Total Cookie Protection is now available in Firefox for Android
Mozilla is set to release Firefox 107 for Android devices tomorrow. The update adds support for the enhanced anti-tracking feature, Total Cookie Protection.
(Image via Mozilla)
Total Cookie Protection in Firefox for Android
So, what is Total Cookie Protection, and why is it important?
When you visit a web page, the browser loads various elements, this may include embedded content from third-party websites. These can be used to track your usage across websites, in order to profile your browsing and shopping habits.
Total Cookie Protection is like a sandbox for browser cookies. The browser creates a separate space or cookie jars (local storage partition) for each website, this allows it to store the site's cookie in its own storage space. So, with the first party isolation feature enabled, the cookies from a website cannot be accessed by other websites, thus preventing your usage from being tracked across sites.
You can learn more about Total Cookie Protection by reading this article from Mozilla, and this post explains why Multi-Account Containers are still useful. Essentially, Total Cookie Protection is sort of similar to Firefox Containers, but the latter is better, because you have more control over them, you can create and assign containers for specific sites, and it also lets you use multiple accounts on the same website. e.g. You may use a container for YouTube with one account, and a different container for your Gmail account, etc.
Total Cookie Protection was introduced in Firefox 86 which was released in 2021, although it didn't ship with the setting enabled. The tracking protection was enabled by default in the mobile app, Firefox Focus, in January 2022. The desktop version of the browser began prompting users offering an option to enable the feature in May 2022, before rolling it by default for all Windows, Linux and Mac users the very next month.
There is no separate option for enabling Total Cookie Protection in Firefox for Android, because it is a part of the Enhanced Tracking Protection setting, so you will need to use the Strict or Custom settings instead of the Standard protection. As you may know, the Enhanced Tracking Protection in Firefox blocks trackers based on a list that is maintained by Mozilla. You should still use uBlock Origin to protect your privacy, and to block ads more efficiently.
The release notes for Firefox 107 for Android states that the browser has smoother scrolling. Mozilla has fixed the missing text selection magnifier issue. Users should now experience fewer HTTPS errors, because the app will preload intermediate certificates. Firefox now supports Google's GBoard's image keyboard on devices running on Android 7.1+ and above.
According to the Firefox release calendar, Mozilla will begin rolling out the Firefox 107 update from November 15th, so you may want to keep on the app's listing on the Google Play Store to update your version. If you want to test the feature right now, you can download the Nightly or Beta builds of Firefox.
Hopefully, Mozilla will bring Site Isolation to the mobile browser soon. It's already available in Firefox Nightly. Maybe we will get Containers on Firefox for Android someday.
What are the benefits of choosing Custom over Strict in the Tracking Protection section.
Custom gives you options to customize the protection, for instance, by disabling a feature entirely or changing what it does.
Thanks Martin, I may take a look at the custom settings as I have always just selected strict.
CORRECTION: Tracking is impossible to avoid, no matter how hard you try. You are wasting your time changing settings for nothing, period.
Any idea which option is better between:
1. block cross-site tracking cookies and isolate other cross-site cookies
2. block all third-party cookies
If you’re already using uBO, then disabling tracking content in custom mode while enabling everything else makes sense. In some sites Mozilla’s ETP prevents loading of images and only option in that case is to disable ETP completely for that site if standard or strict mode is selected.
This comment was written in response to Dave M’s question, but it is here in another thread, my mistake.
Great improvement. I set everything to Strict.
This article is confusing. Total Cookie Protection is enabled by default for all desktop users, you don’t need to use strict or custom ETP: https://blog.mozilla.org/en/mozilla/firefox-rolls-out-total-cookie-protection-by-default-to-all-users-worldwide/
So, I assume it will the same for Android.
This feature is amazing, hopefully it won’t be killed by big G’s updates to block it.
@Yash,thankyou for your suggestion.
The “Total Cookie Protection” name seems to have been deliberately chosen to mislead, implying that it totally solved the cookie tracking problem, while a good chunk of cookie tracking is still allowed by this system, even by third-parties such as Google.
Worse, persistent third-party tracking cookies such as those of Google will from now on by design be totally invisible in the Firefox cookie window and apparently after testing even in the storage pane of the developer tools, Mozilla having decided that the cookie tracking problem was now so much totally solved that it was the necessary thing to do. It looks so incongruous that part of it may be due to a years-long standing but opportune unsolved privacy bug like Mozilla is used to have with tracking cookies, who knows.
You may get a chance to see them anyway and enjoy the surprise if you open the cookies.sqlite file of your profile folder. Most people will have to work just to find software to open that but rejoice, at least it’s not an obscure non standard Mozilla-only proprietary format like the place they caged the juicy search engine data in, in case you would have wanted to modify it yourself.
I checked cookies.sqlite : nothing unusual.
I know there are some concerns about this Total Cookie Protection, I’m unscientifically qualified to develop arguments on pros and cons but nevertheless I’ve chosen to stick on with the First Party Isolation against the advice to keep disabled this FPI on the ground it was bound to be removed. Until then I keep on with the 3 hereafter settings :
I cannot suggest if this is why I have a clean cookie.sqlite given i ignore if that file would be dirty should I have chosen to keep default settings (Enhanced Tracking protection + Total Cookie protection).
– All 3rd-party cookies are blocked
– Because “network.cookie.lifetimePolicy” has been removed in FF104 a cookie’s lifetime default permission ‘Allow’ may only be changed on a per-site basis to ‘Allow for session’ or ‘Block’
– Hence when exiting Firefox all cookies (not 3rd-party ones if blocked as above mentioned) remain as well as their LocalStorage/IndexedDB partner even if you set “privacy.clearOnShutdown.cookies” = true given their default lifetime policy is ‘Always’ with the exception of those set to ‘Session’ or ‘Blocked’ by the user : for most users this means that exiting long sessions will show many cookies … this is normal at this stage.
– Therefor use the ‘Cookie Autodelete’ extension which will remove a site’s cookies, LocalStorage, IndexedDB, Plug-in Data, Service Workers and cache on a per-site user’s choice.
Given a wide majority of users keep default settings a wide majority of users ends up with hundreds, thousands of cookies, MBs of LocalStorage/IndexedDB data and wonder why their browser slows up.
So : yes, Firefox is a nice browser but, no, its default settings are not optimized. The problem is that if they were optimized for privacy you’d have that majority of unqualified users complaining their cookies have vanished : in other words either things remain as they are either the developers start a huge information campaign about the relationship between privacy and easiness … but such an announcement would discourage the same unqualified users who would then use another browser … which means at the end that the best approach IMO is to search for information here and elsewhere in order to set prefs according to our privacy requirements : this cannot be a developer’s policy for the reasons hereby mentioned.
I have firefox 107.1 but when I turn on that debug menu, I get no additional menu item “Custom Add-on Collections”
So where is the fault?