Why weren't separate cookie jars the default in the first place? I know that browsers other than Firefox have no real incentive to protect your privacy, but I'm wondering why cookies were designed to be shared among different pages in general
Does this obviate the need for [Facebook Container](<a href="https://addons.mozilla.org/en-US/firefox/addon/facebook-container/" rel="nofollow">https://addons.mozilla.org/en-US/firefox/addon/facebook-cont...</a>)?
I wonder if there's anyone from any advertising/ad-targeting companies on HN who can shed some light on if/how much this change may affect their "product".<p>Asking this since I know friends working at companies that were DRASTICALLY affected by the Apple advertising changes in terms of user targetability (and hence revenue) and I'm wondering if this change will be similar.
Is this better or worse than Safari's "Prevent cross-site tracking" feature?<p><a href="https://support.apple.com/guide/safari/prevent-cross-site-tracking-sfri40732/15.1/mac/12.0" rel="nofollow">https://support.apple.com/guide/safari/prevent-cross-site-tr...</a><p>It appears Safari is just blocking the cookies, while Firefox is isolating the cookies. I guess Safari has to keep track of who to block while Firefox just isolates everybody. Are there other benefits to the Firefox approach?<p>Frankly, I have a hard time understanding why this Cookie Sandbox approach wasn't implemented a long time ago. I get that 25 years ago we weren't concerned about privacy, but there has been plenty of time to fix this. Advertiser influence?
It would be nice to allow users to create "trusted tuples" to list small groups of domains that are allowed to share their cookies. For instance: Zendesk, Asana, Jira, etc.<p>But have each tuple listed still be isolated from the other, only domains listed together in a single list could share a cookie container.
Very cool to see more privacy by default in Firefox.<p>It is still a lot of effort to have clear separations in every browsern...<p>I am using Firefox containers with the temporary containers plugins (with history deletion enabled) as well as cookies auto delete plugin (which supports containers).<p>Therefore, everything is usually isolated in a container inside a tab and only white listed cookies are kept in the named containers.
I've never understood the thinking that went behind allowing one site to see the existence of another site's cookie in the first place. I don't think I'm even coming at this with the security hindsight of decades, it's just common sense, isn't it?
> making Firefox the most private and secure major browser available across Windows and Mac.<p>Which one do they think is the most private and secure browser for Linux?
I wonder why Microsoft doesn't make Edge a privacy-oriented browser. I'm surprised they think they can make more from the data economy than they would gain by seriously hurting Google et al.
I've been blocking cookies actively for a long time, and except some technical embeds (for example STEP file viewer on misumi) I had zero issue.<p>This is great news. I really hope we will not lose firefox. I'm not saying it is better than chromium, but I think it is important that it exists.
How does this relate to the existing tracking protection settings - should I turn off "block all third party cookies"?<p>That setting breaks a few things, but mostly works OK. I'm confused which protection level this new capability corellates to.
I remember losing a bet a while back, because I was naive enough to think that was how cookies worked in the first place. Why did other sites ever have access to cookies they didn’t create was beyond me.
If anyone wonders how bad the situation RE cookies is there is a local newspaper owner in the UK called reach PLC who own 100+ newspaper websites.<p>Their cookie allow dialog has over 700 data share partners, not including their own "legitimate interest" cookies. The dialog looks like this [1] and cannot be resized and is lazy loaded (i.e. you have to manually scroll to have the page load all of them with a few visible each scroll). And its slow so it takes a while and doesn't play well with the mouse in the iframe. There are even ones not in english or latin characters [2]<p>[1] <a href="https://imgur.com/a/ciuRWSx" rel="nofollow">https://imgur.com/a/ciuRWSx</a>
[2] <a href="https://i.imgur.com/4yc6Flo.png" rel="nofollow">https://i.imgur.com/4yc6Flo.png</a><p>Anyway i lazy loaded all of them and there are 753 (the html just to display it is > 1 megabyte<p><pre><code> $ xmllint --format reach2.html | grep qc-cmp2-list-item-header | tail && xmllint --format reach2.html | grep qc-cmp2-list-item-header | wc -l
<button role="listitem" class="qc-cmp2-list-item-header" aria-label="Yieldmo, Inc." aria-live="polite">
<button role="listitem" class="qc-cmp2-list-item-header" aria-label="YOC AG" aria-live="polite">
<button role="listitem" class="qc-cmp2-list-item-header" aria-label="YouGov" aria-live="polite">
<button role="listitem" class="qc-cmp2-list-item-header" aria-label="ZAM Network LLC dba Fanbyte" aria-live="polite">
<button role="listitem" class="qc-cmp2-list-item-header" aria-label="Zemanta, Inc." aria-live="polite">
<button role="listitem" class="qc-cmp2-list-item-header" aria-label="zeotap GmbH" aria-live="polite">
<button role="listitem" class="qc-cmp2-list-item-header" aria-label="Zeta Global" aria-live="polite">
<button role="listitem" class="qc-cmp2-list-item-header" aria-label="Ziff Davis LLC" aria-live="polite">
<button role="listitem" class="qc-cmp2-list-item-header" aria-label="zillian sa" aria-live="polite">
<button role="listitem" class="qc-cmp2-list-item-header" aria-label="Zoomd Ltd." aria-live="polite">
753
</code></pre>
It's crazy
I know Firefox has a small market share, but this is the sort of feature other browsers may adopt. Maybe not the big boys like Chrome or Edge, but I could see all the niche privacy focused browsers implementing it and maybe even Safari given Apples claims to support user privacy. If a certain percentage of browsers started to use similar functionality I could tracking companies starting to develop countermeasures.<p>In fact I've already encountered one site that gave me a popup telling me to enable third party cookies. It was one of those dodgy sites that scrapes and copies Stack Overflow content and the JavaScript that enabled it was very clunky - but it worked. I'm surprised there aren't more websites already doing something similar.
It's nice, but is that so hard for Mozilla to tell in which version it will appear?
Is it the current version or is it the next 102 version (which releases in 2 weeks, but then why they say it "rolls out"?)
When will the browsers take care of handling the cookie options for all the sites, so I can declare my preferences once and everyone stops putting up a popup? Surely this is already in the works?
Does someone have a link about the technical details for developers that it might affect (SSO, cookies for subdomains, etc). This is just a marketing post.
Ok, is this just a more complicated (and less private) version of the 3rd party cookie blocking that’s been in safari for more than 15 years?<p>If it is better - which seems surprising given it still seems to result in 3rd party cookies continuing to exist - how does it compare to safari’s domain partitioning from what seems like 5 years back, or the newer aayyyy iiiii tracker detecting stuff?
please someone fix the internet... I don't want to see any cookie popups on each site and accept / decline each cooke first only so I can see the content I want.
I don't care about all these cookies and this should be managed by a browser. I hope what Firefox did is the beginning of such a fix.
given that Electron is really just a featureless browser shouldn't it be straightforward to make your own browser now? An address bar, navigation, and bookmarks ought to be enough to get you there. Seems like you should be able to make a browser for your specific needs/wants pretty easily these days. I'm not suggesting some sort of money making venture where you're beholden to investors to try and turn revenue with it but more just like a utility. Like a script or something... maybe that's the way to think about it, something cobbled together quickly to read websites.
When Mozilla comes out with a feature like this it usually whitelists google, microsoft and similar big sites so people can still log in across their network. Anybody know the current list for this feature?
Reminds me of what Google Chrome (and others browsers) did for cache. That's clever, not 100% sure this will prevent tracking, but at least it makes tracker's life a bit harder.
I really want to enable resist fingerprinting, unfortunately it disables dark theming on github, ddg and other websites.<p>I wish I could add an exception rule to this...
I think OS Telemetry will see to it that its not private!<p>However this will make it easier than it currently is, to work out who is data sharing illegally.
This will only further entrench the big players (google, facebook, etc) while making it impossible for new & small players to compete. All of the services the big players offer effectively make working without universal cookies trivial.<p>For the small players though, without massive ad-supported service offerings like Gmail, Facebook (as a platform), etc, this will screw them completely.<p>Mind you, I'm a HUGE privacy advocate, so I like the new Firefox functionality... but the unintended side effects cannot be ignored.
Before anyone jumps to why Chrome doesn't block third-party cookies, some context:<p>Regulators did warn Google NOT TO block third-party cookies before they provide a replacement, UK CMA accepted the latest proposal from Google:
<a href="https://www.gov.uk/government/news/cma-to-keep-close-eye-on-google-as-it-secures-final-privacy-sandbox-commitments" rel="nofollow">https://www.gov.uk/government/news/cma-to-keep-close-eye-on-...</a><p>Apple's tracking rules also raised a lot of anti-trust concerns, giving advertisement in App Store unfair advantages among other ad platforms. Latest from German Government:
<a href="https://www.bundeskartellamt.de/SharedDocs/Publikation/EN/Pressemitteilungen/2022/14_06_2022_Apple.pdf" rel="nofollow">https://www.bundeskartellamt.de/SharedDocs/Publikation/EN/Pr...</a><p>Banning third-party cookies will increase the gap between Google, Microsoft, Apple and other ad platforms, because they can still track you based on your account (e.g. Gmail, Hotmail, iCloud). It's a huge red flag for antitrust cases they are facing (especially Google).