Firefox recently released version 120.0 with the following privacy-related changes:
Firefox supports a new “Copy Link Without Site Tracking” feature in the context menu which ensures that copied links no longer contain tracking information.
Firefox now supports a setting (in Preferences → Privacy & Security) to enable Global Privacy Control. With this opt-in feature, Firefox informs the websites that the user doesn’t want their data to be shared or sold. This feature is enabled in private browsing mode by default.
Firefox’s private windows and ETP-Strict privacy configuration now enhance the Canvas APIs with Fingerprinting Protection, thereby continuing to protect our users’ online privacy.
The following changes are specifically for Germany-based users:
Firefox is rolling-out Cookie Banner Blocker by default in private windows for users in Germany during the coming weeks. Firefox will now auto-refuse cookies and dismiss annoying cookie banners for supported sites.
Firefox has enabled URL Tracking Protection by default in private windows for all users in Germany. Firefox will remove non-essential URL query parameters that are often used to track users across the web.
My question: should we enable this? If yes, is that also relevant for, for instance, European users?
Edit: if yes, then it could be helpful for users who are within the GDPR-scope:
From the Global Privacy Control website: Under the GDPR, the intent of the GPC signal is to convey a general request that data controllers limit the sale or sharing of the user’s personal data to other data controllers (GDPR Articles 7 & 21).
Yes, Firefox has always been a miss on mobile (where the most internet users reside), almost like it intentionally makes mobile users at risk.
As of today, Firefox stable on Android still doesn’t let users access about:config page, see here, making the users unable to set up DNS over HTTPS (DoH) properly.
Fun fact:Chromium 83 introduced DNS over HTTPS setting in the browser’s GUI across the board - on desktop and mobile, more than 3 years ago.
Ehhhhhh, Android 9 and higher has supported DNS over TLS.
The only issue with that is that Firefox itself doesn’t support ECH when it doesn’t use its own resolver.
Even though the OS supports DoT, the browser should have supported DoH natively. I don’t think this is an excuse for Firefox from missing out on this feature. We’re just lucky to have a secure OS.
This is why there’s no reason for Firefox (not the other forks) to block this feature specifically in the stable release, considering it’s available on the stable desktop version. Moreover, by blocking this feature, it potentially affects some security features in a bad way.
