I long thought of Mozilla Firefox as a good, mainstream, privacy-focused alternative to Google Chrome. I used it for quite some time, until the Google ecosystem became too all-encompassing to ignore. But over recent years, it seemed the yellow-tailed browser was becoming less privacy-focused after all, leaving it just like the other mainstream options. So it’s good news, and perhaps vindication for those who were still holding out hope for Firefox, that it’s expanding its fingerprint protections.

By this, it means it’s expanding its protections against websites linking you to a “secret digital ID” by “collecting subtle details of your setup—ranging from your time zone to your operating system settings—that together create a ‘fingerprint’ identifiable across websites and across browser sessions.”

Fingerprinting is pretty much standard practice for many sites today. You should never assume that just because you don’t have an official account on a website, it doesn’t identify you between visits and so on, sometimes even regardless of stored cookies.

From eyeballing the chart Mozilla presents, without any protections, over 60% of users appear unique to sites that fingerprint, and the company’s previous ‘phase 1 protections’ lowered this to under 40%. Now, with phase 2 rolling out, Mozilla is claiming just 20% of unique-appearing users.

The company claims that, thanks to a “global analysis … Firefox is the first browser with this level of insight into fingerprinting and the most effective deployed defenses to reduce it.”

(Image credit: Mozilla)

The methods Mozilla is employing seem to essentially boil down to giving websites the most generic information about your device and system as possible, while balancing this with the genuine benefits of having sites know some of these details. To be more specific, Mozilla says Firefox will do the following:

Either report your machine as having a four-core or an eight-core processorNot use locally installed fonts to render on-page textReport your ‘available’ screen resolution as your normal resolution minus 48 pixelsReport only no-touch, single-touch, or five-touch inputs on trackpadsIntroduce random data to ‘canvas elements’ (background images) when the website reads back the image

These changes are only available in Private Browsing Mode and ETP Strict mode, but that’s just “while we work to enable them by default.”

This is probably welcome news for those who previously held on to Firefox as one of the last bastions for online privacy. It makes a welcome change from some other changes Mozilla has made over the last year or two.

Last year, Firefox got rid of its ‘Do Not Track’ (DNT) setting and replaced it with Global Privacy Control (GPC), which meant a move away from asking sites not to track you, instead asking that they just don’t sell or share that data. GPC is more of a standard than DNT, so the move made sense from that perspective, but it did signal somewhat of an abandonment of the push towards asking sites not to track users at all.

(Image credit: Mozilla)

Mozilla also tried to add some Terms of Use to Firefox earlier in the year that included a section that seemed to give the company a wide-spanning remit over user data, and it removed its FAQ section that promised not to sell user data.

Mozilla responded to backlash and said all this “does NOT give us ownership of your data or a right to use it for anything other than what is described in the Privacy Notice.” But many weren’t convinced and pointed back towards the vague wording of the terms.

Given all that, it’s nice to see Mozilla pushing the market forward for online privacy once again. Maybe it’s time for me to give the ol’ browser, my quasi-namesake, another try.

From PCGamer latest via this RSS feed