed. I've never seen an option for every 24 hours.
I use Opera exclusively for FB and nothing else. That blocks tracking.
This will do nothing. In a few months instead of talking directly to Facebook it will just use a proxy server or the website server youâ(TM)re viewing the page on to begin with. There is nothing Mozilla can do about that.
Or, do what I do: just use a separate browser with a separate profile for facebook and nothing else.
What social media platform are people switching to in order to replace Facebook? I've already signed up for Mastodon. I just wish Facebook wasn't used as the default user authentication mechanism for so many websites -- 'net identity and social media should be completely separate functions. from separate providers that don't have a vested interest in your data.
I've abandoned my search for truth; now I'm just looking for some useful delusions.
Oh good, thanks. The 24-hours option was my favorite, since I didn't have to close the browser every day, and if I closed it in the middle of the day I didn't have to log back in. But that option might have been in Netscape but never in Firefox.
Thanks. .
Here's some footnotes to your advice: https://news.ycombinator.com/i...
The RequestPolicy extension does this. I've been using it or a continuation of it for years. If I visit a website, and it wants to connect to Facebook, that request is automatically denied. Same with Google. If I decide I need Facebook or Google functionality on a certain page, I allow it for that domain only (on a temporary or permanent basis). I don't need a specific "container" for Facebook, because it is contained everywhere.
That would be Obama in 2012. His team used FB similar to Trump's team but it was called a genius move.
And FB was in the pocket of Hillary's team
It you don't trust Facebook, don't use it. If some other site loads tracking code from FB, avoid that site too as it can't be trusted for betraying the privacy of its users.
As far as I know,
Correct. You don't know.
And by they I mean the teeming unintellectual masses who we foolishly recruited into our international pool of former awesomeness.
The worst thing to happen to the internet was the commercialization of it. While early on it gave people without government/corporate/school based access to it, it also started letting the sickness from outside in. Rather than merely a few griefers we got masses of hate, corporatism and authoritarian apologists all overpowering our collective voice, along with people too stupid to understand why certain etiquette or informal codes of conduct were in place. Now those idiots have made the informal formal, and begun us on the long march to gentrification of the internet, making it just as pointless as IRL.
No, Windows 10 bypasses the "kernel level" hosts file.
And mozilla may also plan to perhaps bypass the local dns resolver in favour of "Trusted Recursive Resolver".
APK: if you can invent an app to block domains/ip's at the router level for virtually any router on the market, then that would be something special and worth all your advertising time in comments! ;)
Obama's campaign app asked for the information directly, and prompted users to send campaign messages to particular friends. Cambridge Analytica's data was acquired from a personality quiz (in violation of facebook policies, but CA didn't delete the data when requested), and used to plant fear-mongering ads. The former is at least somewhat honest. http://www.politifact.com/trut...
Ridiculous, it shouldn't be that difficult.
Mozilla inexplicably removed the ability to diable Javascript, and stopped blocking pop-ups (even though they still pretend to have this latter option).
NONE of this badness can happen without the cooperation of the browsers. There's no way a site can pop-up ANYTHING on your screen without the browser enabling it. There's no way a wbe page can store ANYTHING on your machine, or get any information from your machine, without the browser enabling it. There is simply no reason a browser must allow a web page to load hundreds of scripts, run video ads, overlay transparent invisible pixels, go to google or facebook to load crap, etc without the consent of the owner of the machine.
This idea that Mozilla will add a feature to deal with ONE site (Facebook) is MORONIC and a scam; It's a pretense based on the current Facebook/Cambridge Analytic-related panic. Why add ANY code to hande a specific website? That's contrary to the basic IDEA of a web browser which is to be a generic data browsing tool that works the same for any pages. Are the Mozilla people being incentivised to restrict any "fix" to only affect Facebook and not some (or all?) other bad actors?????