Mozilla to run a Firefox Origin Telemetry experiment in development versions of Firefox

Martin Brinkmann
Jun 7, 2019
Updated • Jun 7, 2019
Firefox
|
25

Mozilla announced a push to improving privacy for all users of the Firefox web browser recently. The organization began to enable Tracking Protection functionality for all new installations with the release of Firefox 67.0.1 Stable, and plans to flip the switch for existing installations as well if settings were not modified by users already.

The new default level blocks "some" trackers in private and regular browsing windows, and known tracking cookies. The previous setting blocked some known trackers in private windows only.

The companies and individuals that operate these trackers and sites may react to the change, and Mozilla wants to be prepared for that.

The organization plans to run an experiment in development versions of the Firefox web browser to detect workarounds by these organizations and individuals.

Mozilla is aware of the sensitive nature of the data and decided that it would need a better way to analyze the data that would not potentially reveal sensitive information.

Firefox Origin Telemetry

firefox tracking protection default

Mozilla developed Firefox Origin Telemetry for that specific use case. The component is built on top of Prio, a "privacy-preserving data collection system developed by Stanford Professor Dan Boneh and PhD candidate Henry Corrigan-Gibbs".

Mozilla wants to collect blocklist totals only.

We will use Firefox Origin Telemetry to collect counts of the number of sites on which each blocklist rule was active, as well as counts of the number of sites on which the rules were inactive due to one of our compatibility exemptions. By monitoring these statistics over time, we can determine how trackers react to our new protections and discover abuse.

Firefox Origin Telemetry needs to be validated before it could land in release versions of Firefox. Mozilla plans to run a test starting with Firefox 69 Nightly.

Prio requires that data is collected by two independent parties and Mozilla plans to meet the requirement in release versions. For this initial test, however, Mozilla will run both data collection servers.

firefox study telemetry

The collected data falls within the organization's "data collection policies" for pre-release versions of the Firefox web browser. The test runs on 1% of the Firefox Nightly population as that is all that is required to validate the API.

Firefox Nightly users who don't want to participate in the experiment may disable Firefox's ability to install and run studies, and to send technical and interaction data to Mozilla.

Both options can be configured on the about:preferences#privacy under Firefox Data Collection and Use.

Additional information is provided on Mozilla's Security blog.

Closing Words

Mozilla is open when it comes to the collecting of Telemetry data while companies like Google don't reveal much at all when it comes to that and the experiments that they run. The openness puts Mozilla in a difficult spot as it may be criticized for the decisions it makes; Google is not criticized nearly as much as it is usually tight-lipped in all those regards.

Summary
Mozilla to run a Firefox Origin Telemetry experiment in development versions of Firefox
Article Name
Mozilla to run a Firefox Origin Telemetry experiment in development versions of Firefox
Description
Mozilla plans to run an experiment soon that tests Firefox Origin Telemetry designed to detect Firefox Tracking Protection blocklist workarounds.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Anonymous said on June 11, 2019 at 12:43 pm
    Reply

    When Mozilla collected browsing data from 1% of German users (with the Cliqz experiment), it was legitimately perceived as an outrage. Now that Mozilla will do it from 100% of its users by default, the reactions seem to be more resigned. People are surrendering, lowering their privacy expectations, Mozilla and more generally surveillance capitalism are winning more ground.

    1. owl said on June 11, 2019 at 2:28 pm
      Reply

      @Anonymous, Now that Mozilla will do it from 100% of its users by default, the reactions seem to be more resigned. People are surrendering, lowering their privacy expectations, Mozilla and more generally surveillance capitalism are winning more ground.

      The grounds that connect Mozilla and “supervising capitalism” are too leap in logic.

      The collected data falls within the organization’s “data collection policies” for pre-release versions of the Firefox web browser. The test runs on 1% of the Firefox Nightly population as that is all that is required to validate the API.
      Firefox Nightly users who don’t want to participate in the experiment may disable Firefox’s ability to install and run studies, and to send technical and interaction data to Mozilla.
      Both options can be configured on the about:preferences#privacy under Firefox Data Collection and Use.
      Additional information is provided on Mozilla’s Security blog.
      https://blog.mozilla.org/security/2019/06/06/next-steps-in-privacy-preserving-telemetry-with-prio/

      1. Anonymous said on June 13, 2019 at 12:29 am
        Reply

        “The collected data falls within the organization’s “data collection policies” for pre-release versions of the Firefox web browser. The test runs on 1% of the Firefox Nightly population as that is all that is required to validate the API.”

        They test in on nightly with the goal to make it the 100% default on release. The only reason why this wouldn’t go to release is if there is enough backlash to stop them. It is as much a technical test as a test of the users immune system.

      2. owl said on June 11, 2019 at 2:40 pm
        Reply

        Vocabulary correction:
        Wrong: The grounds that connect Mozilla and “supervising capitalism” are too leap in logic.
        Correct: The grounds that connect Mozilla and “surveillance capitalism” are too leap in logic.

  2. owl said on June 10, 2019 at 4:12 am
    Reply

    @user17843 said on June 7, 2019 at 12:48 pm
    @John Fenderson said on June 7, 2019 at 5:17 pm
    @Anonymous said on June 7, 2019 at 1:26 pm
    @John IL said on June 8, 2019 at 12:01 pm
    user17843 said on June 9, 2019 at 12:17 am

    I fully agree with those opinion.

    Because “telemetry” is a delicate topic, opinions disagree, it is impossible that both sides compromise.

    As a matter of fact, even if Google’s malicious personal information collection is revealed, Google’s service (Browser, Map, IME, Translator, You Tube, etc. https://en.wikipedia.org/wiki/Category:Google_services ) users are increasing, and they have virtually conquered market share.
    The end user’s concern is the performance of the web service (free, convenient, easy, comfortable, enhancement of content). Therefore, most of the end users will not care, even if personal information is a trade-off, as long as they are superior to other rival products.
    Such an act (in-depth psychology) is historically a human being’s law (theorem).

    It takes a great deal of the cost of maintaining the excellent product development and services, there need excellent technicians and operating funds for that. This capital strength (personnel, funds) will dominate the survival of the company.
    Google’s approach, as the business model is the “royal road (Might is right)”. If the service level is inferior, in the “ideal” can not win the user.

    However, since Mozilla’s end users have a lot of supporters of values that “it should be clean and pure” because of its historical background, if they show the same behavior as Google, those supporters are not silent. Its supporters will shout “Sprechchor”, condemn Mozilla, and become Mozilla hostile (agitator, demogogue).

    I trust that “Mozilla is not malicious.”
    However, for telemetry, “opt-out is possible” is absolutely necessary, and it should be a method that “provides information to the end user in good faith and opt-in by the person who accepted it”.

  3. lux said on June 10, 2019 at 2:15 am
    Reply

    Good for them, keep boosting the alt-FF sector.

  4. Joke Fox said on June 9, 2019 at 6:47 am
    Reply

    Mozilla have forgotten what a browser is supposed to do, ie. rendering a web page, instead it is becoming a Swiss knife incorporating a “shaver, coffee brewer, back massage and… your Japanese toilet automatic *ss wiper” munching Gigabytes of memory, it’s such a far cry from what it should be….

  5. John IL said on June 8, 2019 at 12:01 pm
    Reply

    My concern about collecting any telemetry data is that the collector promises certain privacy guarantee’s and then later you find out they didn’t abide by them. Facebook comes to mind as well as Google and Microsoft. I hope Mozilla doesn’t find all this telemetry a irresistible temptation to use it for other things.

  6. Kevin said on June 7, 2019 at 4:28 pm
    Reply

    Mozilla also needs to make private browsing mode undetectable. It is no business of some website how I have configured my browser.

  7. Anonymous said on June 7, 2019 at 1:26 pm
    Reply

    Mozilla should consider that you could change your mind about helping, the question “do you want to allow Firefox to send technical and interaction data to Mozilla” should be asked at each start IMO.

  8. Tom Hawack said on June 7, 2019 at 1:02 pm
    Reply

    Anti-tracking filters provided by Disconnect are insignificant : they happen to block when they shouldn’t and don’t block what should be.

    The Web nowadays is so crowded with telemetry, tracking, ads, rotten links of all sorts (often combining the former three) that specialized tools are a minimum to limit the harm. ‘uBlock Origin’ is the strict minimum required, uMatrix is even better.

    So Disconnect is a company to forget. Regarding 3rd-party cookies the privacy policy must be to block them all and not only those considered by Firefox as tracking : there is no valid reason to get cookies from site B when when visiting site A, there never has been and never will. If it appears as required then we boycott such sites. Systematically.

    Telemetry is a word I can no longer hear or read unless to consider it as a keyword for banishment, as well as advertisement. I believe more and more users are truly fed up by both and when it comes to telemetry, should it be “clean” that a valid counter-argument would be that users’ behavior on the Web and within whatever application, software, and for whatever reason, are not to be tracked. Period.

    The general trend, and I’m sorry to say that I increasingly feel that Mozilla is no exception, is to lower the users’ ability to tweak their browser and at the same time to higher usage of telemetry to the point of inventing new reasons to create new ones.

    Of course big industries force smaller ones and Google, Microsoft are the main actors of a Web controlled system, from the very OS to applications, browsers and all networks apart of the Dark Web (maybe, not sure, investigators investigate). What does the industry want? That honest users switch to Tor and jump to parallel networks? The WWW has become dirty and honest places shrinking day by day should it be for the sole reason that, as in economy, if you can’t beat them, join them … or sink.

    Really stinks.

    1. ULBoom said on June 7, 2019 at 2:55 pm
      Reply

      Protections will have to move outside the browser.

      The vast majority of users couldn’t care less about tracking or privacy, today many want as much public notoriety as possible. I’ve seen people walking around livestreaming themselves babbling about nothing with both arms outstretched – two phones!

      There’s a mini epidemic of people falling off cliffs doing things like that. Pew Die Pie made a video deliberately designed to get a million down votes. It was awful and got the votes quickly.

      Maybe all that will change; kids seem to be getting increasingly bored with phone culture. FB’s shareholders recently had their annual vote to oust Zuckerberg, with numbers quickly heading toward all of them.

      Things are looking up!

  9. user17843 said on June 7, 2019 at 12:22 pm
    Reply

    > For this initial test, however, Mozilla will run both data collection servers.

    Will they forget to change this policy, just like they forget to publish a full post-mortem of the extension outage which was promised to arrive within one week?

    https://hacks.mozilla.org/2019/05/technical-details-on-the-recent-firefox-add-on-outage/

  10. Anonymous said on June 7, 2019 at 11:44 am
    Reply

    It was itching them for a long time to extend their opt-out telemetry to more sensitive data like browsing data. They tried to sell the idea of using Chrome’s falsely private “differential privacy” in Firefox too some time ago :

    https://www.ghacks.net/2017/08/22/mozilla-plans-to-collect-anonymous-firefox-browsing-data/

    and I don’t know if they finally included it or if the backlash succeeded in stopping them. The infamous Cliqz company, that Mozilla invested in, experiments a different excuse to steal sensitive data, it sends it through a Tor-like network to anonymize its source.

    And now Prio : complementary but individually meaningless parts of sensitive data will be sent to two different organizations that will separately aggregate them before merging their aggregate results, so that none of them will be able to reconstruct the initial data in non aggregate form. While it’s better than just collecting data normally, it does still rely completely on trusting the two organizations not to cooperate, because all the privacy improvement is lost if they choose to put their data in common before aggregating it. Privacy that relies on trusting a server isn’t real privacy.

    And there is still the big problem that this will be probably opt out in Firefox. Even if I could trust the anonymization process for my sensitive data, and in that case I don’t even as I explained, it’s really time to teach the Silicon Valley that the data we generate belongs to us, not to them, and that they’re not free to collect it by default. And that it has lots of value and that they need it and that they want it very hard is their problem, not ours, it’s not an excuse. That they consider our data a form of hidden payment that we owe them isn’t acceptable either.

    By slowly implanting in the collective mind of the privacy aware free software community the idea that it’s ok to collect even sensitive data by default, Mozilla is making it easier for less trusted companies like Google to do the same and then worse. I see it as a global loss for privacy, not a win as they’re trying to sell it.

    They said that they’ll look for a trusted partner to use as the second organization of their Prio system. I can already say that by legitimizing opt-out telemetry of sensitive data, this second organization will itself lose a lot of my trust if it had any to begin with. I hope it won’t be the EFF, I like them.

    Final note, they found a clever way to sell this new data collection : in the beginning, they’ll track browsing data, to use it for tracking protection… Ironic. They can’t even argue that this telemetry is necessary for a good product : ublock origin (developed for free, doesn’t even accept donations) doesn’t need to spy on users to maintain the Easylist/Easyprivacy (independently maintained for free from voluntary user reports) that powers its, and yet I bet that telemetry powered Firefox tracking protection backed by the big Mozilla company will always be inferior to it. This is one of the reasons why I trust Gorhill but not Mozilla : the former isn’t even interested in my data.

    1. user17843 said on June 7, 2019 at 12:48 pm
      Reply

      Indeed. They say if they track everyone it is ok because they are the good guys.

      While I personally don’t think Mozilla is abusing the data, it totally sends the wrong signal to their users. Don’t they realize that they completely lose their good reputation with this?

      In marketing, it doesn’t matter whether something is true. When people see “telemetry”, they run away.

      After the extension outage I think the biggest problem with mozilla is not malice, but accidental incompetence.

      Mozilla should also know that *all kind* of data collection is dangerous because of possible de-anonymization in the future, when for some reason the data leaks to entities who can connect it with other data.

      That’s why ad-tracking is problematic. Not only because the ad-companies use it to sell us more, but because these data sets are sold to people who connect it to the real identites, especially if someone uses many mobile apps.

      1. John Fenderson said on June 7, 2019 at 5:17 pm
        Reply

        @user17843: “While I personally don’t think Mozilla is abusing the data, it totally sends the wrong signal to their users.”

        I agree. This is actually my primary objection to the data collection that Firefox engages in — it’s not that I don’t trust Mozilla. I probably trust them more than any other major software company in terms of treating data with care.

        However, pretty much all the worst players on this count (Facebook, Google, etc.) have been using the same reasoning: when they say “protect your privacy”, they mean “protect your privacy from everyone except us”.

        I don’t think it’s good or wise for Mozilla to adopt the same kind of thinking.

      2. Anonymous said on June 17, 2019 at 10:43 pm
        Reply

        “This is actually my primary objection to the data collection that Firefox engages in — it’s not that I don’t trust Mozilla.”

        The problem is that, like “privacy”, the meaning of “trust” is shrinking with time. At first, people trusted Mozilla not to collect data by default at all. Then, trusting them meant data is collected by default, but not too sensitive data, anonymized, and not to third-parties. Then, trusting them meant that sensitive data was included, also third-parties, as long as they anonymize it. And even disabling data collection became not enough to ensure no data was collected. If they continue playing this game slowly enough, they can make you swallow anything forever.

      3. user17843 said on June 9, 2019 at 12:17 am
        Reply

        What these tech companies don’t realize is that there is a world without any data collection.

        That would be the only road towards providing an alternative to Google, et. al.

        Everything else is just as evil as Google.

        The fact that data is only considered “personal” if it is directly tied to an individual user is extremely absurd!

        So when Mozilla tracks what I do with their product, and then decides what to do with their product based on my behavior, this is still survaillance capitalism.

        It doesn’t matter whether they collect my IP address or something.

        The entire debate over personally identifiable information is distraction.

        Most tech companies do not care about those information, they want to merge individual data into a big mountain of data which they can then use to extract as much money out of their users as possible.

        And here is where we need an alternative. This is about the relationship between tech companies and their users.

        Right now they watch everyone of our moves and use the data to change their product. Sometimes to make things better, often to just make it easier for them to make money.

        In the long term, the engineers working for these tracking tech companies start to lose their ability to make even small decisions without having access to mountains of user data.

  11. Yuliya said on June 7, 2019 at 11:41 am
    Reply

    >privacy-preserving data collection system
    such a thing does not exist, as long as it is being tied to an IP. more bullshit coming from mozilla’s direction.

    speaking of mozilla’s “tracking protection”, i’ll just leave these links here:
    https://disconnect.me/trackerprotection/
    https://disconnect.me/trackerprotection/unblocked/
    take this as you wish.

    PS: the link “Firefox 75.0.1 Stable” points to the article titled “Firefox 67.0.1 Release Information”.

    1. Hunter said on June 7, 2019 at 7:20 pm
      Reply

      That unblock list is literally a list of CDNs needed by sites and common sites people actually use.

      Your point being?

      1. John Fenderson said on June 10, 2019 at 6:05 pm
        Reply

        @Hunter:

        I suspect that Yuliya’s point is that the disconnect list is insufficient, which is a position that I agree with. That’s why the tracking protection is not something that I find terribly useful.

        That said, I think the tracking protection is good to include for those who are much more casual about their tracking protection.

    2. Anonymous said on June 7, 2019 at 4:24 pm
      Reply

      Firefox Telemetry: The Origin

    3. ULBoom said on June 7, 2019 at 2:34 pm
      Reply

      Except prio is not tied to an IP:
      https://crypto.stanford.edu/prio/

      FF’s tracking protections in Options are minimal but well documented compared to most flavors of browser brand X.

      1. Anonymous said on June 13, 2019 at 12:37 am
        Reply

        “Except prio is not tied to an IP:”

        You’re just trusting them to actually run Prio on their servers and erase the IP addresses. Not that much better than trusting them to anonymize the data you’re sending to them when they’re not running Prio.

        “but well documented compared to most flavors of browser brand X.”

        Being marginally not as bad as X is not an excuse to be bad.

  12. Robin said on June 7, 2019 at 11:30 am
    Reply

    A far cry from microsoft’s approach.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.