Firefox allows Google to use cross-site cookies by default despite claiming to block all of them OOT
external-link
fedilink
127
Firefox allows Google to use cross-site cookies by default despite claiming to block all of them OOT
fedilink
HyperSoop :spinny_cat_aroace: :spinny_fox_agender: (@soop@wetdry.world)
wetdry.world
external-link
Attached: 2 images Did you know? Despite claiming to block *all* cross-site cookies out of the box, Firefox automatically allows Google to use them in your browser should you log in to one of their services (I only use YouTube, but I'd assume it's the same with anything that needs a Google account). The browser only lets you know about this once it happens, and it's on you to notice the permissions icon appearing in the URL bar. There *is* a link to a paragraph on a help page explaining this behaviour, but it seemingly goes unmentioned pretty much everywhere else on the internet. Shouldn't we be sounding the alarm about the lack of transparency here? #firefox

Did you know? Despite claiming to block all cross-site cookies out of the box, Firefox automatically allows Google to use them in your browser should you log in to one of their services.

The browser only lets you know about this once it happens, and it’s on you to notice the permissions icon appearing in the URL bar. There is a link to a paragraph on a help page explaining this behaviour, but it seemingly goes unmentioned pretty much everywhere else on the internet.

This surprised me, especially considering Firefox’s stance on privacy. I was even more surprised that this is done without consent. If this is for usability, Firefox should at least warn the user before this happens.

@ngwoo@lemmy.world
link
fedilink
11M

Out of curiosity, do you know if these containers also obfuscate browser and device fingerprinting? Separating cookies is important but unless it also blocks fingerprinters (in a different way for each container) the site will instantly know the same person is using both accounts.

masterofn001
link
fedilink
1
edit-2
1M

FF doesn’t really enable full fingerprint resistance by default. But it can.

These settings are some of what I usually use. All fingerprint values (that are able to be are randomised on every reload of a page.

Set secutity setting to custom, select known AND suspected fingerprinting > select from dropdown ‘In ALL tabs’

Also: Because it’s of no value / use to me, and (IMHO) a giant gaping privacy and security issue, I also disable webgl and webrtc, and navigator completely in about:config

Set the following:

WebGL webgl.disabled true
WebGL2 webgl.enable-webgl2 false
WebRTC media.peerconnection.enabled false
Navigator media.navigator.enabled false
RFP privacy.resistFingerprinting true

RFP options like bounce protection etc can also be enabled in config.

Check fingerprints on browserleaks.com, coveryourtracks.EFF.org, etc

Should be 100% unique fingerprint every time.

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 57 users / day
  • 383 users / week
  • 1.5K users / month
  • 5.7K users / 6 months
  • 1 subscriber
  • 2.82K Posts
  • 70.8K Comments
  • Modlog