Security news that informs and inspires

Mozilla Testing Firefox Private Network

Mozilla is launching a new extension for Firefox that adds VPN-like functionality to the browser and automatically protects users’ traffic when they’re on public networks.

The new extension is in a limited beta release right now and is only available for desktop Firefox users in the United States, but the company plans to make it broadly available in time. The Firefox Private Network extension isn’t exactly like a traditional virtual private network (VPN), but it is designed to provide some of the same functionality and privacy protections for people on public WiFi networks. The network hides users’ IP addresses and creates a private tunnel through a proxy to the destination website.

“The Firefox Private Network is an extension which provides a secure, encrypted path to the web to protect your connection and your personal information anywhere and everywhere you use your Firefox browser,” Marissa Wood, vice president of product at Mozilla, said.

“Your IP address is like a home address for your computer. One of the reasons why you may want to keep it hidden is to keep advertising networks from tracking your browsing history. Firefox Private Network will mask your IP address providing protection from third party trackers around the web.”

The Firefox Private Network relies on a proxy server on Cloudflare’s network, so traffic from an individual’s browser will be encrypted and sent from the browser to a Cloudflare data center and then to the destination website. In a typical VPN setup, a dedicated client on the user’s device establishes a secure connection to a server, usually on a corporate network. Many enterprises use VPNs as a way for remote or traveling employees to access corporate resources such as email or HR systems. And there are commercial VPN services available for consumers to use on public networks, which require the user to trust the network of the provider.

That’s also the case with the Firefox Private Network. The configuration requires users to trust Cloudflare’s network, one of the larger content delivery networks in the world. In a privacy statement about the Firefox Private Network, Cloudflare officials said that for each request made from the extension, Cloudflare will see the source and destination IP addresses, as well as the source and destination port numbers. That data will be deleted within 24 hours after each individual request. The company also emphasized that the Firefox Private Network is not designed to help people evade censorship controls in some countries.

“The intended use of the proxy service is to shield HTTP/HTTPS requests from eavesdropping by edge network providers such as public WiFi hotspots. Avoidance of geographical restrictions on content access is explicitly not a goal. The Mozilla extension will always make a secure request to the Cloudflare network, regardless if the request is for TLS or plaintext content,” Cloudflare’s statement says.

“When you access Internet properties that are not secured using Transport Layer Security, your HTTP request data will not be encrypted while in transit from the Firefox Private Network to the requested hostname. Cloudflare will not log your HTTP request data and will not use it for any purpose other than to provide the Firefox Proxy service.”

Firefox users can get the beta of the Private Network extension now.