If we can get Tor Browser's first party origin feature in as well, this will be fantastic! I would love to have the ability to type www.facebook.com and get a context that isn't linked to the rest of my tabs.
I also want ephemeral containers so I could open a tab that forgets its cookies when I'm done. Think private browsing but without forgetting my history, requiring a new window, or being limited to one context at a time.
I prototyped this feature last year as an intern at Mozilla. I think the engineering done for containers can be exposed in a lot of cool ways to the user. I'd love for you to send in your ideas on the comment form [1]. One of the features we considered last summer was "site specific containers" [2], which would support your facebook example.
Did you try the "Self destructing cookies"[1] extension for Firefox? It is close to your "forgets cookies" requirement. IIRC it has per domain settings and allows you to configure the cookies to self destruct after closing the tab, the browser or never.
Exactly, I also want to have private browsing but with persistent history. I'm using Self-Destructing Cookies [1] for that; you can also white-list some domains there for eg. keep me logged in. But would love to have the container as you describe for that.
I really feel like the entire session model of the web needs reworking from the ground up. I honestly want most of the websites I use to act more like apps, with a dedicated space for that site and not spread out across N tabs or windows. And also containerized exactly like this describes.
There are some browser extensions that to do this, but they're pretty clunky overall.
Firefox's clumsy profile support is the one thing that makes me keep switching back to chrome. I really prefer firefox sync to chrome's implementation, and some of firefox's tab organization tools are way better than chrome's. But I use many of the same webapps in my personal life as I do in my work life, and being able to run two profiles simultaneously, and start them up without having to launch firefox from the terminal every time, was difficult.
What they've implemented seems to be better than chrome's profiles, in that it's easier to create a new profile for a specific context (so I don't have to sort things into a "work" bucket and a "personal" bucket.) It will be interesting to see how the contexts interact with plugins.
I agree that Firefox profile management is not user-friendly at all. I have an advice for you though, you don't need to open Firefox from a terminal if you want to be able to choose your profile at start-up.
«all» you have to do is go to ~/.mozilla/firefox/profile.ini and change it with:
```
[General]
StartWithLastProfile=0
```
Now Firefox will open a dialogue box at start-up asking you for the profile you want to use.
Doesn't it also just genuinely feel more sluggish to you? Just installed Nightly to test this feature out, and then took another minute to use the developer tools to do some debugging, and the whole experience felt less smooth. Maybe only microseconds of a difference in <my action> and the <browser's response>, but noticeable nonetheless.
I don't mean to tell people how they should and shouldn't use the web, but if you disagree with Facebook's off-platform data-collection practices, consider sending them a message about it and closing your account. They have no reason to change their policies unless we give them concrete evidence that it will hurt their business.
How is this even legal? By clicking to that site, i'm agreeing to allow FB to do whatever ONCE. How do I get out of the agreement if I find it doesn't suit me?
This is like saying, "By agreeing to take this person on a date one time, you're agreeing to take this person with you wherever you go from now until whenever."
That looks neat. And if it were possible to cheaply create and delete contextual identities on the fly it would even fix an issue I had today: the difficulty of multiple separate private browsing sessions in the same browser.
Agreed. Easy creation and management of additional contextual identities, even ephemeral ones that exist only for that particular browser session, would be terrific.
In addition, I'd like the ability to fine tune which items are isolated versus shared. I think in many cases, but not all, I'd like to shift saved passwords and form data into the identity contexts and away from the shared context. Not having to manually manage credentials when using multiple distinct sessions of a single web service would be nice.
This is an issue for me, primarily for using Twitter. I sometimes want to use multiple Twitter accounts at once, and not via TweetDeck. What I end up doing is having one account in use on normal Firefox, one in Firefox private browsing, one in Chrome private browsing, one in Safari private browsing, etc.
It's quite easy in firefox. Just have two firefox shortcuts, one of "firefox -P default" which you use normally (default profile) and one with "firefox --no-remote -P" which, on launch, will give you a dialogue to select or create a named profile. In addition, the "--no-remote" bit means you can run any number of firefox instances side-by-side with no issue.
This seems very useful for it's intended use-case. At first glance I would like to note however that advertisers (and other parties) will probably still be able to track you across these "containers", due to not isolating HSTS-flags and similar features.
I also wonder whether a seperate banking container makes a lot of sense when doing online payments, as in my country we get redirected to our bank to do payments. This might create confusion among non tech-savy users ("but this should be in my banking-container, I'll just switch. Why does the webshop give an error upon returning now?").
Overall a really cool feature though and one that might persuade me to give Firefox a try as daily driver again.
..."Firefox profiles" fixed it very well. Same as Chrome profiles: I have one for my work persona, one for my personal persona, another for my sysadmin persona, and 3 others for... er... nevermind. But it works great.
Besides, 11 FAQ and a long blog post: I'm not sure they narrowed down the most focussed feature that would provide the most value and be used by the most number of users.
This is a great step in the right direction -- though it is not enough. Different identities would still be going through the same IP (not much one can do about that). But some things that can be solved are NOT addressed with containers:
- see EverCookie[0] for more things that have been known to occur in the wild (and remember it is outdated). the article mentions cache is not shared, but e.g. HSTS pinning is. evercookie easily pierces through this system.
Since 2005 or so, I have had different users for different purposes; Not sure how well it works on Windows these days (it used to not work at all back in 2005) - but on Linux, it's just a "sux - otheruser" or "sudo -u otheruser" command away, and it is well isolated on the web side[1]
This looks really promising. The identity problem in browsers is something I tried to solve by customising the look of different Firefox instances opened with different profiles[1] (one for personal use, one for work etc). But having this functionality built in is definitely preferable.
I solved this so far by using two different browsers. But this is cumbersome and Mozilla now makes sure that I only use their product. This is good, because I like Firefox.
This is fantastic! I've been wanting this for a few years, but didn't think anyone else would care enough to get this on a browser's todo list. Awesome to see Mozilla doing this!
Great idea that makes me glad I use Firefox (settings for maximum privacy and discard all cookies when browser shuts down; I also use Chrome for Google properties, Twitter and Facebook).
With Firefox containers I suppose I could drop my two Browser setup, but I won't, at least for now.
Wow, this is insanely cool!
I've been thinking to create add-on to be able to login to multiple Google accounts from different tabs, but they managed to create it faster!
I am always confused by the lack of user customization in features like this. Why am I limited to four containers? Why can't I rename them?
Four is not enough (personally, though I imagine it would be for most people) and remembering which identity is under "Work" and which is under "Shopping" is just an annoyance when none of my identities would be for "Work" or "Shopping". It would be faster and less annoying to sign out and sign in as another account. Being able to name my containers after my psuedonyms and have a container for each psuedonym would make it infinitely more useful and intuitive for me - rather than a mental burden not worth the hassle of using.
This is a complex feature to implement and they "don't have all the answers...yet, but hope to start uncovering some of them with user research and feedback." If customization is important to you, you can let them know: "We hope to gather feedback on this basic experience to see how we can iterate on the design to make it more convenient, elegant, and usable for our users. Try it out and share your feedback by filling out this quick form or writing to [email protected]."
I was at the talk where this was announced -- four containers is just for now as a prototype, they probably would have the ability for custom ones later (this was explicitly mentioned).
I'm not sure about Firefox's implementation of it, but throughout computing I'm seeing more and more need for this kind of thing, not to mention something softer than full user-account switching for handing a device between family members or teammates. As everything gets more personalized and more tightly bound to the user by learning their habits and typing and voice and all that, and simultaneously in a social networking context we broadcast stuff about ourselves incidentally (like Youtube learning your viewing preferences and likes) that the ability to switch context neatly and quickly is becoming more important.
I think I'd love to be able to define which domains open in which contexts so if I click a link that happens to be to something I want in other context ...
But that got me thinking just how effective will this be? If someone sends me a link in fb and I click it. Even if it opens in a new context it seems like it's only a matter of time before all the links are changed to https://destsite.com/path/to/resource#fbtrackingid or something similar which then adds the cookie across contexts?
[+] [-] amluto|9 years ago|reply
I also want ephemeral containers so I could open a tab that forgets its cookies when I'm done. Think private browsing but without forgetting my history, requiring a new window, or being limited to one context at a time.
[+] [-] englehardt|9 years ago|reply
[1] https://docs.google.com/forms/d/1oQN14TUnqj-MDErp8MKxH_v7Ytt... [2] https://wiki.mozilla.org/Security/Contextual_Identity_Projec...
[+] [-] denis1|9 years ago|reply
[1] https://addons.mozilla.org/en-US/firefox/addon/self-destruct...
[+] [-] prohor|9 years ago|reply
[1] https://addons.mozilla.org/pl/firefox/addon/self-destructing...
[+] [-] stormbrew|9 years ago|reply
There are some browser extensions that to do this, but they're pretty clunky overall.
[+] [-] hammock|9 years ago|reply
[+] [-] unknown|9 years ago|reply
[deleted]
[+] [-] fps|9 years ago|reply
What they've implemented seems to be better than chrome's profiles, in that it's easier to create a new profile for a specific context (so I don't have to sort things into a "work" bucket and a "personal" bucket.) It will be interesting to see how the contexts interact with plugins.
[+] [-] stymaar|9 years ago|reply
«all» you have to do is go to ~/.mozilla/firefox/profile.ini and change it with:
```
[General]
StartWithLastProfile=0
```
Now Firefox will open a dialogue box at start-up asking you for the profile you want to use.
[+] [-] grimgrin|9 years ago|reply
[+] [-] pritambaral|9 years ago|reply
[+] [-] red_admiral|9 years ago|reply
"By clicking or navigating the site, you agree to allow our collection of information on and off Facebook through cookies."
I already have a separate chromium "person" set up for facebook; might give firefox another go when this gets released.
[+] [-] bjacobel|9 years ago|reply
[+] [-] JustSomeNobody|9 years ago|reply
This is like saying, "By agreeing to take this person on a date one time, you're agreeing to take this person with you wherever you go from now until whenever."
[+] [-] rmc|9 years ago|reply
[+] [-] masklinn|9 years ago|reply
[+] [-] bhauer|9 years ago|reply
In addition, I'd like the ability to fine tune which items are isolated versus shared. I think in many cases, but not all, I'd like to shift saved passwords and form data into the identity contexts and away from the shared context. Not having to manually manage credentials when using multiple distinct sessions of a single web service would be nice.
[+] [-] TazeTSchnitzel|9 years ago|reply
[+] [-] TheDong|9 years ago|reply
[+] [-] ScaryRacoon|9 years ago|reply
[+] [-] cerbasict12|9 years ago|reply
[deleted]
[+] [-] breakingcups|9 years ago|reply
I also wonder whether a seperate banking container makes a lot of sense when doing online payments, as in my country we get redirected to our bank to do payments. This might create confusion among non tech-savy users ("but this should be in my banking-container, I'll just switch. Why does the webshop give an error upon returning now?").
Overall a really cool feature though and one that might persuade me to give Firefox a try as daily driver again.
[+] [-] BugsBunnySan|9 years ago|reply
I think this is the actual solution to the problem that 'private browsing' was trying to fix when it first came out.
[+] [-] tajen|9 years ago|reply
Besides, 11 FAQ and a long blog post: I'm not sure they narrowed down the most focussed feature that would provide the most value and be used by the most number of users.
[+] [-] sleepychu|9 years ago|reply
[+] [-] Monkey0x9|9 years ago|reply
[+] [-] gruez|9 years ago|reply
[+] [-] beagle3|9 years ago|reply
- everything panopticlick uses (fonts list, plugin lists, timezone, agent, etc.)
- everything panopticlick doesn't use, but the bad guys do (aa font signatures, ...)
- plugin abuse - e.g., Flash 'cookies', Silverlight 'isolated storage', Java JNLP properties
- see EverCookie[0] for more things that have been known to occur in the wild (and remember it is outdated). the article mentions cache is not shared, but e.g. HSTS pinning is. evercookie easily pierces through this system.
Since 2005 or so, I have had different users for different purposes; Not sure how well it works on Windows these days (it used to not work at all back in 2005) - but on Linux, it's just a "sux - otheruser" or "sudo -u otheruser" command away, and it is well isolated on the web side[1]
[0] https://samy.pl/evercookie/
[1] Full X11 isolation requires a lot more effort - but luckily it seems that recent browsers don't let websites abuse that
[+] [-] yAnonymous|9 years ago|reply
[+] [-] yAnonymous-work|9 years ago|reply
[+] [-] yAnonymous-home|9 years ago|reply
[+] [-] nickysielicki|9 years ago|reply
It's a really simple idea that can go a long way for digital identity hygiene. Can't wait to try it out.
---
[1] Screenshot of Qubes: https://www.qubes-os.org/attachment/wiki/QubesScreenshots/r2...
[+] [-] james-turner|9 years ago|reply
[1] https://github.com/jamesturner/firefox-profile-indicator
[+] [-] WA|9 years ago|reply
[+] [-] azeirah|9 years ago|reply
I hope they keep going into this direction
[+] [-] lucb1e|9 years ago|reply
[+] [-] mark_l_watson|9 years ago|reply
With Firefox containers I suppose I could drop my two Browser setup, but I won't, at least for now.
[+] [-] notifier2050|9 years ago|reply
[+] [-] LOSEYOURSELF|9 years ago|reply
[+] [-] lucb1e|9 years ago|reply
[+] [-] Nadya|9 years ago|reply
Four is not enough (personally, though I imagine it would be for most people) and remembering which identity is under "Work" and which is under "Shopping" is just an annoyance when none of my identities would be for "Work" or "Shopping". It would be faster and less annoying to sign out and sign in as another account. Being able to name my containers after my psuedonyms and have a container for each psuedonym would make it infinitely more useful and intuitive for me - rather than a mental burden not worth the hassle of using.
[+] [-] laported|9 years ago|reply
[+] [-] Manishearth|9 years ago|reply
[+] [-] Pxtl|9 years ago|reply
[+] [-] greggman|9 years ago|reply
I think I'd love to be able to define which domains open in which contexts so if I click a link that happens to be to something I want in other context ...
But that got me thinking just how effective will this be? If someone sends me a link in fb and I click it. Even if it opens in a new context it seems like it's only a matter of time before all the links are changed to https://destsite.com/path/to/resource#fbtrackingid or something similar which then adds the cookie across contexts?
[+] [-] johnp_|9 years ago|reply
https://addons.mozilla.org/en-US/firefox/addon/clean-links/