Firefox 85 blocks Flash, rolls out protection from Supercookies
One of the most popular privacy-friendly browsers available today, Firefox is constantly innovating to add novel ways to counter Big Tech’s attempts to track every move that users make across the web. Mozilla, the non-profit organisation behind Firefox has now announced a new feature that protects users against ‘Supercookies’ and removes support for the now-dead Adobe Flash player.
A post on the Mozilla Security Blog explains that the browser had already implemented blocking cookies from known trackers and scripts that are used to ‘fingerprint’ users for identifying them easily, but was taking the approach a step further with a ‘fundamental change in the browser’s network architecture’, according to Mozilla’s Steven Englehardt and Arthur Edelstein.
Supercookies are difficult to delete, because tracking companies place them in very obscure places in the browser - such as Flash storage and in the caches shared by websites. Unlike ordinary cookies, they are not removed when you select the “clear browsing data” option on any browser. They are also used to track users across sites, by identifying network connections.
Mozilla says they have greatly reduced the effectiveness of cache-based supercookies in the new Firefox 85 update, by neutering their ability to work across websites. The Firefox team achieved this through a process called Network Partitioning. This means that unlike before, sites cannot share the same cache for images which is used to save images locally in case you revisit the site. As a result, tracking companies can’t misuse the feature to check every site you have visited on the web.
Supercookies don’t just use the image cache, so Firefox 85 will also ‘partition’ and isolate the HTTP cache, the favicon (small site icon you see in the Tab) cache, CSS cache among many other important caches that can be misused to track users. It will also partition network connections to further protect users.
Mozilla says all of this has a very ‘modest impact’ on page load times, between a 0.09% and 0.75% increase at the 80th percentile and below, and a maximum increase of 1.32% at the 85th percentile. According to them, the Chromium browser engine that powers Google’s Chrome browser also reported the same impact on load speeds in their tests of the same feature.