Companies have begun switching tracking tech to first-party cookies (where possible) since Apple's introduction of "Intelligent Tracking Protection," so Mozilla's similar move probably won't have that much of an impact either.
Note that Mozilla has been working on that feature for at least five years. For a very long time, it was not possible to land this without breaking gazillions of sites.
Apple can afford to be more aggressive, and force features such as ITP 2+, because of their iOS monopoly, and expect webdevs to scramble for fixes, but Mozilla doesn't have such leverage, so they need to avoid breaking the web.
One thing mentioned on the responses that might be really concerning is the fact that this will mean that for a lot of analytics it will look like firefox usage is close to zero.
No usage data, devs caring less about firefox, users having more problems when using firefox, less users using firefox, less users having 3rd party trackers blocked, chrome monopoly growing.
Since when we decided it is OK to install global tracking for everybody, whether they want it or not? The User-Agent is still visible to the website I'm visiting.
It's enough that a few large websites provide stats summary for their users. It is not necessary that Google, FB and co. track the entire Internet.
I run into a similar issue at work. I deploy ad-blockers on all student and staff machines. This makes our users invisible in Google Analytics. Supposedly our top browser is Mobile Safari.
But you're saying here that metrics might not faithfully keep track with reality; presumably an industry that cares will simply improve their metrics until they don't care.
In my experience as a long-term Firefox user, developers already don't care about Firefox. It's amazing how many websites I visit that break or look awful until I switch to Chromium.
This presupposes that the current tracking (spyware) data is a reasonably accurate representation of reality. This assumption could be tested by comparing the "analytics" data to the server logs. but who wants to use accurate first-party data when delusions about "analytics" can tell you what you want to hear.
Don't forget all the Firefox forks that have to falsely identify as Firefox in order to get websites to not simply kick them off. Firefox usage is already significantly lower than Firefox usage is shown in terms of useragent statistics. A lot of that is because Firefox has chromed itself if not in source code then in spirit.
Firefox's Container's approach has been quite interesting to use, but if a suggestion could get out to the Firefox team, I would advise improved streamlining of workflow for the extension, including with sync and returning browser setup, and for organizing and setting up new containers (configuring them to always open for a domain, putting them in folders).
However, I don't know how it'll play out in the long run. FF is already on the radar of ad-driven sites, including those that just need basic unique visitor counters verified by third parties rather than doing evil privacy invasion things. So they could decide to boycot FF alltogether. I hope this isn't going to happen, though. Anyone in the ad-driven content business here to share their opinion? Or should we go back to pixels?
A tracker is a script included as part of a webpage's content, often utilizing some combination of tracking pixels (an http request for a 1x1 image file from the tracking script's providers domain), a persistent cookie, and increasingly some form of browser/device fingerprint which is used to identify a particular machine.
The user's machine presents back to the tracking network the cookie and a bunch of http params to the tracking provider whilst interacting with pages that support the script, which the tracker stores in a database to sell access to.
It gives developers/businesses a way to collect metrics while offloading the trouble of keeping track of and maintaining the infrastructure to do so to someone else.
Firefox will probably be enforcing a cross-origin isolation constraint, requiring that all material be hosted by the domain you're requesting from in the first place, which doesn't really fix the problem since people will probably just try to build ways around the limitation.
Until the industry breaks itself free of it's current fetish for wholesale data collection, it's just going to be an arms race.
Whatever they feel like it being. Including images.
For some reason, this keeps getting flipped to "on" for me, and I have to keep turning it off, to get images to load correctly in both my RSS reader and via a convenience user script.
My work laptop is a very fast upper end macbook and I can somewhat reliably run Firefox on that. My personal laptop is an older macbook pro retina model and whenever I use firefox on that it gets incredibly slow and from time to time the computer just freezes for 20-40 seconds. So, sadly, I can't use firefox on that.
At one point someone on HN posted a link to the bug report on mozilla's bug tracker about this issue with retina macbooks. Does anyone have that link? I can't find it.
I've got a bottom of the line 2013 macbook air. I closed everything down earlier to update to mojave, and firefox told me it would close 7 windows and 71 tabs. Never had a problem with it.
My main desktop is an ubuntu 16.04 machine with 16GB of memory and I've never had a slowdown, often get upto the 100+ tab range across different windows.
I'm currently surfing on a "MacBook Pro (Retina, 15-inch, Late 2013)". It works fine with 4 window opened (1 private, 2 with ~20 tabs, main one with at least 50 tabs).
I'm also running 10+ extensions.
Works pretty well for me.
Sometime after awhile the video playback goes wonky though. I end up doing `sudo killall firefox`.
I have an old Thinkpad X220 and i see no slowdown with Firefox, but I do see more CPU usage in my cpu graphs compared with Chromium so I worry when I am on battery power. I'm not sure how to properly compare CPU usage to determine if I am just imagining it.
I use Firefox Nightly on a MacBook (Retina) and it performs very well with WebRender on and gfx.compositor.glcontext.opaque set to TRUE. Faster than Safari even! Worse battery life though.
Why now, as opposed to several years ago? Are there downsides to blocking 3rd party trackers by default, and if so, what has changed recently to allow this to happen now?
Honestly the two things I've noticed are:
- I have to fill out recaptcha. A lot.
- I've been applying for jobs, some companies have a button for linked in auto fill. Sometimes this works sometimes it doesn't
Beyond that there's a few other thing like, wikidot, that don't really work. In this case the cookie is given by wikidot for sign in, then you're redirected to the custom url wikidot instance (Scp foundation in this case) and you're just not logged in until you allow cookies in this case.
Sites use third parties to provide various functionality. If you block them, the site can appear partially broken. I assume Mozilla has been testing and working on minimizing breakage.
Will this also force Do Not Track to be on, similar to the current tracking blocklists in Firefox? That's the primary reason why I have it turned off and rely on uBlock Origin + a few other extensions.
I think this is huge. It reminds me of the early days of Firefox (back then still known as Phoenix) in a world where IE6 and pop-up ads dominated. At launch IE6 was really the best and most innovative browser of it's time (IMHO). But after IE6 had beaten Netscape, Microsoft stopped putting money in IE development and the situation got worse over time. It was Phoenix with, among other things, a pop-up blocker that was on by default that brought down Internet Explorers hegemony.
Today, with Chrome being dominant the situation is different because Google is still innovating Chrome at light speed. The one and only Achilles heel to beat this giant is by attacking their business model, which is to enable ad blocking by default. I expect this is something people want, just like pop-up blockers back in the days. Google will never be able to lead, or even follow in this direction without changing their business model.
Unfortunately, Mozilla’s own business model also heavily relies on selling ads, albeit indirectly. According to this statement from an independent audit report[1]:
"Note 10 - Concentrations of Risk:
Mozilla has entered into contracts with search engine providers for royalties which expire through November 2020. Approximately 93% and 94% of Mozilla’s royalty revenues were derived from these contracts for 2017 and 2016, respectively, with receivables from these contracts representing approximately 75% and 79% of the December 31, 2017 and 2016 outstanding receivables."
In other words, $539 Million, which is 93% of their total revenue, comes from companies that have selling ads as their business model (Baidu, Google, Yahoo and Yandex [2]).
I really hope Mozilla will be able to change this revenue stream to better align with their mission[3]. They have been trying to diversify their revenue since 2014 [4] and although they might not be as dependent on Google as they once were, they're still almost fully dependent on ads.
Oh, and yeah, of course simply making a better browser than Chrome would also help ;)
[3] https://www.mozilla.org/en-US/mission/ "An Internet that truly puts people first, where individuals can shape their own experience and are empowered, safe and independent."
I think this is a bad idea. Even though I personally block 3rd party trackers by default, breaking the web by default will cause problems.
Also, ad blocking will start being a problem when enough people start doing it. I still remember the days of no websites yelling at you for blocking their ads. Things are going to get much worse.
It's not breaking the web, it's breaking part of the web's grasp on users. Is the web for people or is it there to use people?
"Ad blocking will start being a problem"
I live in the days where both all ads and all bullshit responses to my adblocker ("don't block my ads!!") are blocked; it's a breeze of fresh air. Sometimes a site tries to get around it and I block it permanently.
Good. Let them yell, allow the system to break. I'm not convinced that the current status quo of paying for services via targetted advertising that amounts to quite a severe level of manipulation and tracking is tenable (nor desirable). Figure out something better.
The alternative is what we do now: a select group with tech savvy blocks advertisements, and lets the masses pick up the bill by 'accepting' ads and having their every movement online tracked.
It's worth noting that historically that RFC 2109 and RFC 2965 specified that user agents should respect the user's privacy and not allow cross-server cookies. Since browsers have flat out ignored this recommendation since the beginning this never meant anything, and newer RFCs explicitly allow the default. But if we had been a little more prescient this mess could have been avoided.
It's also worth noting that anecdotically, blocking all third party cookies and running an adblocker has not lead to "breaking the web" in my personal use. I can count any issues I encountered on one hand, and I've run this setup for years. It might me that my internet use is weird (I don't believe so) but it makes me feel the consequences for users for this is overblown.
I agree completely --- large organisations taking what are essentially political stances basically means war, and the only ones who lose in the end are the users --- because the opponents are just going to find more ways around it when there is such escalation. I wish the browser developers would just focus on implementing specs, and give users the choice of options. This paternalistic "we're doing this for you" attitude can't stop soon enough.
Does this mean that analytics will also be blocked? If it is true it will be a shot in the foot, because Google pays a lot of money to Mozilla. Translated automatically.
[+] [-] rbinv|7 years ago|reply
Apple has responded with ITP 2.1, though, limiting _all_ (persistent) cookie lifetime to 7 days, although these could probably be accurately re-issued/kept alive in my opinion: https://webkit.org/blog/8613/intelligent-tracking-prevention...
ITP 2.1 also removes support for Do Not Track (as it's not honored anyway).
[+] [-] Yoric|7 years ago|reply
Apple can afford to be more aggressive, and force features such as ITP 2+, because of their iOS monopoly, and expect webdevs to scramble for fixes, but Mozilla doesn't have such leverage, so they need to avoid breaking the web.
[+] [-] fimdomeio|7 years ago|reply
No usage data, devs caring less about firefox, users having more problems when using firefox, less users using firefox, less users having 3rd party trackers blocked, chrome monopoly growing.
[+] [-] sam_goody|7 years ago|reply
There might be some positive press around "the numbers in Analytics do not reflect users on FF"
[+] [-] dvfjsdhgfv|7 years ago|reply
It's enough that a few large websites provide stats summary for their users. It is not necessary that Google, FB and co. track the entire Internet.
[+] [-] discreditable|7 years ago|reply
[+] [-] traderjane|7 years ago|reply
[+] [-] nallerooth|7 years ago|reply
[+] [-] phkahler|7 years ago|reply
[+] [-] bfrydl|7 years ago|reply
[+] [-] pdkl95|7 years ago|reply
This presupposes that the current tracking (spyware) data is a reasonably accurate representation of reality. This assumption could be tested by comparing the "analytics" data to the server logs. but who wants to use accurate first-party data when delusions about "analytics" can tell you what you want to hear.
[+] [-] superkuh|7 years ago|reply
[+] [-] rkangel|7 years ago|reply
[+] [-] Simon_says|7 years ago|reply
And it's nobody's business what I do with the bits after it comes down the pipe anyways.
[+] [-] traderjane|7 years ago|reply
[+] [-] tannhaeuser|7 years ago|reply
However, I don't know how it'll play out in the long run. FF is already on the radar of ad-driven sites, including those that just need basic unique visitor counters verified by third parties rather than doing evil privacy invasion things. So they could decide to boycot FF alltogether. I hope this isn't going to happen, though. Anyone in the ad-driven content business here to share their opinion? Or should we go back to pixels?
[+] [-] anc84|7 years ago|reply
[+] [-] salawat|7 years ago|reply
The user's machine presents back to the tracking network the cookie and a bunch of http params to the tracking provider whilst interacting with pages that support the script, which the tracker stores in a database to sell access to.
It gives developers/businesses a way to collect metrics while offloading the trouble of keeping track of and maintaining the infrastructure to do so to someone else.
Firefox will probably be enforcing a cross-origin isolation constraint, requiring that all material be hosted by the domain you're requesting from in the first place, which doesn't really fix the problem since people will probably just try to build ways around the limitation.
Until the industry breaks itself free of it's current fetish for wholesale data collection, it's just going to be an arms race.
[+] [-] arantius|7 years ago|reply
For some reason, this keeps getting flipped to "on" for me, and I have to keep turning it off, to get images to load correctly in both my RSS reader and via a convenience user script.
[+] [-] mosselman|7 years ago|reply
At one point someone on HN posted a link to the bug report on mozilla's bug tracker about this issue with retina macbooks. Does anyone have that link? I can't find it.
[+] [-] arusahni|7 years ago|reply
[+] [-] isostatic|7 years ago|reply
My main desktop is an ubuntu 16.04 machine with 16GB of memory and I've never had a slowdown, often get upto the 100+ tab range across different windows.
[+] [-] anthony_doan|7 years ago|reply
I'm also running 10+ extensions.
Works pretty well for me.
Sometime after awhile the video playback goes wonky though. I end up doing `sudo killall firefox`.
[+] [-] thinkingemote|7 years ago|reply
[+] [-] mistertrotsky|7 years ago|reply
[+] [-] playpause|7 years ago|reply
[+] [-] MivLives|7 years ago|reply
Honestly the two things I've noticed are: - I have to fill out recaptcha. A lot. - I've been applying for jobs, some companies have a button for linked in auto fill. Sometimes this works sometimes it doesn't
Beyond that there's a few other thing like, wikidot, that don't really work. In this case the cookie is given by wikidot for sign in, then you're redirected to the custom url wikidot instance (Scp foundation in this case) and you're just not logged in until you allow cookies in this case.
[+] [-] SimeVidas|7 years ago|reply
[+] [-] ypolito|7 years ago|reply
If so, ad companies should consider some kind of functionality to proxy the advertisements through the partners' websites.
I've seen ublock struggle with Server Side Ads Injection.
[+] [-] KozmoNau7|7 years ago|reply
[+] [-] rbinv|7 years ago|reply
[+] [-] cphoover|7 years ago|reply
Disable all cookies for iframes? That seems like it would break the internet.
[+] [-] andrethegiant|7 years ago|reply
[+] [-] kowdermeister|7 years ago|reply
[+] [-] slasaus|7 years ago|reply
Today, with Chrome being dominant the situation is different because Google is still innovating Chrome at light speed. The one and only Achilles heel to beat this giant is by attacking their business model, which is to enable ad blocking by default. I expect this is something people want, just like pop-up blockers back in the days. Google will never be able to lead, or even follow in this direction without changing their business model.
Unfortunately, Mozilla’s own business model also heavily relies on selling ads, albeit indirectly. According to this statement from an independent audit report[1]:
"Note 10 - Concentrations of Risk:
Mozilla has entered into contracts with search engine providers for royalties which expire through November 2020. Approximately 93% and 94% of Mozilla’s royalty revenues were derived from these contracts for 2017 and 2016, respectively, with receivables from these contracts representing approximately 75% and 79% of the December 31, 2017 and 2016 outstanding receivables."
In other words, $539 Million, which is 93% of their total revenue, comes from companies that have selling ads as their business model (Baidu, Google, Yahoo and Yandex [2]).
I really hope Mozilla will be able to change this revenue stream to better align with their mission[3]. They have been trying to diversify their revenue since 2014 [4] and although they might not be as dependent on Google as they once were, they're still almost fully dependent on ads.
Oh, and yeah, of course simply making a better browser than Chrome would also help ;)
Background:
* https://www.mozilla.org/en-US/foundation/annualreport/2017/
* https://assets.mozilla.net/annualreport/2017/mozilla-2017-fo...
[1] https://assets.mozilla.net/annualreport/2017/mozilla-fdn-201...
[2] https://wiki.mozilla.org/Global_Search_Strategy_Status
[3] https://www.mozilla.org/en-US/mission/ "An Internet that truly puts people first, where individuals can shape their own experience and are empowered, safe and independent."
[4] https://blog.mozilla.org/advancingcontent/2014/02/11/publish...
[+] [-] dredmorbius|7 years ago|reply
Firefox has an opportunity.
[+] [-] kerng|7 years ago|reply
[+] [-] Proven|7 years ago|reply
[deleted]
[+] [-] wbxrs|7 years ago|reply
Also, ad blocking will start being a problem when enough people start doing it. I still remember the days of no websites yelling at you for blocking their ads. Things are going to get much worse.
[+] [-] keepmesmall|7 years ago|reply
It's not breaking the web, it's breaking part of the web's grasp on users. Is the web for people or is it there to use people?
"Ad blocking will start being a problem"
I live in the days where both all ads and all bullshit responses to my adblocker ("don't block my ads!!") are blocked; it's a breeze of fresh air. Sometimes a site tries to get around it and I block it permanently.
[+] [-] Freak_NL|7 years ago|reply
The alternative is what we do now: a select group with tech savvy blocks advertisements, and lets the masses pick up the bill by 'accepting' ads and having their every movement online tracked.
[+] [-] DCKing|7 years ago|reply
It's also worth noting that anecdotically, blocking all third party cookies and running an adblocker has not lead to "breaking the web" in my personal use. I can count any issues I encountered on one hand, and I've run this setup for years. It might me that my internet use is weird (I don't believe so) but it makes me feel the consequences for users for this is overblown.
[+] [-] PhantomGremlin|7 years ago|reply
Doesn't Safari already do this (or something like this)?
Safari works pretty well on most web sites. So what will Firefox be doing differently that will "break" the web?
[+] [-] userbinator|7 years ago|reply
[+] [-] happyvalley|7 years ago|reply
How is this “breaking the web”? Honest question, I would not subscribe to that sentiment, but am interested in other points of view.
[+] [-] darkpuma|7 years ago|reply
I recommend updating your adblocker. I haven't seen that kind of crap in ages, because I block that stuff too.
[+] [-] lcnmrn|7 years ago|reply
[+] [-] ionised|7 years ago|reply
[+] [-] moltar|7 years ago|reply
[+] [-] claudiojulio|7 years ago|reply