Firefox Rolls Out Total Cookie Protection By Default | The Mozilla Blog
Firefox rolls out Total Cookie Protection by default to more users worldwide Updated Aug. 28, 2024. Take back your privacy Firefox is rolling out Total Cookie Protection by default to more Firefox users worldwide, making Firefox the most private and secure major browser available across Windows, Mac, Linux and Android. Total Cookie Protection is Firefox’s strongest privacy protection to date, conf
Performance in progress – Mozilla Performance
In the last six months the Firefox performance team has implemented changes to improve startup, responsiveness, security (Fission), and web standards. Startup and perceived startup Doug Thayer and Emma Malysz implemented work to improve the perceived startup of Firefox on Windows using a concept called the skeleton UI. Users on Windows may click the Firefox icon and not get visual feedback in the
Firefox 90 supports Fetch Metadata Request Headers – Mozilla Security Blog
Niklas Gögge and Christoph Kerschbaumer July 12, 2021 We are pleased to announce that Firefox 90 will support Fetch Metadata Request Headers which allows web applications to protect themselves and their users against various cross-origin threats like (a) cross-site request forgery (CSRF), (b) cross-site leaks (XS-Leaks), and (c) speculative cross-site execution side channel (Spectre) attacks. Cros
Privacy analysis of FLoC | The Mozilla Blog
In a previous post, I wrote about a new set of technologies “Privacy Preserving Advertising”, which are intended to allow for advertising without compromising privacy. This post discusses one of those proposals–Federated Learning of Cohorts (FLoC)–which Chrome is currently testing. The idea behind FLoC is to make it possible to target ads based on the interests of users without revealing their bro
Introducing Firefox’s new Site Isolation Security Architecture – Mozilla Hacks - the Web developer blog
Introducing Firefox’s new Site Isolation Security Architecture Like any web browser, Firefox loads code from untrusted and potentially hostile websites and runs it on your computer. To protect you against new types of attacks from malicious sites and to meet the security principles of Mozilla, we set out to redesign Firefox on desktop. Site Isolation builds upon a new security architecture that ex
BrowserID protects the privacy of your Web activity? Really?
Hi Nat, Thanks for writing this! With respect to the fact that information is leaked back to the IP (browserid.org), this is only the case until we have native browser support. browserid.org is a requirement to bootstrap the system, and mozilla incurs the cost of running it and commits to running it with the transparency and level of responsibility you’d expect. Ideally though, we’ll see browseri
Firefox 88 combats window.name privacy abuses – Mozilla Security Blog
We are pleased to announce that Firefox 88 is introducing a new protection against privacy leaks on the web. Under new limitations imposed by Firefox, trackers are no longer able to abuse the window.name property to track users across websites. Since the late 1990s, web browsers have made the window.name property available to web pages as a place to store data. Unfortunately, data stored in window
Introducing State Partitioning – Mozilla Hacks - the Web developer blog
State Partitioning is the technical term for a new privacy feature in Firefox called Total Cookie Protection, which will be available in ETP Strict Mode in Firefox 86. This article shows how State Partitioning works inside of Firefox and explains what developers of third-party integrations can do to stay compatible with the latest changes. Web sites utilize a variety of different APIs to store dat
Changes to SameSite Cookie Behavior – A Call to Action for Web Developers – Mozilla Hacks - the Web developer blog
Changes to SameSite Cookie Behavior – A Call to Action for Web Developers We are changing the default value of the SameSite attribute for cookies from None to Lax. This will greatly improve security for users. However, some web sites may depend (even unknowingly) on the old default, potentially resulting in breakage for those sites. At Mozilla, we are slowly introducing this change. And we are str
Safely reviving shared memory – Mozilla Hacks - the Web developer blog
At Mozilla, we want the web to be capable of running high-performance applications so that users and content authors can choose the safety, agency, and openness of the web platform. One essential low-level building block for many high-performance applications is shared-memory multi-threading. That’s why it was so exciting to deliver shared memory to JavaScript and WebAssembly in 2016. This provide
Reducing TLS Certificate Lifespans to 398 Days – Mozilla Security Blog
We intend to update Mozilla’s Root Store Policy to reduce the maximum lifetime of TLS certificates from 825 days to 398 days, with the aim of protecting our user’s HTTPS connections. Many reasons for reducing the lifetime of certificates have been provided and summarized in the CA/Browser Forum’s Ballot SC22. Here are Mozilla’s top three reasons for supporting this change. 1. Agility Certificates
Firefox 75 will respect ‘nosniff’ for Page Loads – Mozilla Security Blog
Sebastian Streich and Christoph Kerschbaumer April 7, 2020 Prior to being able to display a web page within a browser the rendering engine checks and verifies the MIME type of the document being loaded. In case of an html page, for example, the rendering engine expects a MIME type of ‘text/html’. Unfortunately, time and time again, misconfigured web servers incorrectly use a MIME type which does
Firefox 72 blocks third-party fingerprinting resources – Mozilla Security Blog
Privacy is a human right, and is core to Mozilla’s mission. However many companies on the web erode privacy when they collect a significant amount of personal information. Companies record our browsing history and the actions we take across websites. This practice is known as cross-site tracking, and its harms include unwanted targeted advertising and divisive political messaging. Last year we lau
Upcoming notification permission changes in Firefox 72 – Mozilla Hacks - the Web developer blog
Notifications. Can you keep count of how many websites or services prompt you daily for permission to send notifications? Can you remember the last time you were thrilled to get one? Earlier this year we decided to reduce the amount of unsolicited notification permission prompts people receive as they move around the web using the Firefox browser. We see this as an intrinsic part of Mozilla’s comm
Improved Security and Privacy Indicators in Firefox 70 – Mozilla Security Blog
The upcoming Firefox 70 release will update the security and privacy indicators in the URL bar. In recent years we have seen a great increase in the number of websites that are delivered securely via HTTPS. At the same time, privacy threats have become more prevalent on the web and Firefox has shipped new technologies to protect our users against tracking. To better reflect this new environment, t
Today’s Firefox Blocks Third-Party Tracking Cookies and Cryptomining by Default | The Mozilla Blog
Today’s Firefox Blocks Third-Party Tracking Cookies and Cryptomining by Default Today, Firefox on desktop and Android will — by default — empower and protect all our users by blocking third-party tracking cookies and cryptominers. This milestone marks a major step in our multi-year effort to bring stronger, usable privacy protections to everyone using Firefox. Firefox’s Enhanced Tracking Protectio
1567114 - MITM on all HTTPS traffic in Kazakhstan
User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0 Steps to reproduce: Since today all Internet providers in Kazakhstan started MITM on all encrypted HTTPS traffic. They asked end-users to install government-issued certificate authority on all devices in every browser: http://qca.kz/ Actual results: MITM attack: https://i.imgur.com/rFEjXKw.jpg Message from Int
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Mozilla Explains: Cookies and supercookies | The Mozilla Blog
State Partitioning - Privacy on the web | MDN
GitHub - mozilla-services/shavar-prod-lists: Shavar/tracking protection lists used in prod
