Here is how Mozilla's Suggested Tiles feature works
By now you have probably heard about Suggested Tiles, a new feature coming to the Firefox browser's New Tab page in the near future.
Suggested Tiles are already available in pre-release versions of Firefox and we were among the first to publish an article about it here on this site.
It was not clear back then how Suggested Tiles work. While we knew that the user's browsing history played an important part in the selection process, it was not really clear how or where this was done.
For instance, it was unclear which data is submitted to whom in the process and how it would affect user privacy.
Mozilla has created an infographic that highlights "how user data is protected on Firefox New Tab". It outlines how suggested tiles are created and displayed in the browser, and which data is accessible by third-parties.
The process works in the following way
- Partners submit tile campaign assets to Mozilla (e.g. article links or a homepage url).
- These assets are reviewed by Mozilla to make sure they comply with rules and style guides. If they do, they are added to the tiles authoring and campaign management server Splice.
- Splice hands over the data to another server called Onyx which handles tile delivery to Firefox users.
- Firefox downloads all available tiles based on country and language. This is done without cookies or user tracking, and the decision what is shown on the New Tab Page is made locally by the browser.
- When a user interacts with a tile, e.g. when it is clicked on, pinned or blocked, it is measured and processed.
- Onyx submits the interaction data that was collected to Disco, a database used for storage and analysis.
- Disco aggregates all interactions, anonymizes them before it sends the processed data to the Redshift server.
- Zenko, a content services reporting tool, is used to create charts and reports from Redshift data which is used by Mozilla for analysis.
- Mozilla sends reports to partners after campaigns end. The report contains no personally identifiable information, only country and interaction information.
A direct connection between a Firefox user and a tile provider is only established when clicks are made on suggested tiles on Firefox's New Tab Page.
The privacy and identity of Firefox users is protected by the process. Users who don't want to see Suggested Tiles on the browser's New Tab Page can disable the feature easily on the page with a click on the cogwheel icon and the unchecking of "include suggested tiles". Other options include pinning a set of sites to the New Tab Page so that it is filled with your own set of sites or switching to a blank page instead. (Thanks SÃ¶ren)
I’m suspicious I might be misinterpreting here. I’ve not read your article in full. I tried to view the info graphic but it’s that complicated, even pinch zooming on my phone, where I happen to be reading this news, it’s a mess.
Quite frankly this is a joke. It seems that Mozilla is skirting the line between adware and privacy invasion so much closer than they would have dreamed in the past. It’s possible they’ve tripped right over that line and knocked themselves so senseless they forgot to scurry back over into the safe, privacy respecting user focus they were known for.
What kind of madness suggests that throwing up a complicated diagram, full of bizarre and perhaps ominous terms, like splice, onyx, zenko and redshift, is going to be anything more than inflammatory? Is this not the post-Snowden era where the hitherto desperate to protect users – even from themselves by denying us even limited pragmatic access to closed-source features – Mozilla should be hell bent on hardening their browser to privacy threats, not the other way around.
In the aftermath of Snowden there was a rumor of Mozilla potentially including a VPN service within Firefox as some sort of response protect users. That never happened and now instead we’ve gone down this adware road.
Let’s look at a potted recent history of Mozilla shall we?
1. Snowden reveals the concept of privacy on the Internet is a farce
2. Mozilla offers a few old dusty servers and matching bandwidth to the TOR project
3. Mozilla announces free SSL certificates – in 6 months time from now (we’re still waiting)!
4. Mozilla caves into Netflix and supports the W3C’s closed-source DRM
5. Before those free certificates are available, Mozilla responds to Snowden’s revelations by extorting developers and site owners under the threat of presenting their sites in deprecated form if authors and site owners don’t adopt encryption. Way to blame the victims guys!
6. Mozilla enters dubious agreement with ad companies – perhaps to further diversify away from their reliance on google revenue and scrounge up more income after pouring so much revenue down the black hole that is competing in the ultra low-end mobile phone game – at the exact time that users have every right to expect to start seeing privacy-protecting solutions developed over the two years since Snowden
Not a lot of impressive moves there. Am I missing something? When did Mozilla become the open source version of the former bullying Microsoft? When are we going to start hearing Mozilla respond with some meaningful pro-user features to try and address Firefox’s dwindling share? When that share drops below 10% ? 5% ? Or have they really just given up on Firefox the browser and Firefox the OS is all their interested in? Do I have to buy and start using a Panasonic big arse TV to get back that user-focused, active feeling from Firefox again?
Geez just focus all your resources on getting e10s finally over the line. It’s already over half a decade too late!
Google Chrome does it for years. Uploading all your browsing info to their cloud server. The masses know it. But still they use google chrome. So there are lots of peoples who don’t care about privacy. When google used it to mine data and profit from it so why not mozilla?
So you think anyone should BE EVIL like Google?
What kind of madness? An ongoing interest in “world domination”. Now that multiple competing browsers exist, Mozilla apparently decided “firefox, the browser” has nowhere to go but down… and they’ve been focusing on “Firefox O/S” (aka B2G, boot to gecko) instead. They seem to believe they can obtain market dominance on low-end mobile devices, and in slideshows have emphasized that third-world users coming online with inexpensive devices is a(the) high growth market.
We (the “want/expect a browser ONLY” users) are no longer their target audience, so they don’t care whether they pizz us off, drive us away, whatever. Development continues, toward building out the B2G stack and their PlayStore (mozilla marketplace) webapp ecosystem. These tiles and suggestions, and features like anti-phish, scan(snoop)block “suspicious” downloads… those features are probably collectively well received by the intended (b2g) focus group users.
Sounds like adware or bloatware to me
“On behalf of the user”
Yeah right. I’m fine with it as long as it’s removable but cut the crap already.
the disable feature sounds good, big thank you to the developer who thought to include that.
Are they delusional? What’s next? An “optional” ASK toolbar that comes with the installer? I’m SO done with them if they actually go through with this insanity.
No newtab here, only about:home, for home as well as for new tabs (browser.newtab.url = about:home). And even about:home is cleared of default items/design to be replaced by a single background image.
Mozilla’s philosophy seems to be “Why make things simple when they can be done complicated?”. Why such a brain storming around this newtab module? Because the newtab appears frequently on the browser, it is the junction-point made naturally available with the user, it is the cyclic browser’s prime-time, the halt, the pause of web sessions, the place to be with the user … don’t count me in.
Since respects your privacy and doesn’t send any personal data, I think is something good to improve the independence of the browse
Firefox is no longer Firefox like Opera is no longer Opera. The best two browsers have been destroyed by greed and pure idiocy. Since Vivaldi is now spyware Firefox users have not many alternatives- PaleMoon, SeaMonkey or any of the better Chromium clones (Otter is still in an early stage of development and since it is an one-man project I cannot be very optimistic about it). It’s a pity that many Firefox add-ons don’t work with SeaMonkey.
I think that the alternative nowadays is to find the balance, the “equilibrium” point between accepting blindly and refusing globally. Perfection is not of this world, and perfection’s attributes are not the same for each one of us. We have to “make our market” as we say in French, that is try to make the best (what we conceive it to be) out of what we choose. This is possible on open systems, those you can tweak, or less opened schemes if you’re a geek.
The times when a product was acceptable (50% satisfaction at least for 50% of the users at least) are over. This means the user has to dig into the product, spend time and efforts to keep the best and remove the worst. With this perspective I stick on Firefox/Firefox forks (Cyberfox is more than a simple 64-bit fork, more than enhanced code, it also removes privacy concerns in the core of the browser). At this time I don’t see a browser that is more “tweakable” than Firefox/Firefox forks. And I don’t believe that an existing browser is good enough to consider tweaking it as a secondary option.
Like in realpolitik, like in basic psychology : take otherness for what it is, not for what you’d wish it to be.
Would you please explain (or post a link) what about Vivaldi is spyware-ish? I’ve not yet tried Vivaldi, but installing it to have a look has been on my todo list.
Firefox has become a browser designed for advertisers and analytic companies. Sad that every new release brings more ways for tracking and profiling users.
“To be able to serve you, our users and friends, in the best possible way, we need to know a little about you. We need to know how many you are, what HW/OS you have and where in the world and which language you use. This helps us make the right priorities on our resources. Starting with this build, Vivaldi will connect with our servers for this purpose only once per day. We do not collect any usage data. So, on first run Vivaldi generates a unique ID for your installation.
Then, every 24 hours, your browser, if running, will send via https, the following info:
The unique user ID
Browser user agent
So what is the best browser (excluding TOR) at this stage for privacy?.
I would be interested in an article about that.
What a mess.
In fact, everywhere I look, I see nothing but bad news in the computing world. Before you scream — YES, that is just my opinion, and I know I am in the minority. Microsoft’s huge effort over the last few years to push people to the cloud, and to a subscription service, browsers’ sneaky, privacy destroying changes that they present as “protecting” our privacy. No, I don’t like it. Lies, and lies, and finessing folks down a path I never wanted to take.
It is impossible to do without a browser these days. It’s how most of us pay our bills, access our bank accounts, chat with other people. How can we do those things safely, comfortably, PRIVATELY?
For starters with open source audited software with end to end encryption that utilises perfect forward secrecy – this can help hide contents, not necessarily any metadata. But it takes two – the issue is mainstream uptake – try getting users off gmail or implementing PGP, try getting everyone to switch from Skype etc. And then there’s the tracking you can block (xss, cookies, header referrals, etc – too many to cover here – which does break some sites functionality) and the tracking you can’t ( isp level bullshittery such as verizon’s UIHX etc). And can you totally trust your VPN (there are moves for an open VPN auditing system put forward or championed by EFF)? BTW, I absolutely agree with the asshattery of MS pushing their cloud service and trying to integrate everything you do on Win8/10 with your online account.
If you absolutely want to be untrackable, and have any session metadata that may be collated be useless – it can certainly be done, but involves more than can be said here, especially when it comes to OpSec. It only takes one mistake to connect the dots.
I see no reason to be upset about this. Every ad will be replaced after visiting a few sites. If you can’t wait that long drag some bookmarks to the New Tab page. If you still don’t like it use Speed Dial addon. It is very customizable and you can export your settings.
Why is it a big deal if Mozilla makes some money? Would you rather they would stop making Firefox than see a few ads?
Out of curiosity, if Mozilla also offered a pay-for model for FireFox, as a choice, what would they have to charge a user to replace the revenue they’d lose from ads and/or tracking us? If this was the “real-world”, and not “virtual”, we’d all be getting restraining orders it seems ;-)
When I watch TV, I fast forward through ads. When I read a paper magazine, I flip past them or tear them out. When I
see billboards or banners at sporting events, I tune them out. Most people I know, do the same. I mean, haven’t we been trained to ignore them because they are ubiquitous. Is it just the fact that an ad is on the screen that makes it worth something?
Is it suppose to be subliminal, or something? I understand the click and purchase business, it’s like AmWay.
I tried FireFox’s Reader out the other day, and the article was definitely MUCH easier to read and the ads were gone.
I feel like I’m getting mixed messages?