Firefox 22 will block third-party cookies

[DKT27]

A patch has been contributed to Firefox that will block all unwanted third-party cookies by default starting with Firefox 22, meaning numerous advertisers won't be able to track you across the net.


Like in Firefox 22, these third-party cookies can't follow you around the internet

While Firefox 19 was only released just the other day, Mozilla are already looking to introduce new features and patches into future versions. Today, Stanford researcher Jonathan Mayer announced that, beginning with Firefox 22, the popular web browser will be blocking all third-party cookies by default, protecting users from random advertisers tracking them across the internet.

The system that Firefox will be using is similar to the one implemented by Safari, whereby any third-party cookies are blocked automatically unless a user has visited the origin site. This means that if an advertiser tries to place a tracking cookie in a site you like to visit, it will not work unless you have specifically visited the advertiser's origin website beforehand. First-party cookies, as in those set by websites you actually visit, will be unaffected, so don't worry too much as your saved log-ins will still work.

After Firefox 22 has been released, Firefox and Safari will be the only browsers that reject unwanted third-party cookies; Chrome allows all cookies by default, and Internet Explorer blocks some third-party cookies, whilel allowing the majority of them. The impact on websites should be limited (aside from many tracking cookies ceasing to work), and the Firefox privacy team will be monitoring the new cookie policy before its final release.

New versions of Firefox generally arrive every six weeks, so Firefox 22 is scheduled for release in late June and that's when the new cookie policy can be expected in a stable release of the browser.

View: Original Article

[DKT27]

Firefox 22 to block third-party cookies by default

Cookies from sites you visit? Good. Everything else? Blocked by default.

Jonathan Mayer, a researcher at Stanford, has contributed a patch for Firefox that will block third-party cookies from installing on the user's browser. The patch is set to be incorporated into Firefox 22. For some sense of timing on the project, Firefox 19 was released on Tuesday.

With the patch, Firefox would allow all cookies from sites that a user actively visits, but would block cookies from third-party sites if a user has not visited that cookie's origin site. Advertisers generally place third-party cookies and can collect data about a user across several websites with them. This is used to serve more targeted ads or refine where an advertising firm should spend its money.

Blocking third-party cookies would not be new or unheard of among browsers; Apple's Safari already rejects cookies from third-parties. In a blog post on Friday, Mayer called the Firefox patch, “a slightly relaxed version of the Safari policy.” Chrome allows all cookies, and Internet Explorer blocks some third-party cookies, although not all.

The balance between user privacy and money from advertisers has been difficult to strike. Last February, the US suggested companies agree to an “Internet Privacy Agreement” that would protect users who added themselves to a “Do Not Track” list. Despite the publication of that agreement, little real change has occurred in companies' practices. In May 2012, the UK enacted an almost pointlessly broad “cookie law,” which required users' consent to install cookies—although “consent” was later redefined as “implied consent” which meant if a user visited a site for the first time, and that site showed a notice that it was serving cookies to the user's browser, and the user took no action, that meant that the user had consented to that site's cookies.

Users can already manually disable cookies in Firefox, but in version 22 it will be an automatically enabled feature.

View: Original Article

[Marik]

you can never be too safe but those cookies look delicious, I want them :troll:

[dcs18]

I already block all cookies (not limited to 3rd party cookies,) by default - can turn dicey, though in the hands of a Rooky.

[Alhaitham]

thanks for the news

[Ganxxta]

Any about:config to test this in FF20 already like the h.264 feature?

[dcs18]

Any about:config to test this in FF20 already like the h.264 feature?

You need not get into about;config - it's available for manual perusal on the Privacy tab (within the Firefox Options.) ;)

[BBs]

Meeeh now i want some cookies :( Stupid picture...

[dcs18]

A really robust add-on to manage cookies is CookieSafe - if someone has used anything better, please update us. :)

[DKT27]

Do note. Lastpass won't work without 3rd party cookies. :( I mean, it will work, but it will logout everytime one exists Firefox.

[Ganxxta]

Any about:config to test this in FF20 already like the h.264 feature?

You need not get into about;config - it's available for manual perusal on the Privacy tab (within the Firefox Options.) ;)

Yes, but thats only the normal DNT, not the 3rd party cookie blocking thingy mentioned in the article :)

[dcs18]

Any about:config to test this in FF20 already like the h.264 feature?

You need not get into about;config - it's available for manual perusal on the Privacy tab (within the Firefox Options.) ;)

Yes, but thats only the normal DNT, not the 3rd party cookie blocking thingy mentioned in the article :)

[majithia23]

hmmm....

Although i use Cookie Controller for managing the cookies . Universally cookies turned off and enabling on per site basis , where required or asked .

@D

That's the right way as to how Lastpass should be configured for optimal safety .

Log off when idle and at browser shutdown !

[DKT27]

This "Accept third-party cookies" option was added long time ago I believe. Firefox is only going to disable it by default. ;)

@D
That's the right way as to how Lastpass should be configured for optimal safety .
Log off when idle and at browser shutdown !

Lastpass does logoff at exit, but logins automatically at startup - something that won't work if third party cookies are blocked. Also, my master password is too big for me to enter again and again. :tooth:

[Ganxxta]

Thanks Dcs18, stupid me, haven't noticed that there was a custom settings option... :blush:

[ffi]

So we are looking at the end of a free internet because that info pays for a lot of websites.... I much rather have some targeted ads than having to pay for many websites....

[DKT27]

So we are looking at the end of a free internet because that info pays for a lot of websites.... I much rather have some targeted ads than having to pay for many websites....

Targeted ads has nothing directly to do with websites getting paid. If people would click them on regular times, no ad in the world needs to be targeted (roughly speaking).

[ffi]

advertisers pay for advertising to get more customers, not for someone just clicking on their ad or going to their websites. Targeted ads are far more valuable than random ads and pay much more to site owners

[DKT27]

Sure. But not at the cost of user's privacy (and to a certain extent, even security). Why do people use addon to block cookies and trackers? Because people want privacy, and Firefox is giving them that.

Not only that, if I'm not mistaken, blocking 3rd party cookies will also block most of them world famous zombie cookies.

[ffi]

Sure. But not at the cost of user's privacy (and to a certain extent, even security). Why do people use addon to block cookies and trackers? Because people want privacy, and Firefox is giving them that.

Not only that, if I'm not mistaken, blocking 3rd party cookies will also block most of them world famous zombie cookies.

most people just accept all cookies, only a small percentage care about them, but with a major browser now blocking them by default that is going to impact revenues for websites big time....

[rahulgi]

I never allow any cookie unless sign-in

use this

https://addons.mozilla.org/en-US/firefox/addon/cookie-whitelist-with-buttons/

[also use

to get rid of google(and almost all) search redirects

https://addons.mozilla.org/en-US/firefox/addon/redirect-cleaner/

block 3rd party cookies and tracking scripts (webmasters won' be happy

https://addons.mozilla.org/en-US/firefox/addon/ghostery/

]

happy browsing

[rahulgi]

@DKT27

@majithia23

create a exception rule for lastpass

or perhaps switch to roboform

do lastpass online allow folder(s)

[DKT27]

@DKT27

@majithia23

create a exception rule for lastpass

or perhaps switch to roboform

do lastpass online allow folder(s)

Thanks for the info. Appreciate it. :) I didn't notice the exception button before. However, I wonder what addresses to add.

I think so, it allows groups, which look very much like folders to me.

[xpmule]

i wonder if this will effect Flash cookies ? LSO's

http://en.wikipedia.org/wiki/Local_shared_object

see Privacy Concerns section.

prob not i guess that is a flash specific thing

sounds good to me anyway and i say screw advertisers !

no one clicks on ad's and buys stuff anyway so its all pointless security risks.

I can't count how many times i have heard of a reputable site that had an ad on one of their pages

that infected tons of people and then the site just oh sorry afterwards lol

allowing ad's to support a web site is like leaving your door unlocked at night.. just plain dumb !

[rahulgi]

@xpmule

i wonder if this will effect Flash cookies ? LSO's

http://en.wikipedia.org/wiki/Local_shared_object

see Privacy Concerns section.

prob not i guess that is a flash specific thing

sounds good to me anyway and i say screw advertisers !

no one clicks on ad's and buys stuff anyway so its all pointless security risks.

I can't count how many times i have heard of a reputable site that had an ad on one of their pages

that infected tons of people and then the site just oh sorry afterwards lol

allowing ad's to support a web site is like leaving your door unlocked at night.. just plain dumb !

They don't affect flash cookie(as far as I know)

The easiest option to get rid of flash cookies is using ccleaner and 'custom file/folder cleaning'

add these rules (or similar based on os, http://en.wikipedia.org/wiki/Local_shared_object check out file locations, page middle)

enable custom files cleaning

and this option

run from recycle bin menu

And for firefox, if you are using ghostery, there is an option to delete flash cookies (this option is not available in chrome, may be due to sandboxing)