Firefox 67: Cryptomining and Fingerprinting protection - gHacks Tech News

Firefox 67: Cryptomining and Fingerprinting protection

Mozilla plans to launch cryptomining and fingerprinting protection in Firefox 67 to improve user privacy.

Cryptomining and fingerprinting protection block JavaScript cryptominers and certain attempts by websites to fingerprint the user.

The organization revealed in 2018 that it had plans to improve privacy in Firefox. Mozilla added content blocking options to Firefox 63 -- an update of the browser's tracking protection functionality -- and that it wanted to add more protective features to future versions of Firefox.

If things go as planned, Firefox 67 will feature options to block JavaScript cryptominers and certain fingerprinting attempts.

firefox cryptominers fingerprinters

Cryptominers use the resources of the connecting device to mine cryptocurrency; this leads to an increase in CPU activity and power consumption. Depending on how the miner is configured, it may slow down the entire system and all operations on it as well.

Fingerprinting protection is not a new feature. Fingerprinting refers to techniques to create user profiles for tracking using information provided by the connecting browser and device, and certain scripts if permitted to run. Mozilla introduced a preference to block some fingerprinting methods in Firefox 41.

First signs of an integration in Firefox's main user interface showed up in May 2018. Mozilla showcased extensions to the content blocking functionality back then that included options to block analytics, fingerprinting, crypto-mining, and social tracking.

Only two of those, fingerprinting and cryptomining protections, will find their way into Firefox 67. The options are displayed when users click on the site information icon next to the site URL, and when they launch the privacy options in the Firefox settings.

firefox privacy options

Select custom on the settings page under content blocking to display the new options. It is not clear yet if these options will be enabled by default or if users need to enable them manually in Firefox 57.

Just check cryptominers and fingerprinters there to block these on all sites. You may still add exceptions if you want some sites to use the functionality. It is possible that the blocking may block some site functionality from executing correctly.

Firefox 67's release date is May 14, 2019.

Closing Words

The introduction of additional protective features is a long overdue step considering Mozilla's stance in regards to privacy. It remains to be seen if the options are enabled by default or turned off; it would not be of much use to the bulk of users if the latter is the case.

Mozilla is still facing quite the dilemma when it comes to user privacy and content blocking: adding full content blocking options to Firefox would set it apart from Google Chrome. It would improve user privacy, speed up the loading of sites, and be beneficial to security as well. Mozilla's survival depends on its deals with search engine companies, on the other hand. It is doubtful that Google and others would pay Mozilla a premium for being the default search engine if the Firefox browser would block advertisement by default.

Now You: What should Mozilla do in your opinion in regards to content blocking and privacy? (via Sören)

Summary
Firefox 67: Cryptomining and Fingerprinting protection
Article Name
Firefox 67: Cryptomining and Fingerprinting protection
Description
Mozilla plans to launch cryptomining and fingerprinting protection in Firefox 67 to improve user privacy.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. Pierre said on February 5, 2019 at 9:55 am
    Reply

    I don’t have it in my Nightly 67 up to dated

  2. Anonymous said on February 5, 2019 at 10:46 am
    Reply

    If this new part of fingerprinting blocking is just based on content blocking (not advanced techniques like faking canvas readout), then ublock origin does it already out of the box with its anti-tracking lists, and probably better than Mozilla. There is a more advanced anti-fingerprinting mode in Firefox that lies to sites to confuse fingerprinters and may break sites but I doubt that they consider it newbie-friendly enough to expose that part so much in the settings.

    ublock origin takes care of miners too out of the box.

    There is so much inflation in their built-in content blocker that at that point it would make more sense to just bundle ublock origin. But they want to keep control of what’s being blocked and especially they want us to see ads (until maybe they block non Google ads like Chrome some day). I’m afraid that some day they cross another line and finally become arrogant enough to implement political blocking in line with their foundation’s campaigns.

  3. ADW said on February 5, 2019 at 11:27 am
    Reply

    Another Firefox feature to turn off by default. Their “protections” only break sites and have no real protection value on any but Mozillla’s tests.

    And it will be turned on again against users will or interaction on every Firefox update.

    The “reinvention” of uBlock Origin by Failzilla.

    1. Anonymous said on February 6, 2019 at 3:57 am
      Reply

      No doubt will be sabotaged by Googlesoft.

    2. Amonymous said on February 7, 2019 at 7:28 am
      Reply

      And how many percentages of people actually use uBO?

      Integrated solutions is good for normal users, even if power users don’t care.

  4. user17843 said on February 5, 2019 at 12:14 pm
    Reply

    Now that Cryptominers are already a thing of the past, and no longer a problem, Firefox includes a protection? lol.

    This has to be a joke. The height of this malware was in 2017 already. It is not even profitable anymore.

    It should not take more than a couple of hours for a browser maker to implement a standard cryptomining blocker into a browser, as you simply need to block one single script from running (coinhive).

    1. user17843 said on February 5, 2019 at 1:16 pm
      Reply

      Here’s more background info: https://www.theregister.co.uk/2018/08/15/coinhive_mining_money/

      It wasn’t even profitable in 2018.

      Their study should be good for creating an efficient blocker: https://arxiv.org/pdf/1808.00811.pdf

    2. NotAnonymous said on February 7, 2019 at 3:00 am
      Reply

      I’m glad Firefox is finally trying to block crypto exploits, but I agree that it’s one year too late.

      The culprit is Java (of course) for being a security nightmare.

      After the $190 million dollar QuadrigaCX debacle, you’d have to be beyond stupid to invest in crypto (but that won’t stop some people from trying to mine crypto on YOUR computer for free).

      Better late than never.

  5. asd said on February 5, 2019 at 12:19 pm
    Reply

    Looks like Mozilla is preparing for the end of uBlock when they have to copy Chrome and follow Chrome extension manifest v3…

    1. Surm said on February 5, 2019 at 4:24 pm
      Reply

      That doesn’t make sense since Firefox already extends the webRequest API beyond what Chrome does, so you have cross browser APIs for add-on developers AND extended capabilities beyond the “standards”.

      This move is aimed at protecting more users who run with default or close to default configurations.

  6. thebrowser said on February 5, 2019 at 2:22 pm
    Reply

    @Anonymous @ADW:

    We have to accept the fact that most users will not bother installing privacy-focused extensions, or even take basic precautions for their own digital safety (not to mention privacy). And I’m sure we all have seen this behavior from friends, family, coworkers, etc.: some are not aware of the privacy implications of browsing the web and some simply don’t care enough (or at all) to do something about it.

    Therefore this is an actual improvement for the browser, the end user and privacy in general. Is not that I disagree with what you are saying, but I’m just trying to bring another perspective about what is being said before the bombardment against Mozilla starts yet once again.

    With that said, I will agree with that uBlock Origin and other extensions do a great job at blocking malicious scripts and I highly recommend it to everyone reading this. It’s a very powerful yet very easy to install and use right out-of-the-box, and is also very well documented if you like to use it to it’s fullest. I would also encourage readers to read a little bit about how to tweak Firefox, and if you are even more curious about ghacks.js:

    https://github.com/gorhill/uBlock
    https://www.privacytools.io/#about_config
    https://github.com/ghacksuserjs/ghacks-user.js

    1. Jason said on February 5, 2019 at 8:01 pm
      Reply

      This is how I see it too. For my own usage case (that of a semi-advanced user), it makes sense to stick to uBlock Origin and turn off the Firefox protections. But for everyone in my family who doesn’t know enough to use uBO without “breaking the internet”? They will be do much better with the Firefox protections. Plus, the sudden adoption of better tracking protection by millions of people will mean that uBO users won’t stand out from the pack as much.

    2. Anonymous said on February 6, 2019 at 12:20 am
      Reply

      “We have to accept the fact that most users will not bother installing privacy-focused extensions”

      That’s why I said they should instead bundle ublock origin, I mean having it included automatically at Firefox installation, with no need for users to install it separately. I’ve seen Firefox forks on linux bundling ad blocking extensions. The problem of slightly higher risk of occasional site breakage compared to Firefox built in content blocker would be more than compensated by the increased security, privacy, browsing speed, and visual space decontamination. Blocking all ads out of the box would be a great selling point for Firefox. But I’m curious if their new extension recommendation system does even recommend ublock origin ?

      1. Alidl said on April 19, 2019 at 5:31 pm
        Reply

        Firefox can’t do that and in my opinion shouldn’t do because if they do this websites owners become angry and will abandon it and may also prevent its users to browse their website and also like what martin said google also may stop paying to firefox to making google the default search engine for firefox and then may also mozilla and firefox will die in the long term.

  7. Pierre said on February 5, 2019 at 3:56 pm
    Reply

    Caution, many Firefox users are not specialists and don’t use ublock urigin (and sometimes no adblock extension at all) and don’t know what cryptomoney mining is and some adblock erxtensions don’t have the nocoin list by default. This feature may be useful for them. And the feature is not compulsory.

  8. John Fenderson said on February 5, 2019 at 5:09 pm
    Reply

    “What should Mozilla do in your opinion in regards to content blocking and privacy?”

    Given the direction that they’re taking Firefox, they don’t really have a lot of good options here. Their plan is probably the best one available.

  9. ULBoom said on February 5, 2019 at 8:28 pm
    Reply

    I’ve tried many variations of these things and you definitely have to pick the right trade offs among anonymity, functionality, tracking and annoyances. I tend to lean toward higher functionality with one blocker, many about:config mods and use a VPN for more anonymity if needed. Sites that break are rare and mostly disposable anyway. Start piling on blocker and tracking add ons and functionality can become very poor.

    I doubt the vast majority of users care about privacy enough to do anything about it (maybe that’s not true for FF users) so leaving these settings off so some sites don’t break makes sense as long as the new preferences are highlighted in the release notes when they’re incorporated. One would have to read the release notes, of course…

  10. Hunter said on February 5, 2019 at 8:33 pm
    Reply

    I’m pretty sure Mozilla could implement literally any feature and there’d be a swarm of users criticizing it no matter what here.

    1. Thorky said on February 6, 2019 at 10:43 am
      Reply

      Firefox once was a small browser with many extensions to do the special jobs. There are already many anti-coin-mining extensions available, so I see no necessity to implement one. I suppose, they do so for all the people who have never used any extensions and maybe even don’t know, that they exist. 😏

  11. Apometron said on February 5, 2019 at 9:31 pm
    Reply

    Martin, a quick comment. I disabled uBlock Origin. uBlock Origin helps me a lot on YouTube. =)))) Selected sites I disable it!!

  12. Leon said on February 6, 2019 at 1:22 am
    Reply

    This is the best update from a very long time, cryptomining using web browser is the worst.

  13. gwacks said on February 6, 2019 at 4:47 pm
    Reply

    “What should Mozilla do in your opinion in regards to content blocking and privacy?”

    Keep up the work and don’t fuck up webRequest API. That’s good enough.

    “Firefox 67’s release date is May 14, 2019.”

    It is worth mentioning that a full version of so-callde *The Contract for the Web* will be published in May too.
    We’ll see if any change would take place by then.

    https://contractfortheweb.org/

  14. what a said on February 7, 2019 at 1:49 am
    Reply

    Users who don’t protect themselves deserve no protection. When businesses like Mozilla offer protection it means dependency. That is the business itself. The lame user protected undeservedly in exchange for his freedom. It is a modern adaptation of slavery.

    The irresponsible demands opportunities, The state(Mozilla) offers “equality”. It all is politics.
    This is communism. Mozilla itself can’t create technology, it buys it, it buys men who can, and has the rest working for free. Google does exactly the same. It is corporate parasitism.

    1. Babom said on March 24, 2019 at 10:48 am
      Reply

      Don’t you have something better to complain about than web browsers?

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.

Be polite: we do not allow comments that threaten or harass, or are personal attacks. Please leave politics and religion out of discussions!