Mozilla Delays Blocking Third-Party Cookies In Firefox

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Despite delaying a default feature, Mozilla is keen to get it into Firefox soon

The next release of Firefox won’t block third-party cookies, although the company is still hoping to add the feature soon.

It’s not a privacy issue for Mozilla, it’s technical problems that are preventing Firefox from getting the same level of personal data protection as Safari, according to Brendan Eich, Mozilla’s CTO and senior vice president of engineering.

For years Apple’s Safari has blocked cookies from sites users haven’t visited directly and Mozilla wants the same in Firefox.

Mozilla LogoAdvertisers are against blocking third-party cookies by default as it stops them acquiring and analysing Internet users’ habits.

Mozilla not hungry for cookies

“The idea is that if you have not visited a site (including the one to which you are navigating currently) and it wants to put a cookie on your computer, the site is likely not one you have heard of or have any relationship with. But this is only likely, not always true,” Eich explained in a blog post.

Eich is particularly worried about false positives and false negatives. He doesn’t want Firefox to accept cookies from certain domains and then block cookies from subdomains, or subsites run by the same website owners.

He also doesn’t believe users are happy to have cookies from a site they visit just once. “Suppose you click on an ad by accident, for example. Or a site you trust directly starts setting third-party cookies you do not want,” Eich added.

Mozilla is currently testing a patch that blocks third-party cookies, which has progressed to the Beta release channel for Firefox 22, but is not on by default.

“We are looking for more granularity than deciding automatically and exclusively based upon whether you visit a site or not, although that is often a good place to start the decision process.

“We plan to ship an evolution of the patch ‘on’ by default, but we want to make refinements first. To make sure we get this right we need more data. Our next engineering task is to add privacy-preserving code to measure how the patch affects real websites.

“We will also ask some of our Aurora and Beta users to opt-in to a study with deeper data collection.

“For those who read this as Mozilla softening our stance on protecting privacy and putting users first, in a word: no.”

Firefox 21 was released earlier this week, with an enhanced interface for Do Not Track, which requests website owners do not install cookies on the user’s machine. Website owners do not have to listen to those requests.

Are you a Firefox enthusiast? Take our quiz!

Read also :