Mozilla tests Premium VPN Service - gHacks Tech News

Mozilla tests Premium VPN Service

Mozilla will start the test of a commercial VPN offering tomorrow for a subset of users in the United States.

The organization has not created its own VPN network but partnered up with the Swiss VPN provider ProtonVPN to use the established network of the provider.

The test starts on October 22, 2018 in the United States for a sample of users of Firefox 62. Only some users who use Firefox 62 in the United States will be invited to participate in the test.

mozilla firefox vpn

There is no surefire way to be selected for the test as criteria for selection are quite diverse. Users who connect to an Open (unencrypted) wireless network, visit privacy focused websites, or streaming sites, may see the recommendation by Firefox.

The recommendation highlights the basics behind a VPN, that Mozilla selected ProtonVPN as the partner for the test, and the price of the subscription.

The price of the subscription matches the price that users pay for a monthly ProtonVPN subscription when they subscribe directly on the ProtonVPN website.

It is unclear whether Firefox users will have the opportunity to pay yearly to get the $2 per month discount on the monthly price that ProtonVPN offers.

Firefox users should get access to ProtonVPN Plus when they subscribe. Details are a bit scarce but it seems that the subscription gives Firefox users access to a full VPN that they run on the system and not just in the browser.

ProtonVPN's Plus plan can be run on five devices, includes all security features, and gives users access to all countries.

Why ProtonVPN?

proton vpn

Mozilla analyzed VPN services to find the best suitable partner for the VPN offer in Firefox. The organization selected ProtonVPN for a number of reasons that include (according to Mozilla)

  • Strong security practices to make sure that the provider offers excellent protection against hacking attempts.
  • That the VPN service does not store or log information about the browsing of its users.
  • That the VPN provider follows the same mission as Mozilla: to improve data safety and security on the Web.

Why a VPN?

Mozilla has two main intentions when it comes to the new offering. First, to add a new revenue stream that is independent of the money that the organization gets from search engine companies like Google.

The affiliate revenue earned from promoting the VPN in Firefox would reduce the stranglehold that search engine companies have on Mozilla. The bulk of Mozilla's revenue comes from deals with search engine companies like Google or Yandex.

The second reason is that VPNs improve user privacy and security on the Internet. VPNs like ProtonVPN include security features that block certain attacks outright and they hide the IP address of the user device.

Closing Words

Critics might say that Mozilla adds advertising to the browser and that is certainly the case if you look at what is happening. Firefox may display recommendations to users to subscribe to a VPN when they perform certain actions in the browser. The choice of ProtonVPN may also be questioned by some.

VPNs do improve privacy and security on the other hand and that is definitely a good thing.

Firefox users can subscribe to the VPN to support Mozilla and get something back in return. Deal details have not been revealed; it is unclear if Mozilla will earn recurring revenue from subscriptions or if the organization gets a one-time payment only.

I think that $10 is quite a high price for a VPN considering that you can get good ones for half or even less the price. It would have been great if Mozilla would have managed to broker a better deal for Firefox users.

Also, I'd like to see contextual recommendations that provide users with clear information on why Mozilla thinks that they should use a VPN.

It would have been ideal, in my opinion, if Mozilla would have created its own VPN network instead. This would cost a lot but it would mean that the bulk of revenue would flow into Mozilla's pockets and would reassure users because of the first-party nature of the service.  (via Sören Hentzschel)

Now You: What is your take on the move?

Summary
Mozilla tests Premium VPN Service
Article Name
Mozilla tests Premium VPN Service
Description
Mozilla will start the test of a commercial VPN offering tomorrow for a subset of users in the United States.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. Weilan said on October 21, 2018 at 7:24 pm
    Reply

    Well, they need to make some money in order to survive…

    1. gh said on October 22, 2018 at 1:43 am
      Reply

      Weilan, seriously? You’re unaware of Mozilla’s 300 million revenue from partnering with Yahoo search… AND Mozilla’s “take the money and run” maneuver, keeping the money and weaseling out of the agreement (taking advantage of Yahoo via a contingency clause in the agreement) ?

      1. Anonymous said on October 22, 2018 at 6:18 am
        Reply

        And yet, Mozilla is still outspent by Google and Microsoft. Its expensive to manage a browser.

        Also, Mozilla did not “weasel out” of the Yahoo deal. Yahoo made the deal allowing Firefox to leave if they get bought out.

        It was Yahoo’s final chance to become relevant again. But it did not work and they got taken over anyway.

        Mozilla decided its users were not getting the proper security guarrentees from Oath (who bought Yahoo).

        If Yahoo did not want that to happen. They should not have put that in the contract.

      2. Weilan said on October 22, 2018 at 8:35 am
        Reply

        Firefox has been copying Chrome long before Quantum. Now they got closer to copying it. The only ones that don’t see the truth are Firefox fanboys. That’s why I’m saying they can’t survive – they made the UI locked like Chrome, they made add-ons not work, limited themselves to web extensions, like Chrome, probably spy on you, like Chrome, most people should see through this scam and use another browser.

        Eventually this will come back to bite Mozilla in the ass, you see, all their side projects they attempted have failed – Firefox OS phone, Firefox on Android is a pathetic browser, Firefox Focus is also pathetic, I can’t remember any other projects they have currently.

        It’s only a matter of time before they limit desktop Firefox’s capabilities even more until all you can do is change download location. And then even the biggest fanboys will see the joke Firefox has become and leave and then Mozilla will be left with nothing. Their userbase dwindles every day.

        That’s why I’m saying “trying to survive”. They may have money now, but their stupid and incompetent decisions will lead to a future where even that isn’t going to keep them afloat. Mozilla is governed by stupid people.

      3. Anonymous said on October 22, 2018 at 6:55 pm
        Reply

        Weilan, you are incorrect.

        The new UI looks nothing like Chrome. In fact it looks more like Edge in some ways.

        The funny thing is that the new Chrome UI looks almost exactly like the old Firefox Australis UI (which Mozilla dropped last year).

      4. user17843 said on October 22, 2018 at 10:01 pm
        Reply

        @Weilan:

        That’s actually the truth. Mozilla community thinks it’s “toxic” to write comments like this, but to me it is obvious that people who tell them the truth straight, are the only ones who are actually helping Mozilla.

        A couple of months I was speaking about missed opportunities, and suggested creating a native VPN service to Mozilla employees on reddit if I remember it correctly.

        They are starting to rely on all kinds of third party services. This can not end well. People know how to buy a VPN service.

        I think it’s really a good idea to offer great services like ProtonVPN to users, but I don’t think it will work the way Mozilla thinks it will.

        Opera has been offering it for free. If they believed they could make money with it, they would have done it. Actually, Opera has been doing everything to monetize their product for years, and they still get 60% of their money from search engines! (Source: Techchrunch)

        I don’t think Mozilla will be able to reach 40% independence, due to their focus on privacy and because Firefox users are critical of all kind of ads.

        People associate Firefox with Non-Profit. There’s already a growing rejection of Firefox in the tech forums I frequently visit.

        Mozilla is governed by self-absorbed people, and all the really great people with excellent abilities have left. All the bright people in the Valley work for Google et al., it’s the harsh reality.

        Mozilla as we know it will implode within 2-3 years. Market-Share will be insignificant by end of 2019, and their money will be gone by 2022.

      5. wew said on October 23, 2018 at 2:01 am
        Reply

        “Firefox has been copying Chrome long before Quantum. Now they got closer to copying it.”

        …and yet even I who use Chromium can see that the new Chrome UI is a copy of Firefox Australis.

      6. Anonymous said on October 23, 2018 at 12:58 pm
        Reply

        Just like too many people falsely believe that they’re governed by stupid politicians, I don’t think that Mozilla is governed by stupid people at all. They’re corrupt, not stupid. They know exactly what they are doing.

      7. Anonymous said on October 23, 2018 at 10:39 pm
        Reply

        “Just like too many people falsely believe that they’re governed by stupid politicians, I don’t think that Mozilla is governed by stupid people at all. They’re corrupt, not stupid. They know exactly what they are doing.”

        Corrupt? Right, they are the only major internet company fighting for privacy…

      8. Anonymous said on October 24, 2018 at 3:08 pm
        Reply

        “Corrupt? Right, they are the only major internet company fighting for privacy…”

        Only because they define “privacy” as being slightly more private than Google Chrome, which is not a reference. Don’t blindly trust slogans written on a corporate site. Their main business is to sell users to data slurping search engines and other advertisers and lots of Firefox development and Mozilla acquisitions are governed by this objective. Have a look at this for an incomplete (and maybe not fully up-to-date) view of Firefox privacy problems :
        https://spyware.neocities.org/articles/firefox.html

  2. Tom Hawack said on October 21, 2018 at 8:15 pm
    Reply

    I’d consider a VPN if I lived in an Internet-restricted country with a tunnel required to go where I please; not for privacy reasons.

    1- I have no idea of the firewalls, blocklists used or not by a VPN. I have mine, editable, updated daily. A VPN limited to Firefox could be acceptable in this regard considering the active presence of uBlock Origin, but system-wide …

    2- In a way I consider using a VPN as a defeat in the face of privacy, as if I admit privacy invasion and a VPN’s privacy as the only way to defeat it. I wish not to hide but to block as I can privacy invasion. I don’t want to run away but to face the inquisitors.

    3- A good VPN is not free and I have no intention of paying be it only 5USD/month… even reliable and free I wouldn’t do it for above-mentioned reasons. I just dislike the very idea.

    1. ilev said on October 22, 2018 at 3:23 pm
      Reply

      “I’d consider a VPN if I lived in an Internet-restricted country with a tunnel required to go where I please; not for privacy reasons.”

      If you live in one of the 14 Eyes countries (Australia Canada New Zealand United Kingdom United States (+ Israel Singapore South Korea Japan British Overseas Territories) Denmark France Netherlands Norway Germany Belgium Italy Sweden Spain, you NEED vpn.
      Using VPN in these counties DOESN’T guaranty that your data isn’t decrypted and saved.

      All these countries spy and eavesdrop on ALL their citizens and foreign communications and share the data between the group.

      1. Tom Hawack said on October 22, 2018 at 10:46 pm
        Reply

        @ilev, I would need a VPN according to your specifications if I intended to use a VPN for privacy concerns. As i said, “I’d consider a VPN if I lived in an Internet-restricted country with a tunnel required to go where I please; not for privacy reasons.”.

        I don’t participate to the idea that countries (those “14 Eyes”) spend their time tracking billions of users with no valid reason, and i believe that using a VPN is considered by them as a valid reason (I read recently that State agencies focused on Tor and Linux users). I’m convinced that global tracking is before all specific to commercial entities and I wouldn’t be surprised that those may happen to be acquainted with some VPNs, of course not with Tor.

        So if I were to use a VPN it would definitely be Tor (if you can call it a VPN) but again only if I were unable to connect as I wish given the country’s restrictions. My belief is that State global, systematic tracking is deeply tied to conspiracy theories which bring the thrill to those who forgot life and replaced it with imaginings anchored in the depths of their cyber-world. There is so much data that their must be precise elements to trigger State tracking, one can easily imagine agencies have better to do than laugh about Miss’ Simpsons porn videos or Mr. Jones obsession for liquors …. unless either has triggered an inquiry for solid reasons.

      2. manouche said on October 23, 2018 at 12:15 pm
        Reply

        The Great Believer T. Hawack:

        “My belief is that State global, systematic tracking is deeply tied to conspiracy theories […]”

        With all my respect of your belief, I think …

        You never heard of Edward Snowden!

        A frog in a well does not know the great ocean 🦈

      3. Tom Hawack said on October 24, 2018 at 10:23 am
        Reply

        @manouche, Edward Snowden and his disclosures has nothing to do with mass surveillance but concerned specifically at the time classified CIA documents pertinent the company’s involvement in Iraq and more generally the octopus behavior of US Intelligence. Nothing to do with what is practiced by commercial companies : the former focus on the top of the pyramid when the latter on its basis. But anyone — anyone — involved or suspected of, peeking or suspected of, into sensitive areas may of course be considered as potentially interesting for Intelligence agencies, and not only American.

        I repeat that frogs considering themselves as ocean fish are out of their grounds and, more importantly, out of reality. But I can understand the thrill to be considered a valuable target for the Big brothers, a way of feeling important.

      4. Hy said on October 24, 2018 at 12:46 pm
        Reply

        Tom Hawack said:

        “I repeat that frogs considering themselves as ocean fish are out of their grounds and, more importantly, out of reality. But I can understand the thrill to be considered a valuable target for the Big brothers, a way of feeling important.”

        Thanks, Tom, for making me smile, and chuckle… :) Hope you are well!

      5. Anonymous said on October 24, 2018 at 7:46 pm
        Reply

        @Tom Hawack who said
        “Edward Snowden and his disclosures has nothing to do with mass surveillance”

        https://en.wikipedia.org/wiki/PRISM_(surveillance_program)
        “Its existence was leaked six years later by NSA contractor Edward Snowden, who warned that the extent of mass data collection was far greater than the public knew and included what he characterized as “dangerous” and “criminal” activities”

        https://www.ibtimes.co.uk/nsa-whistleblower-edward-snowden-479709
        E. Snowden :
        “Without asking for public permission, the NSA is running network operations that affect millions of innocent people.”

        Note : “millions”.
        Mass surveillance is not only the commercial one, it includes surveillance agencies. That people call NSA mass surveillance a conspiracy theory in 2018 is insane.

      6. manouche said on October 25, 2018 at 7:00 pm
        Reply

        @Tom Hawack said on October 24, 2018 at 10:23 am

        Quote: “Edward Snowden and his disclosures has nothing to do with mass surveillance”

        https://www.ghacks.net/2018/10/21/mozilla-tests-premium-vpn-service/#comment-4393607

        […] The British government has insisted that it does not carry out “mass surveillance,” preferring instead to use the term “bulk surveillance,” which it says is necessary to discover previously unknown threats. Documents leaked by Snowden describe how GCHQ planned to carry out “population scale” surveillance; boasted that it had “massive access” to internet communications; and monitored more than 50 billion “events” about communications each day. […]

        Source: Does U.K. Mass Surveillance Revealed by Snowden Violate Human Rights? Court to Decide — https://theintercept.com/2017/11/07/uk-surveillance-case-european-court-human-rights/

        Hein … “surveillance en vrac”?!
        Bien sûr, cela ne peut jamais arriver à la grenouille dans un puits.

      7. Anonymous said on October 23, 2018 at 6:03 pm
        Reply

        I agree with Tom Hawack : if you’re not a politician, journalist, activist, senior executive, muslim, foreigner, trade unionist, communist, dissident, nonconformist, and so on, then they’re probably not extensively spying on everything you do. It’s a democracy after all !

      8. Tom Hawack said on October 24, 2018 at 10:28 am
        Reply

        In fact if you’re among the 99.99% of the planet’s inhabitants! Intelligence agencies have very strict compartments regarding suspicious behaviors and a politician is unlikely to share the drawer of a nonconformist, unless he be both :)

      9. Anonymous said on October 24, 2018 at 3:15 pm
        Reply

        “In fact if you’re among the 99.99% of the planet’s inhabitants!”

        I miss the time when even a single of these categories being under systematic surveillance would have been considered as obviously defining a dictatorship. People forgot the basics.

      10. ULBoom said on October 23, 2018 at 2:02 am
        Reply

        It’s not where you live, it’s where the VPN provider is legally based. Also where their servers are physically located; both are subject to local laws. If a provider keeps no logs, and this is where trust comes in, there’s nothing that can be subpoenaed.
        If someone has very high security needs, they should heavily research how to get what they want; encrypting traffic is only part of the answer.

  3. Robert said on October 21, 2018 at 9:25 pm
    Reply

    A browser based vpn seems less secure than Openvpn and will be useless when hacked within the browser. Also it would be completely useless for p2p software like Tixati or uTorrent. What is ProtonVPN’s privacy policy with the law? Do the delete their records?

    1. Anonymous said on October 22, 2018 at 6:19 am
      Reply

      “Do the delete their records?”

      Yes, it says so in the article.

      “A browser based vpn seems less secure than Openvpn and will be useless when hacked within the browser. ”

      All VPNs would be useless if your browser is hacked. This will a be a good solution for many

  4. ShintoPlasm said on October 21, 2018 at 9:27 pm
    Reply

    Well, why not? Proton is as good as you’re going to get from a VPN provider, and Mozilla does need the income.

  5. Yuliya said on October 21, 2018 at 9:38 pm
    Reply

    What’s the matter? Need more money to spread your agenda through propaganda, moz://a? Donations aren’t enough and SJWs don’t write articles for peanuts I guess.
    I expect this means they will sneak yet another malware-type of system addon on those people’s machines, right?

    1. Anonymous said on October 22, 2018 at 6:23 am
      Reply

      System addons are not malware. They are simply parts of the browser that can update without restarting.

      I assume you are complaining about Pocket? Well it is easily disabled, violates no privacy (does all matching client side), and helps find Mozilla. A win all around.

      BTW, making a browser is actually massively expensive. Thats simply what it costs to compete with the big boys.

      1. Yuliya said on October 22, 2018 at 9:57 am
        Reply

        I’m talking about these:
        “fxmonitor@mozilla.org.xpi”
        “telemetry-coverage-bug1487578@mozilla.org.xpi”
        Though yes, Pocket is spyware, always purge the “/Mozilla Firefox/browser/features/*” folder before using Firefox.

      2. Anonymous said on October 22, 2018 at 6:58 pm
        Reply

        If you dont like Telemetry, don’t enable it. Pretty simple. The only versions that come with it enabled are the testing versions (like Nightly).

        Even then you can disable it pretty easily.

        Pocket does not spy, that is misinformation. It only processes locally, to *explicitly* protect privacy.

        The browser is 100% open source, you can see for yourself. No private info is sent back to Mozilla

      3. Yuliya said on October 22, 2018 at 9:15 pm
        Reply

        Witth telemetry disabled those addons were installed without my knowledge and it sent data to mozilla’s servers. On the stable Firefox v62, not on nightly. You can read about it here:
        “https://www.ghacks.net/2018/09/21/mozilla-wants-to-estimate-firefoxs-telemetry-off-population/”
        There’s a comment of mine as well at the top explaining how mozilla forced these addons multiple times on me.
        Good luck checking the source code of something the size of Firefox unless you’re a seriously skilled developer. I’m a pharmacist, not a developer in any way, that wall of text says little to nothing to me.

      4. Anonymous said on October 22, 2018 at 11:44 pm
        Reply

        That addon is only a one time event for 1% of the Firefox population. It sends a single line more data than an update request: telemetryEnabled”: true

        That is your big spyware scoop? It also has nothing to do with Pocket.

        If you are not a developer, why are you messing with system addons?

        Disable telemetry if you are privacy conscious. If you are privacy paranoid, download Tor instead

      5. Yuliya said on October 23, 2018 at 10:36 am
        Reply

        The extension was sent to me, I don’t care about mozilla’s claims of 1%, they are not trustworthy and they proven this multiple times already. I don’t need any addons aside from the ones I install, I don’t want pocket, activity stream and other malware which mozilla boundles with their browser or sends post-install without your consent or even knowledge.

        And which part of the “I disabled telemetry” you do not understand? You or mozilla for that matter. If I disabled it it’s not their business to send extra telemetry for me.

      6. Anonymous said on October 23, 2018 at 1:57 pm
        Reply

        “Pocket does not spy, that is misinformation. It only processes locally, to *explicitly* protect privacy.”

        Enough with that bullshit, Pocket/Mozilla troll. Even with local matching, what is sold to advertisers is the knowledge of our browsing history. They don’t get the data directly but they use it for personalized advertising exactly as if they had it. That the browser collects and analyses locally my browsing data to target ads is sick and that sending it online would be worse is not an excuse to do it, or even to pretend that this respects privacy. Privacy respecting software would never exploit behavior data to target ads. Enough with your corporate “we’re the good guys” brainwash.

      7. Anonymous said on October 23, 2018 at 10:40 pm
        Reply

        “Even with local matching, what is sold to advertisers is the knowledge of our browsing history.”

        Except that is not true. Stop with the FUD

      8. Anonymous said on October 24, 2018 at 3:20 pm
        Reply

        “They don’t get the data directly but they use it for personalized advertising exactly as if they had it.”
        “Except that is not true. Stop with the FUD”

        Advertisers pay extra for ads that they know will be matched locally with browsing history. This is selling the knowledge of browsing history. Stop pretending you didn’t understand what I wrote very explicitely.

  6. John said on October 21, 2018 at 9:38 pm
    Reply

    Hard pass. I don’t really need or want the product, and I’m at the point where I already can’t afford all the things I do need and want. A VPN is more something I might think about trying for free if I trusted it any more than I do my ISP.

    I will say that by recommending one or VPNs, Mozilla could be providing a service by kind of certifying what some of the more reputable ones are so that users don’t have to risk winding up picking something that is questionable to send all of their Internet traffic, though. That could be helpful to users who would like to subscribe to a VPN and are willing to pay for it, but want a company or foundation they trust to vouch for it first instead of just doing an Internet search or seeing what some guy on a forum, comment section, or reddit type thing recommends.

    My biggest objection to this is if the ad as shown- and it is an ad- pops up out of my browser at me or is heavily featured within the browser. A lot of people started using Firefox way back because it offered add-ons that blocked web advertising. Those people mostly don’t want to see it just get replaced by advertising built into the browser. There needs to be a way to disable all references to this and pop-ups and whatever- ideally in the options menu (and even the option itself should just say something like “suggest VPNs” and not advertise them by name in the option itself), but something I’d settle for just being in about:config in a pinch. What I don’t want is an ad that’ll pop up periodically or that I’ll see periodically that I can’t turn off. If I can turn it off for good and forget about it until I have a new PC and install Firefox again, fine.

    Also, they should respect existing options and preferences users have set. If they have turned off things like news from Mozilla or whatever, they shouldn’t be subjected to “news” about this either. If they want to be, they can opt-in.

    I miss when Mozilla was just a non-profit funded by donations. It made it different from Google, Microsoft, etc.. I think having a corporate arm has corrupted it in some respects. I use it and still think they do a good job in other respects (Actually, I had stopped using it for years and they won me back- first on Android by offering an add-blockers when Chrome did not, and eventually on Windows with Firefox 57 and nice square tabs), but it doesn’t quite engender the really positive feelings a true non-profit that was user, customization, and privacy focused, and not after our money in various ways or always trying to copy Chrome would.

  7. anonymous said on October 21, 2018 at 9:46 pm
    Reply

    What about the planned integration of Tor in Firefox?

    1. Anonymous said on October 22, 2018 at 6:14 am
      Reply

      That is a long process. It is not even certain that the tor network can handle all private Firefox traffic at this time.

      But you can follow the progress here: https://bugzilla.mozilla.org/show_bug.cgi?id=1260929

      Of course if you want it now, just download the tor browser. As it is already based on Firefox

    2. Hy said on October 22, 2018 at 8:37 pm
      Reply

      anonymous said “What about the planned integration of Tor in Firefox?”

      I’ve gotta say: private browsing with Tor is already implemented in the Brave beta and works a charm. I use it often and am very happy with it.

      I’d love for Firefox to implement it as a switchable option in their private browsing, but who knows if that will ever happen? There’s been talk about it from Mozilla for years now, but they don’t really seem serious about ever actually doing it. I don’t see it happening for Firefox, at least not any time soon, but Brave’s already got it and it works great.

      1. Anonymous said on October 22, 2018 at 11:45 pm
        Reply

        Brave does not have First Party Isolation.

        Thats a key Tor feature that is only implemented in Firefox. Brave is based on Chrome and does not have such features. It is giving you a false sense of security.

      2. Hy said on October 23, 2018 at 7:05 pm
        Reply

        Anonymous said “Brave does not have First Party Isolation.

        Thats a key Tor feature that is only implemented in Firefox. Brave is based on Chrome and does not have such features. It is giving you a false sense of security.”

        It’s correct that Brave does not have something called “First Party Isolation” but Brave, Vivaldi, and chromium browsers do have “Strict site isolation” and Same Origin Policy, etc.. I’ll leave it to Pants or someone else on here who knows about these things to elucidate precisely how similar or different they may be. I’m afraid that’s out of my field.

        Martin wrote almost one year ago on ghacks about how to enable strict site isolation in chromium browsers such as Brave and Vivaldi. I don’t know if strict site isolation has become enabled by default since then in Brave but it may well be: Google has enabled it by default in Chrome for 99% of users since May 2018. (Enabling strict site isolation was a primary browser mitigation against the Spectre and Meltdown vulnerabilities, you may recall.) At any rate, to manually enable it in Brave, type either brave://flags or chrome://flags/ in the address bar and then in the search box at the top of the page type the word “isolation” (without the quotation marks). Click the “Default” button next to “Strict site isolation” and choose “Enabled.”

        I could see how for some people using Tor in Brave private windows could give them a false sense of security if they don’t know much about what they are doing. That’s not the browser’s fault; that’s the user’s fault. The browser doesn’t claim to be equal to Tor or be a replacement for Tor; on the contrary, the help pages say:

        “Tor hides your IP address from the sites you visit, by routing your browsing through several Tor servers before it reaches your destination. These connections are encrypted, so your ISP or employer can’t see which sites you’re visiting either.

        With Tor, Brave works hard to ensure that you’re extremely difficult to track online while providing a delightful browsing experience. But if your personal safety depends on remaining anonymous you may wish to use the Tor Browser instead.”

        It’s important to know one’s threat model. In my case and many others, most people would just like to make it harder to be tracked and profiled online. Only a minority of people would be doing things which would truly require Tor browser, etc..

        It’s predictable that whenever there’s mention of a VPN there’s almost always someone who brings up logging and says you don’t know for sure whether to trust the VPN provider even if they say they don’t log, etc.. I agree: if you are engaged in criminal activity, for example, or are in certain countries, etc., and if your life or freedom are at stake, you should be very careful about VPNs and frankly about doing anything online at all. But this doesn’t apply to many people. Many people would just like more privacy and want to make tracking more difficult.

        What is the implication of “you never know about VPN logging?” That therefore you just shouldn’t use them at all and should just give all your surfing data/browsing history to your ISP outright? What do people think is done with that? In the US, for example, one of the first things which happened after the new presidential administration was sworn in last year was that the ruling party changed the law so that ISPs were allowed to collect and sell their customers’ browsing histories. The only way for users to prevent this is to either use a VPN or use some variant of Tor. Wherever I am I use a VPN. I don’t care if the VPN keeps logs because I am not engaged in any criminal wrongdoing. I do know that without a VPN some corporate ISP is privy to all my browsing history and selling it to whomever wants it. That’s what I wish to avoid.

        But people’s threat models can be different. It is important to know exactly what privacy threats you are trying to guard against. One book I enjoyed about this topic was “Dragnet Nation” by Julia Angwin. I recommend it.

      3. Anonymous said on October 23, 2018 at 10:38 pm
        Reply

        @Hy

        Strict Site Isolation is a security feature. It makes the sandbox around pages smaller.

        First Party Isolation is a privacy feature. It makes it so sites can not follow you around the internet.

        Different features with different purposes. The good news is that Firefox will be getting Strict Isolation, as they are actively working on it. Brave/Vivaldi is built on Chromium, which will never get First Party Isolation. Chromium will never get this feature because it directly cuts into Google revenue.

        Brave/Vivaldi wouldn’t be able to add that feature without completely forking the browser engine.

        On the matter of VPN, I agree. It is possible to trust a VPN more than an ISP

      4. Hy said on October 24, 2018 at 12:36 pm
        Reply

        Anonymous said on October 23, 2018:

        “Strict Site Isolation is a security feature. It makes the sandbox around pages smaller.

        First Party Isolation is a privacy feature. It makes it so sites can not follow you around the internet.

        Different features with different purposes.”

        Thank you for shedding some light on this!

  8. Paul(us) said on October 21, 2018 at 10:08 pm
    Reply

    Security privacy-wise speaking for the user Mozilla his choice is a good one but price wise is a ferry bad decision of Mozilla, even with the discount.
    It is like you writing Martin a ferry expensive VPN service and next to that it’s bordering on being a stupid managerial Mozilla decision that they do not see, the potential gigantic monthly revenues of a one VPN services (and also the fact that subscriber’s count will grow gigantic the coming years).
    And then I have not mentioned yet that when they keep the VPN services in-the-house its also quite good for there the brand name, this because right now there a trustworthy brand.
    Why take the change that when an untrusty VPN service brings your browser in discredit your one brand will be infected with a bad (rap) news items flow?

  9. Dilly Dilly said on October 21, 2018 at 10:10 pm
    Reply

    How does mozilla know what you are doing when you use their browser? Anyone know a list of IP’s mozillas spy servers use so I bit bucket them with an ACL?

    1. gh said on October 22, 2018 at 8:19 am
      Reply

      Due to use of cloudflare, akamai, and similar Content Delivery Network providers, we cannot reliably block based on IP addresses. Similarly, they cannot rely on causing the browser to callout to fixed/hardcoded IP addresses. Instead, callouts (for various functions) target an assortment of of server hostnames

      The following is not a comprehensive list of hostnames, and I won’t claim that all interactions with these are “bad/undesirable”. (For instance, some users may WANT their browser to ping “AUS” automatic update server.) Some of the callouts can be prevented via (scouring and editing) about:config preferences and/or via use of a customized user.js but I recently noticed traffic to the following logged (silently, out-of-band) when I launched a new profile:

      aus5.mozilla.org
      balrog-aus5.r53-2.services.mozilla.com
      detectportal.firefox.com
      detectportal.firefox.com.edgesuite.net a1089.d.akamai.net
      olympia.prod.mozaws.net
      search.r53-2.services.mozilla.com
      self-repair.mozilla.org
      self-repair.r53-2.services.mozilla.com
      services.addons.mozilla.org
      shavar.prod.mozaws.net
      shavar.services.mozilla.com
      shield-normandy-elb-prod-2099053585.us-west-2.elb.amazonaws.com
      tiles.r53-2.services.mozilla.com
      tiles.services.mozilla.com
      versioncheck-bg.addons.mozilla.org
      versioncheck.prod.mozaws.net

    2. Yuliya said on October 22, 2018 at 9:53 am
      Reply

      Here is a list:

      0.0.0.0 activations.cdn.mozilla.net
      0.0.0.0 aus5.mozilla.org
      0.0.0.0 crash-stats.mozilla.com
      0.0.0.0 detectportal.firefox.com
      0.0.0.0 experiments.mozilla.org
      0.0.0.0 fhr.cdn.mozilla.net
      0.0.0.0 getpocket.cdn.mozilla.net
      0.0.0.0 incoming.telemetry.mozilla.org
      0.0.0.0 input.mozilla.org
      0.0.0.0 install.mozilla.org
      0.0.0.0 onyx_tiles.stage.mozaws.net
      0.0.0.0 qsurvey.mozilla.com
      0.0.0.0 search.services.mozilla.com
      0.0.0.0 self-repair.mozilla.org
      0.0.0.0 telemetry.mozilla.org
      0.0.0.0 telemetry-experiment.cdn.mozilla.net
      0.0.0.0 tiles.services.mozilla.com
      0.0.0.0 token.services.mozilla.com

      I suggest also going to about:config, type “http” in the search and blank every field containing an address.

      You can leave alone “extensions.update.url” for extension update, though I sugest disabling auto extension update and do it manually only. If you don’t need this filed you can then also add:

      0.0.0.0 versioncheck.addons.mozilla.org

      Note: the second address with “aus5.mozilla” is used for browser update. Firefox 63 will take away update control from the user so if you update manually I highly recommend blocking it.

      1. Klaas Vaak said on October 22, 2018 at 10:51 am
        Reply

        @Yuliya: thanks for that. What is the difference between

        versioncheck.addons.mozilla.org
        and
        versioncheck-bg.addons.mozilla.org

      2. Yuliya said on October 22, 2018 at 10:59 am
        Reply

        Klaas Vaak, my guess is that “versioncheck.addons.mozilla.org” is used when you go to the addon manager, click the cogwheel and select check for updates. Meanwhile ” versioncheck-bg.addons.mozilla.org” is used whenever Firefox checks for extensions updates automatically, if you let it to do it. It’s just my guess that “bg” could stand for background.

      3. Klaas Vaak said on October 22, 2018 at 11:05 am
        Reply

        @Yuliya: wow, that’s a quick answer :-) Many thanks for the explanation.

      4. gh said on October 22, 2018 at 7:43 pm
        Reply

        re: going to about:config, type “http” in the search and blank every field containing an address.

        Yuliya, I’ve tested and found that for several keys, BLANKing the preference string value is ineffective. Given a blank value, firefox will fallback to using a default/hardcoded string value. Also, IIRC, any blank string values are repopulated if an update operation occurs (i.e. if autoupdate is enabled).

        With the above in mind, I adopted the (tedious) strategy of searching about:config for instances of “mozilla” and “google” and “cliqz” and a few other strings… then MANGLING (vs blanking) the hostname present within matching preference values. Example: “versioncheck.addons.moziiiiiiiiiiiilla.org”

        Even so, as I noted in my other comment here, the strategy of just editing from within about:config applies to only the currently active user profile; it fails when launching a new/fresh profile.

        Back in pre-ff60 days, I tested the approach of using the ESR version, and attempting achieve enforcement via application.ini, autoconfig.js, local-settings.js, override.ini “lockPref()” declarations. Ref: https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Enterprise_deployment_before_60 and https://stealthpuppy.com/prepare-mozilla-firefox-for-enterprise-deployment-and-virtualization/ …which, again, proved to be a tedious and incomplete “solution”.

        Efffective enforcement involves both blocking — via firewall rules (or HOSTS entries) — and changing additional prefs (disable any/all prefkeys mentioning “service(s)” to prevent recurring, timer-driven, callouts). Some of the “known” and blocked destinations, as illustrated by the “versioncheck” vs “versioncheck-bg” example… the browser may fallback to calling additional “yet unknown” hostnames in its Borg-like attempt to workaround our blockages and contact the mothership.

        It’s a dangblasted circus; I’ve lost patience dealing with that nonsense. To anyone still wrestling with the recent/current versions of firefox, well… Bless Your Heart.

      5. Yuliya said on October 22, 2018 at 9:27 pm
        Reply

        gh, yes I did not mention it, but I know some addresses are hardcoded and Firefox will do whatever it wants anyway. For example I could not make Fx 63+ not check for updates without blocking “aus5.mozilla.org” in my hosts. Removing everything related to this domain via about:config or disabling every update related preference also had no effect. Same thing with their “tests” and telemetry related extensions, with everything related to tests, system addons or telemetry disabled in about:config they still sent those things multiple times on my PC. Really nasty.

        I’d say it’s still worth blanking them imo but more importantly to block those addresses at the OS level or router.

  10. Sam said on October 21, 2018 at 11:02 pm
    Reply

    Martin, you wrote: “The choice of ProtonVPN may also be questioned by some.” What do you mean by this? Can you elaborate?

  11. Anonymous said on October 22, 2018 at 5:46 am
    Reply

    Browser based VPN? Might as well call it a proxy service. With half the price you can use OS based VPN, only uninformed people will use this service

  12. Constantine said on October 22, 2018 at 7:42 am
    Reply

    No, vpn services do not improve security.

    Vpn services are just black boxes that you permit your connection to pass through and you can only HOPE that they do not log your activity and just give it freely to every fascist government out there, and no their claims have absolutely no value as has already been proved by other vpn services.

    Mozilla keeps ears and eyes shut to the fact that TRUST is not a sound security method, not any more.

    1. John Fenderson said on October 22, 2018 at 5:16 pm
      Reply

      @Constantine: “vpn services do not improve security”

      This is completely untrue as a blanket statement. It is true, however, that you need to use a reputable and provably trustworthy VPN service.

      “Mozilla keeps ears and eyes shut to the fact that TRUST is not a sound security method, not any more.”

      It never was. The reality, though, is that it is impossible to escape the need for trust, you can only choose who you are trusting.

      1. Constantine said on October 22, 2018 at 9:55 pm
        Reply

        No no and no! There is absolutely no trustworthy VPN!

        There cannot be any sense of trustworthiness unless it gets audited but EVEN THEN it’s absolutely not possible to be sure that they will keep using the same configuration and no-logging practices!
        AFAIK only one vpn service has accepted an audit but that same service is one of those who reuse the same secret key. https://gist.github.com/kennwhite/1f3bc4d889b02b35d8aa

        Again, vpn services are just black boxes. You have no idea if they log and how they use that info. You have no idea how secure their infrastructure is that you trust your packets to go through. You can only make a judgement by completely bumptious claims about no-logging policies (have already turned complete BS in court with some services) or choose one based on how popular is, how many “followers” it pays or in what country it is based on.

        The important thing is that it is impossible to make a technically educated verification. As long that sentence remains true then those who recommend VPN services as a method to protect someone’s privacy are technologically ignorant and can do only harm.

        Shame on Mozilla.

      2. Anonymous said on October 23, 2018 at 10:24 pm
        Reply

        @Constantine

        You don’t compare VPNs to some perfect magical world.

        What you compare them to is your ISP. Do you trust the VPN over whatever random ISP you happen to be connected to?

        The answer to that can be yes. Especially since Mozilla has audited PhotonVPN, just as you suggested.

      3. Hy said on October 23, 2018 at 11:25 pm
        Reply

        Anonymous said: “You don’t compare VPNs to some perfect magical world.

        What you compare them to is your ISP. Do you trust the VPN over whatever random ISP you happen to be connected to?”

        Beautiful…I couldn’t agree more. You expressed in two lines what took me two paragraphs to say… ;)

      4. Constantine said on October 24, 2018 at 6:20 am
        Reply

        I trust the vpn service EXACTLY THE SAME with a random ISP.

        That’s why good people out there design and implement SOUND security methods like encryption trying to remove middle men out of the equation.

        What you doing with the vpn is attaching more failure points in the equation.

        Might be your ISP the bad guy who will give you to your government, might be the vpn service, you just don’t know, you cannot know.
        Also, the vpn end point is connected to thin air? It does use an ISP to connect to the internet, no?
        Most vpn’s this days use cloud computing to easily get more servers up and running. Do you trust cloud providers?

        Mozilla audited photon? Well alright feel free to link me to the detailed paper that does that, i won’t hold my breath.
        Also, i hope you understand that serious audit happens by a third party, same like you have to get independent qualified accountants to check the books of a company.
        But even then, as i said, it’s VERY easy to just switch the vpn configs and just get back to recording.

        There are sadly countless of “what-if” situations in this vpn business to make it any remotely secure solution even if the vpn service is TRULY a fort knox of people with sec understanding.

      5. John Fenderson said on October 25, 2018 at 12:38 am
        Reply

        @Constantine: “There is absolutely no trustworthy VPN!”

        If you’re looking for 100% trustability, then you’re right. However, in that sense, there is no trustworthy anything. However, there are certainly some VPNs that are more trustworthy than others.

        VPNs (like all security measures) aren’t some sort panacea. They are properly used as a component in a larger defensive posture. In that role, VPNs are very valuable.

      6. Constantine said on October 25, 2018 at 6:28 am
        Reply

        Empty words.

        Some VPNs are NOT more trustworthy than others because it is not possible to have an unbiased scale of measurement.

        Who said anything about 100% trustability? That’s something to look up to when you talking about true security measures like encryption, formal verification, multilevel security and so. Those are methods that you have VALID reasons to trust.

        Again, you think they are secure? Prove it.

        False claims and dangerous games with people’s privacy (or even lifes) just for profit.

  13. foonk said on October 22, 2018 at 7:52 am
    Reply

    The replies to this are so lulzy. No wonder the state of security is so damn bad.

    1. Klaas Vaak said on October 22, 2018 at 10:53 am
      Reply

      @foonk: “lulzy”?

      1. John Fenderson said on October 22, 2018 at 6:34 pm
        Reply

        @Klaas Vaak:

        “Lulzy” == “laughable”

      2. Klaas Vaak said on October 22, 2018 at 7:08 pm
        Reply

        Thanks, not every dictionary recognises that word.

      3. John Fenderson said on October 22, 2018 at 8:45 pm
        Reply

        I’m going to guess that no dictionary has that word. “Lulz” is internet slang, meaning roughly “laughs” (as in “I did it for the lulz”). “Lulzy” is something I think the commenter just made up, adding the “-y” to turn “lulz” into an adjective.

  14. Anonymous said on October 22, 2018 at 12:18 pm
    Reply

    “There is no surefire way to be selected for the test as criteria for selection are quite diverse. Users who connect to an Open (unencrypted) wireless network, visit privacy focused websites, or streaming sites, may see the recommendation by Firefox.”

    More shameless in-browser targeted advertising from Mozilla. This is becoming very creepy. I’m glad it will probably never be added to Waterfox.

    1. Anonymous said on October 22, 2018 at 7:00 pm
      Reply

      Pocket does not violate privacy. It does all the analysis client side.

      Its really not that hard to understand. But people trying to promote their favorite browser don’t want to understand. Only spread FUD

      1. Anonymous said on October 22, 2018 at 9:07 pm
        Reply

        “More shameless in-browser targeted advertising from Mozilla. This is becoming very creepy.”
        “Pocket does not violate privacy. It does all the analysis client side. […] Only spread FUD”

        Pocket does targeted advertising, that’s a fact, and that’s creepy, client side or not. Seeing the browser pop a VPN ad when one browses a privacy site or streaming site is creepy. Adware alone in the browser is already something creepy. That you have a lower resistance to being treated as a cash cow shouldn’t be a reason for you to imply that people with more self-respect are liars or misinformed.

        Also about Pocket being private :

        “In addition to the information that you provide to us when you register for a user account, we collect information about the URLs, titles and content of the web pages and other information you save to Pocket. […] If you are on a mobile device, we collect the advertising identifiers provided by Apple on iOS and by Google on Android.”

        They could have stored that encrypted with the user only having the key. Apparently they don’t. Also not very private of them collecting the iOS and Android advertising identifiers.

    2. gh said on October 22, 2018 at 8:09 pm
      Reply

      I fully expect it WILL be “added to firefox”. Clearly they have gone to extreme lengths to drive away longtime, freethinking, users and extension developers and are now busily pursuing the further step in their agenda — one of onboarding new users who will embrace (and, ultimately $$$ subscribe) an “all your online are belong to us” offering. Sync + email + oAuth identity management + additional susbscriber benefits e.g. reduced VPN pricing… and special pricing from other “partners”.

      Think back across the past few years of firefox’s “development”. Examine the incremental changes from a holistic point of view. Cha- ching! Follow the money. Isn’t it evident that Mozilla has been grooming both the product, and the userbase, toward becoming an attractive Amazon acquisition target?

      As of Nov/Dec 2017 there is, in fact, a “special build” of firefox which targets AmazonFire devices and is enhanced (!) to better target, and “serve”, the AmazonFire userbase.

      1. Anonymous said on October 23, 2018 at 10:42 pm
        Reply

        “Isn’t it evident that Mozilla has been grooming both the product, and the userbase, toward becoming an attractive Amazon acquisition target?”

        No. Mozilla is a non-profit

      2. Anonymous said on October 24, 2018 at 3:25 pm
        Reply

        “No. Mozilla is a non-profit”

        This is a lie by omission, the same as on Mozilla sites : Mozilla Corporation is for profit, only the foundation is non profit.

  15. ilev said on October 22, 2018 at 3:27 pm
    Reply

    “I’d consider a VPN if I lived in an Internet-restricted country with a tunnel required to go where I please; not for privacy reasons.”

    If you live in one of the 14 Eyes countries (Australia Canada New Zealand United Kingdom United States (+ Israel Singapore South Korea Japan British Overseas Territories) Denmark France Netherlands Norway Germany Belgium Italy Sweden Spain, you NEED vpn.
    Using VPN in these counties DOESN’T guaranty that your data isn’t decrypted and saved.

    All these countries spy and eavesdrop on ALL their citizens and foreign communications and share the data between the group.

    1. Anonymous said on October 23, 2018 at 10:50 pm
      Reply

      Which gov does not spy on its citizens again?

      Most in the west are more worried about corporate spying, not gov spying.

      If you are worried about the gov, you need more than a simple VPN

  16. TelV said on October 22, 2018 at 5:02 pm
    Reply

    I’m surprised that ProtonVPN is priced in US$ considering it’s a Swiss company. Understandable from the Mozilla trial point of view for US users, but not for local or European clients. Paying monthly will mean the transaction is subject to fluctuating FX rates which can raise the actual price you pay. https://protonvpn.com/pricing

    I note also that they’re the same bunch who developed ProtonMail so maybe a Mozilla deal will be forthcoming with that as well at sometime or another.

    I think a VPN is useful though since there are still a number of sites around which don’t use an SSL. Also, I sometimes want search results in English, but all search engines display primarily Dutch sites just because I live in the Netherlands. Switching my location to the UK or US gets me the results I’m looking for quickly and without a lot of fuss.

  17. John Fenderson said on October 22, 2018 at 5:10 pm
    Reply

    I think this is a wonderful thing. It’s very hard to know (in terms of security) which VPN provider you can trust, and how much you can trust them, and I know first-hand that keeps a lot of people from using them. If this reduces some of that uncertainty enough to get those people to use VPNs, that is only for the good.

    1. Anonymous said on October 22, 2018 at 7:01 pm
      Reply

      Exactly, this is quite a mark of approval. Very exciting news

  18. Richard Steven Hack said on October 22, 2018 at 6:57 pm
    Reply

    I’m more or less unconcerned about privacy, as I really don’t care who sees what I’m doing on the Internet (unless I’m hacking, which I’m not at the moment – if you hack, you’d better be mobile and you’d better be going through someone else’s compromised system to do it.)

    What I use a VPN for is to get decent download speeds. Before using a VPN I got crappy download speeds. I don’t know if it was AT&T’s crappy servers (I get Uverse through DSLExtreme’s branded version), or what. But when I installed a VPN and can switch servers, I get full speed downloads. Sometimes the VPN server craps out or goes slow, but I can just switch to another which has better speed. In short, the VPN allows me to “route around” crappy Internet service.

    People who think they’re getting “privacy” from government surveillance are fooling themselves. First of all, well over 99% of you are never going to be surveilled directly by the government anyway. All your data gets hoovered up and stored, but will never be used against you. If your government ever does take a direct interest in you, a VPN will be next to useless because they will hack your computer directly – and 99% of you don’t have the tech ability to spot that when it happens.

    Not to mention that you give up “privacy” every time you access a Web site which has crappy security – which they all do. They dump a cookie on your system which dumps all your info to their Web site – which the government hoovers up as well.

    A VPN is still useful for privacy – but only against possible other entities conducting surveillance on you. And again, depending on you are, 99% of you simply aren’t subject to surveillance by anyone except a few commercial entities.

    As for this Firefox VPN service, if it costs more than the one I use (I pay $6.95 a month) then I won’t see any advantage in using it – unless ProtonVPN really is much better.

    Also there is no mention in the article if the ProtonVPN service supports Linux directly – my VPN provider really doesn’t, but there is a third party script that loads their server list into openVPN, so I can use it.

  19. stefann said on October 22, 2018 at 7:52 pm
    Reply

    Laughable that people still use VPN on their home computers when VPN’s were hacked by NSA at least a decade ago. I more understand if corporations use VPN’s, but a home user ? Waste of time and money…..

    1. John Fenderson said on October 22, 2018 at 8:51 pm
      Reply

      @stefann: “VPN’s were hacked by NSA at least a decade ago”

      This is literally the same as saying “all encryption was hacked by the NSA…”

      It’s just not true. Not all VPNs work the same, after all, so it isn’t a “hack once and be done” sort of thing. So, at worst what you can say is “specific VPNs were hacked”.

      Encryption is an arms race, and so all crypto algorithms have a “shelf life.” But when it becomes clear that someone has cracked one (or even if it is demonstrated that cracking it is possible even if there’s no sign it’s actually been done), then all reputable providers change to one that isn’t comprimised.

  20. Preska said on October 22, 2018 at 8:46 pm
    Reply

    interesting… no one is mentioning Opera VPN
    available for years and free?!

    1. Anonymous said on October 22, 2018 at 11:49 pm
      Reply

      What is the point of having a VPN that steals all your data?

      Safer just to not even use it.

    2. Anonymous said on October 23, 2018 at 2:07 am
      Reply
  21. obstructed proxy said on October 22, 2018 at 9:01 pm
    Reply

    So this move appears as another copy-n-paste development idea, taken from Opera. Plus the partnership with a VPN service. I agree with the points that a VPN is useful for those behind China Great Firewall. For those in the big pool of NATO it seems like a not wise idea. A VPN is used to bypass censorship, otherwise you’ll giving your browsing habits to the VPN provider. Do VPNs log the browsing of their customers? Yes, they keep for some time and they are obliged to respect the laws of the country they are based into. How is the law in Schweiz?

    1. Anonymous said on October 23, 2018 at 10:46 pm
      Reply

      Did you read the article? They will not keep logs.

      Many in NATO are more worried about ISPs and companies having their data than their governments.

      If you are worried about gov, you need TOR not VPN

  22. ULBoom said on October 23, 2018 at 1:56 am
    Reply

    Proton VPN is excellent. Fast, secure as a VPN can be (it’s in a mountain, JK!) and mostly stable connections. Lots of servers. It can be had for about half price using the store here and on other sites with the same store, every so often.

    Having said that, don’t use a VPN built into a browser, that’s idiotic. Proponents of that practice clearly don’t understand VPN’s. It makes as much sense as using a VPN inside Tor if extreme security isn’t needed, except with the opposite effect. VPN’s encrypt everything your device requests online, much of which doesn’t use the browser. An effective VPN is installed as a client, not bundled in a browser where there are 50 million ways for data to leak even if you think your browser has been hardened.

    One of the big benefits of a VPN is greatly reduced tracking, redirection and nagging. That’s the main reason I use them; avoiding all those “coincidences” encountered while browsing. All the insane guesses about what I want. Fools!

    Windows 10 has a built in VPN . It sucks; lousy encryption scheme. Do you really trust Windows to keep VPN traffic secure? No? Trust Firefox, Brave, Vivaldi? I sure don’t. Vivaldi and now Brave have a ridiculous fan boy base. Chrome that isn’t chrome, wow!

    It’s hard enough to find VPN companies that really do use logs only for your connection, destroy them on disconnect or soon after and have enough servers to be reasonably fast. Most sell your data. Free VPN’s say it up front at least. I’m sure we’ll see anyone who thinks they can make money from a VPN service trying to sell them for a while, then give up. I doubt most folks care if those explicit livestreams they make are kept private anyway; privacy’s dead for the masses.

    In the end it’s about trust; trust comes from good understanding of how browsers, VPN’s, OS’s, Tor, etc., work and what strategy an individual should use to meet their needs. Also from never falling in love with software.

    1. Constantine said on October 23, 2018 at 3:02 pm
      Reply

      How do you know it is secure?
      Can you prove it?
      Can they (vpn service or mozilla) prove it?

  23. Edan Manson said on October 23, 2018 at 11:12 am
    Reply

    It’s secure to use VPNs if they have some corporate connections with browsers? I think they want to steal more of our data. So I prefer to use providers something like NordVPN, which are trustful and cares just about security.

  24. TelV said on October 23, 2018 at 12:26 pm
    Reply

    This critical analysis in PDF format on VPN providers entitled “A Glance through the VPN Looking Glass: IPv6 Leakage and DNS Hijacking in Commercial VPN client” was written in 2015, but still worth a read to gain insight on the subject: https://qmro.qmul.ac.uk/xmlui/bitstream/handle/123456789/10855/Tyson%20A%20Glance%20through%20the%20VPN%202015%20Published.pdf?sequence=2

  25. Abe said on October 23, 2018 at 1:22 pm
    Reply

    Reeks of Mozilla’s desperation. Their privacy branding is still tarnished from Cliqz and Mr. Robot.

    1. Anonymous said on October 23, 2018 at 10:45 pm
      Reply

      Oh yes, Mr. Robot.

      A stupid promotion that made stupid people angry

      No one was affected

      1. Anonymous said on October 24, 2018 at 3:34 pm
        Reply

        “A stupid promotion that made stupid people angry
        No one was affected”

        Now the Mozilla guy is calling people who dislike ads stupid. Especially ads sent through a channel people trusted not to be used that way. No wonder he thinks Pocket is ok, since according to him browser ads don’t “affect” people.

  26. noemata said on October 23, 2018 at 1:53 pm
    Reply

    protonvpn is good (privacy policy). but: https://airvpn.org/ is better (privacy policy & infrastructure & philosophy & many years of reliability and experience). maybe the term “…hacktivists” or simply “money” is preventing mozilla from thinking of cooperating with airvpn.

    my quantum state about this news: {*lol* + *sad*} (including complex numbers). collaps of the wave function: protonvpn is ultimately the better solution than operas strange “vpn”. and yes, i understand: mozilla needs money and must move away from google.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.