Security news that informs and inspires

Firefox Now Blocks Third-Party Cookies by Default

Mozilla has turned on blocking of third-party trackers by default in Firefox, a move that provides desktop and Android users with always-on protection against a wide range of tracking technologies that seek to follow people’s movements across the web.

The new protection is included in Firefox 69, which Mozill released Tuesday, and is the latest step in a process that Mozilla started more than a year ago when it added the feature to the Nightly Firefox channel. By adding the feature to the main Firefox release and turning it on by default, Mozilla is relieving users of the burden of figuring out how to block trackers and which ones to block.

“For today’s release, Enhanced Tracking Protection will automatically be turned on by default for all users worldwide as part of the ‘Standard’ setting in the Firefox browser and will block known “third-party tracking cookies” according to the Disconnect list. We first enabled this default feature for new users in June 2019. As part of this journey we rigorously tested, refined, and ultimately landed on a new approach to anti-tracking that is core to delivering on our promise of privacy and security as central aspects of your Firefox experience,” Marissa Wood, vice president of product at Mozilla, said in a post explaining the move.

“Currently over 20% of Firefox users have Enhanced Tracking Protection on. With today’s release, we expect to provide protection for 100% of ours users by default. Enhanced Tracking Protection works behind-the-scenes to keep a company from forming a profile of you based on their tracking of your browsing behavior across websites — often without your knowledge or consent. Those profiles and the information they contain may then be sold and used for purposes you never knew or intended. Enhanced Tracking Protection helps to mitigate this threat and puts you back in control of your online experience.”

"Enhanced Tracking Protection works behind-the-scenes to keep a company from forming a profile of you."

Third-party cookies are one of the many mechanisms that site owners and ad networks use to keep tabs on what content people interact with and what sites they visit. The networks and site owners can use that information to build histories and profiles of individuals, which they then use to tailor ads and other content. Firefox’s Enhanced Tracking Protection gives people the ability to click on an icon in the address bar to see which specific tracking cookies the browser is blocking on a given site. Firefox 69 also includes protection against cryptominers, a feature that was in beta builds of earlier releases.

“Cookies are not the only entities that follow you around on the web, trying to use what’s yours without your knowledge or consent. Cryptominers, for example, access your computer’s CPU, ultimately slowing it down and draining your battery, in order to generate cryptocurrency — not for yours but someone else’s benefit. We introduced the option to block cryptominers in previous versions of Firefox Nightly and Beta and are including it in the ‘Standard Mode‘ of your Content Blocking preferences as of today,” Wood said.

Firefox 69 also includes fixes for several security vulnerabilities, most importantly a critical code-execution flaw that affects Firefox on Windows.

“Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder,” the advisory says.