Facebook Container Extension: Take control of how you’re being tracked

I don't understand why the default behavior isn't to isolate every website from every other website? Why is least privacy the default?

Multi-account containers are great. I just wish switching to one wasn&#x27;t as jarring as the tab closing immediately after opening and then re-opening in the correct container - I&#x27;m assuming that&#x27;s still how this extension works?<p>Of course, I can appreciate that such behaviour is technically far more challenging. It&#x27;s merely as a user that it&#x27;s disappointing, and it makes Temporary Containers [0] practically unusable.<p>[0] <a href="https:&#x2F;&#x2F;addons.mozilla.org&#x2F;en-GB&#x2F;firefox&#x2F;addon&#x2F;temporary-containers&#x2F;" rel="nofollow">https:&#x2F;&#x2F;addons.mozilla.org&#x2F;en-GB&#x2F;firefox&#x2F;addon&#x2F;temporary-con...</a>

Dear Apple,<p>Please design an iOS identity isolation UX for Mobile Safari, Apple Mail and third-party apps.<p>Currently we have to use several different iOS web browsers to achieve isolation of browser logins&#x2F;cookies, but Apple Mail opens all links in Safari.<p>Ideally, there would be an OS enforced, per-app setting which defines which web browser (or Mobile Safari identity context) will be used to open a URL.

Another good tool is DuckDuckGo&#x27;s tracker blocker. Facebook got a lot of attention, but google, comscore, twitter, and others are doing the exact same thing.<p><a href="https:&#x2F;&#x2F;techcrunch.com&#x2F;2018&#x2F;01&#x2F;23&#x2F;duckduckgo-adds-tracker-blocking-to-help-curb-the-wider-surveillance-web&#x2F;" rel="nofollow">https:&#x2F;&#x2F;techcrunch.com&#x2F;2018&#x2F;01&#x2F;23&#x2F;duckduckgo-adds-tracker-bl...</a>

Remember Facebook probably tracks your IP address and user-agent anyway, I&#x27;d be skeptical that Facebook doesn&#x27;t put two and two together.

Wouldn&#x27;t adding hashed query strings to urls linking to sites outside of Facebook circumvent any effort put into containing de-anonymizing data? The wrong hash would lead nowhere, and the right one would give you away.<p>Facebook would only have to edit a specific field in users&#x27; posts&#x27; urls related to certain domains, so that different users access unique urls that link them to Facebook in a specific context.<p>Once outside the container, a user is traceable back to a Facebook profile.<p>I don&#x27;t know if this is possible, but people don&#x27;t really check urls, let alone human-unreadable ones.<p>I imagine that this could break navigation, but directing wrong queries to a default page would solve this. Anyway, they could still try their luck.

I really think programmers need a basic lesson in probability, because most of these solutions are complete nonsense with respect to information theory. Skynet still knows enough about you and everyone else even if you alone leave Facebook, and we need to figure out how to curb the powers that come with amassed data more generally.<p>1. Models don&#x27;t need everyones data, they just need <i>enough</i> data. Facebook, Google, et al have more than enough data for a lot of applications even if they only had 5-10% of the population. So at best, this ship jumping will limit Facebook&#x27;s ability to &quot;micro-target&quot; certain populations. In this case, P(whatever | privacy concerned individual) will be a bit noisier, but Facebook will still have a really damn good idea about P(whatever | still a Facebook user)<p>2. Facebook can still use&#x2F;sell the models it develops against its user base to target you even if you&#x27;re not on the platform unless you really think P(depressed), P(bad employee), P(insurance risk), P(easily influenced by a specific type of marketing) has anything to do with the fact that you&#x27;re not on Facebook. The minute someone asks a few questions about you in any setting, they&#x27;ll be able to infer a ton more from the models alone. Lack of information about you will only add noise, and to make things worse, Facebook has enough data on privacy conscious individuals anyway to where they can reasonably fill in the privacy conscious holes in their data with a reasonable model.<p>3. P(privacy concerned) may be correlated with P(not manipulable), so you jumping ship isn&#x27;t going change the systemic issues everyone is concerned with, namely Facebook and third-party customers&#x27; ability to morph society in the means they see fit.<p>4. You can replace Facebook with Google&#x2F;Amazon&#x2F;Spotify&#x2F;Chase&#x2F;Bank of America&#x2F;Hospital System&#x2F;Government and all of the above is true within the domain of data they control.

&quot;Facebook Container leverages the Containers feature that is already built in to Firefox.&quot;<p>I appreciate this. I was aware Firefox already had a container system, but didn&#x27;t want to employ the effort to set it up. A one-off for Facebook though, feels easy to work with.

Can someone explain how this would prevent fingerprinting? IP, user-agent, window-size and other details can reliably identify most of the the other http sessions anyway. Blocking trackers seems as important to me.

I already use the multi-container accounts to do this. It works fantastically, and is the biggest reason that Chrome is gone from my mac.<p>Why is this different from Privacy Badger? This allows you to segregate all facebook toxicity to a single container. This allows you to fully use facebook, and places like login via facebook, without exposing other things to facebook in the first place.<p>That said, this really doesn&#x27;t address either the Cambridge situation, or the fact that Facebook themselves allowed the Obama campagin to pull demographic information in violation of their own polices, which was arguably impacted far more people (<a href="https:&#x2F;&#x2F;www.investors.com&#x2F;politics&#x2F;editorials&#x2F;facebook-data-scandal-trump-election-obama-2012&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.investors.com&#x2F;politics&#x2F;editorials&#x2F;facebook-data-...</a> &amp;&amp; <a href="http:&#x2F;&#x2F;www.dailymail.co.uk&#x2F;news&#x2F;article-5520303&#x2F;Obama-campaign-director-reveals-Facebook-ALLOWED-data.html" rel="nofollow">http:&#x2F;&#x2F;www.dailymail.co.uk&#x2F;news&#x2F;article-5520303&#x2F;Obama-campai...</a>). The only solution to that is to #DeleteFacebook. Facebook is a surveillance as a service provider. The only way to keep them from monetizing you for commercial, social or political reasons is to firewall them off.<p>You can also associate this with a VPN, if you want to deny them the IP address your home machine is using.

Privacy Badger is already able to prevent Facebook from tracking you right? And it&#x27;s doing way more than just that.<p>Or am I missing something?

Multi-account containers are great. The only issue I’ve encountered is opening links outside of your container (e.g. a link to a website that you are logged in outside the container will mean you are logged out). Just need to train my muscle memory to “right click &gt; open in container...” rather than just clicking!

This is a good start. It&#x27;s close to the way I&#x27;ve been (infrequently) using Facebook for the past few years: in a private browsing session through a VPN. It&#x27;s worth noting that with this extension Facebook still gets your IP address.

<i>This makes it harder for Facebook to track your activity on other websites via third-party cookies.</i><p>Why not bundle uBlock Origin into every Firefox install and make it impossible for Facebook to track everyone&#x27;s activity on other web sites?

With this extension, Facebook still knows that those non-Facebook links were clicked on because of the outgoing redirects they add to all URLs under the guise of &#x27;safety&#x27;.

There is something unintentionally hilarious about the title &#x27;Take control of how you are being tracked.&#x27;

Edit: ignore the below, I didn&#x27;t realize the new container had the opposite behavior from other Firefox containers, described here <a href="https:&#x2F;&#x2F;addons.mozilla.org&#x2F;en-US&#x2F;firefox&#x2F;addon&#x2F;multi-account-containers&#x2F;" rel="nofollow">https:&#x2F;&#x2F;addons.mozilla.org&#x2F;en-US&#x2F;firefox&#x2F;addon&#x2F;multi-account...</a><p>This has a real limitation, which is that if you click an external link on your Facebook newsfeed, the new website will also be in the FB container. On the one hand, that keeps your FB-related browsing from &quot;contaminating&quot; your other web cookies. On the other hand, all the websites in that container get to link you to your FB account just like normal.

This is great, and will probably save me a lot of time. Currently I use an ubuntu desktop vm (vagrant) that I use for sites like facebook, that I destroy when done and recreate when needed so it&#x27;s like a brand new clean pc each time.

Nice. Can I have the same one for Google ?

This is cute, but does little to address tracking via IP and basic behavioral sniffing. Facebook buys lots of third party datasets, including data from ISPs (actually, it is given to them).

Remember that Mozilla is basically a fiefdom of google - like the recent industry denouncements of fb this is all about opportunism and corporate power struggles with the users still being the commodity traded. Also can someone explain what this container does that disabling third-party cookies doesn&#x27;t (assuming you don&#x27;t have other malware like flash installed) ?

Is there any way to make the standalone Messenger open in the FB Container? The way I see it, the two are intrinsically linked since using Messenger requires an FB login.<p>Edit: After playing around, this also breaks the back button. If anyone from Mozilla is here, I think it would be better if an FB page opened in a new tab while keeping the original open.

I use a separate Chrome profile to isolate Facebook. I&#x27;m wondering how Firefox does things differently?

Blocking third party cookies goes a long way to achieving the same thing, and also prevents Google and others to track your movements across the web. The occasional site may break if it relies on third party cookies, but this is easy to work around when it happens.

&gt; The next time you navigate to Facebook it will load in a new blue colored browser tab (the “Container”).<p>Why does not browsers (eh, Firefox) do this by default for every origin? 3rd party cookies would be broken I assume, but overall it would lead to less tracking across origins.

This is cool, but please make Firefox work like this for every webpage now.<p>I don’t see a reason to allow any cross domain tracking from any website at all.<p>Facebook is probably just the most visible offender rather than the worst offender in this regard.

Another nice thing to have, although Firefox already has extensions like Self-Destructing Cookies or Cookie Auto Delete to remove cookies as soon as the tab is closed. In which case, Facebook should have nothing to look at.

Does this extension work more or less like every URL you would open in a new incognito mode separate window? Or is there some other more sophisticated solution in the background?

The amount of effort that goes in to making it &#x27;safer&#x27; for people to use ridiculously abusive services like this is ridiculous.<p>This is the tech world&#x27;s equivalent of a &quot;how to take a punch&quot; class for victims of domestic violence.

Too bad the extension doesn&#x27;t work on mobile - does anyone know if there are any plans to change that?

I&#x27;m guessing the Mozilla Foundation just lost all it&#x27;s funding from Facebook.

Best solution = deactivate and delete your Facebook account.

I guess it doesn&#x27;t stop info trading behind the scenes.

I took control by never signing on to Facebook.

this is really good...timely release.

PSA: Safari does this by default.

This for every site by default!

This article disappoints me because Mozilla seems to be spinning the current facebook disdain to sell their offerings rather than providing clarity&#x2F;solutions on this issue.

I like this a lot, but I won’t use it because I resent the need to contain different personas online. Too much work.

but youre still sniffing my DNS traffic in the nightlies right?<p><a href="https:&#x2F;&#x2F;www.theregister.co.uk&#x2F;2018&#x2F;03&#x2F;20&#x2F;mozilla_firefox_test_of_privacy_mechanism_prompts_privacy_worries&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.theregister.co.uk&#x2F;2018&#x2F;03&#x2F;20&#x2F;mozilla_firefox_tes...</a>

Remember that Mozilla is basically a google fiefdom and like the industry &quot;denouncements&quot; of fb this is all about opportunism, corporate power struggles with the users still the commodity being traded. Also can someone explain what this container does that disabling third-party cookies doesn&#x27;t ? (assuming you don&#x27;t have other malware like flash installed)