Firefox and cookie micromanagement
For most of its existence, Firefox has provided users with the ability to manage how cookies are stored with a rather high degree of granularity: users can block specific cookies, create site-wide exceptions to the accept/block policy, and configure behavior for third-party cookies. Up until Firefox 44, there was an additional option as well, one that allowed users to choose the expiration point (that is, expiring them at the end of the session or letting them persist) for every cookie they encounter. That option was removed in the Firefox 44 release, which has made some users rather unhappy.
The option in question was found in the Privacy preferences screen, labeled "Ask me every time" on the "Keep until:" selector. When enabled, the option raised a dialog box asking the user to accept or reject each cookie encountered, with a "accept for this session only" choice provided. Removing the option was proposed in 2010, although the patch to perform the removal did not land until 2015. It was released in Firefox 44 in January 2016.
A few days after Firefox 44 was released, users began to complain, starting with comments on the bug report. The primary concern was that of user privacy. A significant number of Firefox users, it seems, prefer to see each new cookie they encounter and make a decision whether to allow or reject it. As commenter Wayne Woods put it, the remaining options (such as the exceptions list) do not offer the convenience of the pop-up dialog:
In response to the complaints, Mozilla's Marco Bonardo replied
with a rationale for the change. The functionality was
" On February 4, Hugues de Lassus Saint-Geniès raised
the issue on the Firefox development mailing list, summarizing the
points made in the bug-report comments. He, too, pointed
out the loss of control, and noted that the granular cookie-management
feature had been a differentiating factor between Firefox and other
browsers. In addition, he said, the "ask me every time" option
" In the ensuing discussion, the issue of end-user control took
center stage. While essentially everyone agreed that providing the
user with the means to manage cookies was good, the practical question was
whether or not the pop-up dialog truly met that goal. Gijs Kruitbosch
contended that users are unlikely to
guess successfully which cookies they should accept and which to
reject:
Coupled with the fact that every user seemed to raise a different
use case (e.g., treating cookies from subdomains differently than
higher-level domains, or handling "hub" sites that embed content from
other sources), the user-interface question makes it difficult to devise a
cookie-management interface that works for everyone.
And, despite the removal of the "ask me every time" feature,
options do remain, as Mozilla employees pointed out. Mike Hoye pointed
readers to the Self
Destructing Cookies add-on, which deletes all cookies that do not
come from a currently open tab. Francois Marier noted
that there is a network.cookie.thirdparty.sessionOnly
preference available in about:config that will discard all
third-party cookies at the end of each browsing session, while
retaining cookies originating from the site.
In past debates about Firefox functionality, referring users to
add-ons has been interpreted, at least by some, as a dodge on Mozilla's part.
Bonardo took issue with that, saying
" Chris Peterson agreed, but added that
trends in add-on popularity are " In the end, the discussion quieted down, with most of the
participants seeming to agree that, while installing add-ons may be
less convenient, there are still ways for interested users to exercise
fine-grained control over cookies. Kruitbosch noted, in his message
linked-to above, that the issue at hand is not really "cookie
management" anyway:
That answer may not please everyone but, for the time being, it
appears to have quelled the concern over this one removed Firefox feature.unmaintained, bogus and not really nice to use on today's
Web
", he said. Furthermore, attempting to manage cookies for
privacy protection through "
a dialog that pops up every other
second and can easily break website functionality
" is not
realistic, he said. Firefox's Tracking Protection feature takes
better care of the user's privacy, and further fine-grained control
over cookie management would be better implemented in a browser
add-on.
was instructive as it would show which cookies were set by
which domain
".
add-ons are not an enemy nor an evil thing, we should stop
saying things like 'requiring a user to install 20 add-ons is
wrong...'. Nothing wrong with that, it's customization.
"
an indicator of what Firefox users want and do not
get with the default
". The Tracking Protection feature, he
said, was implemented in response to the privacy concerns of users.
Surely allowing users to customize what the Tracking-Protection
blacklist blocks would satisfy many users. Panos Astithas replied that user-provided lists are on
the Firefox roadmap.
Posted Mar 24, 2016 6:29 UTC (Thu)
by pabs (subscriber, #43278)
[Link]
Posted Mar 24, 2016 9:35 UTC (Thu)
by malor (guest, #2973)
[Link] (6 responses)
Firefox and cookie micromanagement
OK, it was this specific issue that finally made me drop Firefox, when I'd been a user since before it was even called that. (I thought about going to the physical Mozilla launch party; I didn't go, but I did think strongly about it.) Firefox and cookie micromanagement
The underlying assumption here is that it is possible for a user to assess whether you should accept a cookie based on the modal dialog. That is fundamentally not the case because you cannot know a-priori whether that cookie is used "just" for tracking or for login functionality.
Here's how I used the feature. I clicked Allow for Session, always. And I'd check the 'do the same for all cookies from this site'. This meant that essentially all websites worked perfectly, but their cookies evaporated when I closed the browser. The next time I visited them, I'd be all shiny new, and I wouldn't have to click anything. Their cookies would be evanescent. No matter how many times I returned, I'd be a brand-new user on each visit. My experience would be basically identical to what someone with permanent cookies would see, but then all the local tracking data went poof. This was a great feature.
In the rare case where I actually did need a website to retain data, like my login cookies for lwn, then I'd just Allow. Very occasionally, I decided I wanted to stay logged in on a site after using it for awhile, and in those cases, I'd go into the config pages, and change that site's settings to Allow. This was a little painful, but happened so rarely that it wasn't much of a hassle.
So: my use case was perfectly tuned to the feature, and its removal meant I ended up accumulating tracking cookies for weeks before I noticed. They didn't just stop asking, they also silently stopped honoring the underlying settings. I actually spotted it when I went into settings to explain to someone how to duplicate what I was doing, and realized that I no longer could. (I hadn't noticed that the popups had stopped, because I got so few of them anymore.)
And this absolutely infuriated me. This struck me as the heart of what's wrong with modern Mozilla; user welfare has been pushed way down their priority list. They're jamming crap down my throat that's not good for me, and isn't for my benefit. Rather, they're pushing things that are good for Mozilla, like that Pocket payware abscess. The fundamental disrespect in just silently ignoring a privacy setting.... god, that's just so blatantly rude. It was good for them, but it was sure as heck not good for me.
I mean, couldn't they have freaking deprecated it for a release? Every time I blink they've got a new version. Surely they could have given me a warning message that the feature was going away in the following release, six entire weeks later. Ideally, they should have given me an alternate method, and converted my existing settings. But, even if they didn't want to invest that much engineering time, they couldn't be arsed to implement a popup for a couple revs so we'd know about the problem? Instead of taking the time to analyze things properly, they explicitly decided to ignore my carefully expressed wishes without any warning whatsoever.
I used to love Mozilla, but I no longer believe that's mutual. And I was a paying customer, after a fashion, donating money at the end of each year. I gave more money to Mozilla than I gave to freaking Consumer Reports. No more; I'm on Chromium now.
It was pretty hard to get the same 'almost everything goes away' setting in Chromium. It tends to accumulate a lot more data than Firefox does, especially site local storage, which I think is a Chrome-specific, cookie-like function. Fortunately, I found a nice workaround: a combination of the "Vanilla Cookie Manager" extension, and setting all data to be evanescent. ("Keep local data only until you quit your browser.") When you close the last Chromium window, Vanilla kicks in, saves any cookies from sites you've whitelisted, and then Chromium nukes pretty much everything else except history, which, sadly, has to be manually erased. There is a bug there, though: Vanilla doesn't seem to trigger if you choose the Quit option from the pulldown menu, so if you quit that way, your permanent cookies will be lost. (I wanted to report the bug, but the author is explicitly uninterested in bug reports: he says that he will accept only pull requests on Github. I don't think that's working very well, because at least when I last looked, it's had no activity for ages.)
I'm pretty comfortable, these days. The set of extensions I settled on: Alternate Tab Order (so tabs open like they do in Firefox), uBlock Origin, uMatrix (also from gorhill: an absolutely SUPERB noscript-style utility), and Tampermonkey, to run some user scripts that Chromium won't run natively. And I'm real happy. I used Firefox since before it was Firefox, and they finally drove me away. And their market share drops another 0.00001%.
It just makes me terribly sad. I once loved Mozilla. I gave them money. But I'm no longer convinced they're on my side. This was so poorly handled that my trust in them was finally broken, and I don't think they can get it back.
Posted Mar 24, 2016 14:18 UTC (Thu)
by james (subscriber, #1325)
[Link] (2 responses)
I also find that rejecting third-party cookies breaks surprisingly little.
Posted Mar 24, 2016 15:21 UTC (Thu)
by malor (guest, #2973)
[Link]
Huh, I'd have expected Firefox to genuinely purge things if I told it to purge them. That would have been an easier way to do it, but it seems to me that they're overloading the same control panel with two separate meanings, both allowing the cookies to originally be set, and then what happens when the browser closes.
Regardless, it's the underlying disrespect that drove me away. What I'm *really* objecting to is the absolutely shoddy way the feature removal was handled. After all the rather shitty things they've done over the last year or two, I don't trust Mozilla anymore. I'm pretty sure they're not serving me, and even if I could duplicate my existing setup in a faster and better way, that doesn't restore my trust. I can't count on that team to honor my wishes. Silently ignoring a security/privacy setting like that is extraordinarily bad form. I could have coped with a feature removal, but I can't cope if they hide the change.
I'd also make two observations that you might want to consider. First: are you sure that the cookies aren't being preserved? Because my settings were still all Allow For Session, but they weren't being purged. You might have a ton of cookies you don't know about.
And, second: how confident are you that they'll continue to honor that setting? How do you know they won't silently change that, too?
Posted Apr 13, 2016 17:00 UTC (Wed)
by nye (subscriber, #51576)
[Link]
Same. I've had third party cookies blocked since approximately forever, and I think the only breakage I've *ever* noticed that I was able to attribute to this was Disqus.
Posted Mar 24, 2016 15:34 UTC (Thu)
by anton (subscriber, #25547)
[Link]
Posted Mar 24, 2016 21:38 UTC (Thu)
by MattJD (subscriber, #91390)
[Link]
Local storage is now a standard and most browsers implement it, including Firefox (source: http://caniuse.com/#feat=namevalue-storage ). It does act like cookies, but AFAIU it is more flexible to developers if you want to store large amounts of data in the browser. It also doesn't have the same recognition as cookies, so it isn't as likely to be blocked.
I don't know what the rules are on third-party storage like third-party cookies, so I don't know how well it can be used for tracking across sites. Inside a site, it definitely can.
Posted Apr 13, 2016 16:55 UTC (Wed)
by nye (subscriber, #51576)
[Link]
I don't see what you gain from the extension here. How is this any better than whitelisting them directly? It seems from what you've described like the extension adds an extra redundant step, which - as you point out - doesn't always even work.
Posted Mar 24, 2016 11:40 UTC (Thu)
by jwakely (subscriber, #60262)
[Link]
I switched to the Self Destructing Cookies add-on instead, so I no longer have to care about the brokenness, or absence, of the "ask me every time" option.
Posted Mar 24, 2016 15:53 UTC (Thu)
by flussence (guest, #85566)
[Link] (7 responses)
Maybe they should take a look at Chrome's workflow for cookies (which they also use for Javascript); it has all the functionality one would expect from a browser that respects its users' privacy (and their right to not be forced to execute arbitrary code while web browsing).
After all, Google isn't an enemy or an evil thing, we should stop saying 'copying 20 more UI elements from Chrome each release is wrong...' — nothing wrong with that, it's just a better browser. ;)
Posted Mar 27, 2016 15:40 UTC (Sun)
by Seegras (guest, #20463)
[Link] (6 responses)
Posted Mar 27, 2016 17:30 UTC (Sun)
by flussence (guest, #85566)
[Link] (5 responses)
Also that tone is uncalled for. Chromium devs are *nothing* like the rockstar stereotypes of some “too big to fail” FOSS projects — if you could put forward your complaint in a reasonable way on their issue tracker they're likely to *fix* it; they certainly don't respond to anyone contributing their free time with the sheer rudeness I've witnessed elsewhere.
Posted Mar 29, 2016 19:27 UTC (Tue)
by nix (subscriber, #2304)
[Link]
Posted Mar 29, 2016 21:05 UTC (Tue)
by zdzichu (subscriber, #17118)
[Link] (3 responses)
Chromium was completely missing open-url-from-primary-selection-on-middle-click functionality. After some discussion they've implemented it when middle-clicking on ”new tab” button. It's half the fix – paste target was reduced from whole page into small button.
Posted Mar 30, 2016 17:49 UTC (Wed)
by flussence (guest, #85566)
[Link] (2 responses)
Posted Apr 1, 2016 20:28 UTC (Fri)
by lsl (subscriber, #86508)
[Link] (1 responses)
Posted Apr 3, 2016 20:01 UTC (Sun)
by flussence (guest, #85566)
[Link]
Posted Mar 24, 2016 17:14 UTC (Thu)
by mcatanzaro (subscriber, #93033)
[Link] (1 responses)
Posted Mar 24, 2016 20:00 UTC (Thu)
by mathstuf (subscriber, #69389)
[Link]
Posted Mar 24, 2016 20:11 UTC (Thu)
by ewen (subscriber, #4772)
[Link]
Apparently I now have the window between the "new major version every n (n < 10) weeks" coming out and when the "LTS" version updates to drop this useful functionality to find a workable alternative. Which hopefully is not "surrender to being tracked everywhere" or "log into *all* sites again on browser restart" (I restart my browser fairly often to shed the cookies needed to make some sites work for any visit, as well as session login cookies for site that I want to be *really* sure I've logged out).
I guess I can feel validated in going with the "LTS" version to at least get *some* advanced notice of "breaks your work flow, sorry, not sorry" changes coming.
Ewen
I still get exactly the same effect you got by choosing the preferences "Accept cookies from sites", "Keep until I close Firefox", and putting lwn.net in the exceptions. And then I don't have to click anything while browsing, and it still works on Firefox 45.
Firefox and cookie micromanagement
Firefox and cookie micromanagement
Firefox and cookie micromanagement
Silently diasabling privacy and security on upgrades seems to be a Firefox specialty. I disable JavaScript for security reasons (probably also helps privacy). Some time after a Firefox upgrade, I found that JavaScript was enabled again. And that's despite Firefox still being able to disable JavaScript (now through about:config).
Firefox and cookie micromanagement
Firefox and cookie micromanagement
Firefox and cookie micromanagement
Firefox and cookie micromanagement
Firefox and cookie micromanagement
Firefox and cookie micromanagement
Firefox and cookie micromanagement
Firefox and cookie micromanagement
Firefox and cookie micromanagement
Firefox and cookie micromanagement
Firefox and cookie micromanagement
Firefox and cookie micromanagement
Firefox and cookie micromanagement
Firefox and cookie micromanagement
Firefox and cookie micromanagement