The first thing users will see after updating to Mozilla's latest browser, Firefox 74, is a prompt to install the Facebook Container add-on.
The Facebook Container add-on is not new, but has been enhanced in its latest version, 2.1.0, with the ability to add custom sites to the container so that you can "login with Facebook wherever you need to".
The purpose of the Facebook Container is to let you continue to use Facebook but without having the social network site track your browsing elsewhere. "Installing this extension closes your Facebook tabs, deletes your Facebook cookies, and logs you out of Facebook," say the docs.
When you visit Facebook and log in, the cookies it plants are isolated to the container. This prevents Facebook Like buttons and embedded comments from working on other sites. There is also an issue with sites that require or offer a Facebook login, which you can now overcome by adding those sites to the container. Sites are added by clicking a fence icon and selecting "Allow site in Facebook container." The effect is like having two web browsers, one in which you are logged into Facebook and subject to potential tracking on any site which has Facebook content, and another where Facebook has no knowledge of you.
The add-on is well liked by its 1.1 million users, scoring 4.5 stars. To put that in context, though, Facebook is reckoned to have around 2.5 billion users so it is unlikely CEO Mark Zuckerberg will be perturbed.
What is Mozilla doing about Google, another data-hoover? It may be a trickier topic than Facebook, given that the nonprofit is part-financed by the search giant.
Firefox is now updated roughly every four weeks so we cannot expect a large range of new toys every time, but there are a bunch of security features in this release. It seems that we have been talking about the removal of TLS (Transport Layer Security) 1.0 and 1.1 forever, but this is the release where it actually happens. When you visit a site that does not support TLS 1.2 or 1.3, you get a "secure connection failed" error.
There is also support for the Cross-Origin Resource Policy, which lets sites and applications opt into a protection from cross-site scripts as well as certain types of speculative execution attacks. Firefox 74 also by default supports Feature Policy, which enables sites to restrict what features are available to the browser on their side.
Other changes in Firefox 74 include CSS updates, tweaked developer tools, and an improved add-on for working with React. Full details are here. ®
Sponsored: Ransomware has gone nuclear