back to article Firefox 74 slams Facebook in solitary confinement: Browser add-on stops social network stalking users across the web

The first thing users will see after updating to Mozilla's latest browser, Firefox 74, is a prompt to install the Facebook Container add-on. The Facebook Container add-on is not new, but has been enhanced in its latest version, 2.1.0, with the ability to add custom sites to the container so that you can "login with Facebook …

  1. Chris King Silver badge

    "Log in with Facebook"

    Yeah, right. Like I'm going to trust FB to be the gatekeeper for other sites. Same for Google et al.

    1. fidodogbreath Silver badge

      Re: "Log in with Facebook"

      Plus, when you use FB or Google to log in, they provide the 3rd-party site with your personal info.

      Um, no. Never used that, never will.

      1. JDX Gold badge

        Re: "Log in with Facebook"

        It use it for stuff I care little about. It's a shame because it is really nice not having a zillion logins, that these are normally the only two options for SSO. Did OpenID bite the dust?

        1. FreemonSandlewould

          Re: "Log in with Facebook"

          You could always just use Brave browser and skip all the adds and trackers to begin with.

          1. Charlie Clark Silver badge

            Re: "Log in with Facebook"

            Or any browser you like with uBlock or similar.

          2. Anonymous Coward
            Anonymous Coward

            Re: "Log in with Facebook"

            Brave has its own agenda when it comes to monetisation though...so they may be blocking other trackers, but what are they tracking?

        2. IGnatius T Foobar ! Bronze badge

          Re: "Log in with Facebook"

          Did OpenID bite the dust?

          It's still around, but almost no web sites are supporting it anymore. End users simply didn't understand it. I wrote some code for a web server that supported OpenID login, and I also included buttons that would use Google, Yahoo, etc. as OpenID providers -- people used *those* without even knowing that they were using OpenID. Unfortunately, almost no one pasted in their own OpenID, and all of the big services (including Google) eventually shut down their OpenID identity providers.

          Silicon Valley giants do not like open standards when the alternative is something they control.

          1. JDX Gold badge

            Re: "Log in with Facebook"

            I kind of feel Google has all my information already, so I would use their SSO far in preference to FB.

            1. Anonymous Coward
              Anonymous Coward

              Re: "Log in with Facebook"

              Lets not escape from this gulag where we are starving and in constant danger of death. On the outside, on the run, we will be starving and in constant danger of death.

        3. P. Lee Silver badge

          Re: "Log in with Facebook"

          All these things require servers which have to be paid for and configuration to make them work.

          That's a problem. My wireless internet provider doesn't even give me a public ip address - not even ipv6.

          To do this properly you need your own stuff: a properly configured DNS, an internet-accessible IP, a user-based server running the authentication software, configuration coordination with the service provider... and you probably don't have internet link redundancy so an outage stops you doing anything.

          I don't see this working well.

          We need something which can scale, uses existing infrastructure and requires less end-user knowledge.

        4. brotherelf

          Re: "Log in with Facebook"

          > Did OpenID bite the dust?

          Yes, even the overflows removed it years ago. How about Mozilla Persona? No wait… How about Shibboleth/SAML?

          1. aqk
            Big Brother

            Re: "Log in with Facebook"

            How about Gravatar? I have several of these, using the Anonnie Mouse Sudo nims...

            Or has Gravatar been co-opted by Wordpress?

      2. Anonymous Coward
        Anonymous Coward

        Re: "Log in with Facebook"

        Nope, the Zuck has you when you check, keep me logged in which permenent runs Farcebook code in the background collecting everything you do, read the fine print.

    2. HildyJ Silver badge
      Pint

      Re: "Log in with Facebook"

      I already use the old container version and, since I don't use sites that force me to login to Facebook (since I deleted my account a long time ago), I'm happy with it.

      But this seems like a great solution for FB addicts. Kudos to Firefox for their privacy push.

  2. chivo243 Silver badge

    No FB for me, ever

    But I am still concerned about how they track me anyway. This is great!

    1. bombastic bob Silver badge
      Devil

      Re: No FB for me, ever

      yeah I'd like those details published, please.

      With more and more sites requiring script+cookies+whatever, I've resorted to running a "true sandbox" firefox for them. Log in as a non-priv user via 'su -', accessing my X11 desktop using a 'DISPLAY' environment variable in the context of that user (not the logged-in user for the desktop in other words), and close the browser completely when I'm done with it. Whenever I close that particular browser, it automatically WIPES ALL HISTORY AND COOKIES. So every time I run it, it is a "clean slate" with NO tracking data.

      If I need multiple sites open at the same time, I can just have MULTIPLE USERS for this purpose.

      IP address and browser fingerprints are still possible, though. If I cared enough I'd "genericize" the browser string, too, make ti say I'm running Win-10-nic and Edge or something.

      and NO Faece-Bitch login for ME, *EVAR*

      1. katrinab Silver badge
        Pirate

        Re: No FB for me, ever

        So you are the only person in the world who uses Edge as something other than a Chrome downloading tool. Therefore you are very traceable.

        1. Franco Silver badge

          Re: No FB for me, ever

          I use it as a Firefox downloading tool.....

        2. phuzz Silver badge

          Re: No FB for me, ever

          I use Edge to load a handful of tabs that I can't be bothered to keep as pinned tabs in another browser, but I occasionally need to check.

          I load Edge, check what I need to check, then close Edge again, without it interfering with my normal browsing.

          1. aqk
            Paris Hilton

            Re: No FB for me, ever

            Edge unloaded? Don't forget to czech your Edge cookies in Firefox.

  3. quxinot Silver badge

    Though with the amazing lack of quality that Firefox has had lately (and I'm saying this as a very hardcore FF user!), I expect the plugin won't work properly anyway.

    Which is very unfortunate.

    1. IGotOut Silver badge

      I can't say I've had problems except by lazy, shit webdevs that don't bother testing with anything other than Chrome.

    2. stiine Silver badge
      Facepalm

      You'll also be happy to know that as of 73, if you use ALT key combinations that you can no longer reset zoom to normal using ALT-V-Z-R because the developer(s) who implemented the new zoom handler don't use ALT key combinations, and the neither do their UI team. This key combination has been valid as far as I can remember, so now its ALT-V-Z-use-the-damn-mouse.

      1. Sandtitz Silver badge
        Facepalm

        ALT-V-Z-R ?

        CTRL+0 has been used to reset zoom since ...I can't even remember.

        My localized Firefox would use ALT-N-S-T anyway for the key combo you're after.

    3. Anonymous Coward
      Anonymous Coward

      I think it works great. I've been using the more generic multi-account containers and they are amazing.

      Also really helps logging into multiple O365 instances for work purposes. Normally this isn't possible at the same time.

  4. SJA

    Google is the lesser evil

    From facebook we know that they sell directly all your data and give thousands of shady people full access to its api so slurp up everything. Google, on the other hand (to my knowledge), does not sell your data directly. They will match it with ads but the advertisers don't get your data. While both data hoarding services are very worrisome, currently I still view Google as the lesser evil of the two.

    1. Nifty Bronze badge

      Re: Google is the lesser evil

      I thought that Youtube visitor stats down to IP address are sold to anyone who wants them?

    2. Anonymous Coward
      Anonymous Coward

      Re: Google is the lesser evil

      That's not right. Google's API provides just as much access as Facebook's. Google has APIs allowing developers to get access to all your emails on Gmail, for example. You need to log in to the third-party app to grant that permission, the same as Facebook. Facebook's ad targeting is very similar to Google's, and advertisers don't get access to the data with Facebook nor with Google. You can sign up as an advertiser with both, and see exactly what other advertisers see.

      Cambridge Analytica was due to the amount of data available via Facebook APIs. The same thing could have happened with Google APIs, too. Facebook's APIs are way more locked down these days.

    3. aqk
      Flame

      Re: Google is the lesser evil

      But...but....

      I've heard that Google does no evil.

      Long ago, some wise IT guru said that. Sorry- I can't remember who....

      1. knottedhandkerchief

        Re: Google is the lesser evil

        Always thought "Don't be Evil" was a reference to Google's (then) competitor, Microsoft, the "Evil Empire"... - i.e. a nudge to Google employees not to do the same as Microsoft would.

  5. Anonymous Coward
    Anonymous Coward

    It's much easier on my machine..

    I've put a line in the hosts file that resolves facebook traffic to 127.0.0.1.

    Prevents even accidental visits to that loathsome place on the Net..

    1. Weiss_von_Nichts

      Re: It's much easier on my machine..

      One line is not going to do very much. FB has quite a lot of domains.

  6. IGnatius T Foobar ! Bronze badge

    block facebook in /etc/hosts

    The best way to prevent Facebook from stalking you across the web is to block all of their sites and servers in your /etc/hosts file (or C:\windows\system32\drivers\etc\hosts if you're on windows). The blocklist can be downloaded and is a quick web search away.

    This has the side effect of also making it impossible to log into Facebook itself ... but that's a feature, not a bug.

    1. Charles 9 Silver badge

      Re: block facebook in /etc/hosts

      Unless you NEED Facebook for something...such as Messenger, which happens to be the ONLY way to keep in touch with various important members of your family (phone reception is spotty where they live, so they normally use hotspots).

  7. mark l 2 Silver badge

    "Facebook is reckoned to have around 2.5 billion users so it is unlikely CEO Mark Zuckerberg will be perturbed."

    I am not convinced that the number of ACTIVE people on Facebook is anywhere near 2.5 billion, I suspect this number is touted by Zuckerberg to make it seem like a better platform for adslingers than using Google.

    There are still lots of dormant accounts (I know as I have one) plus duplicates, fakes, bots and even accounts for peoples pets on there.

    1. Anonymous Coward
      Anonymous Coward

      pets

      I know of at least 3 accounts that belong to deceased pets

      1. Ordinary Donkey

        Re: pets

        I wonder how many accounts claim to be owned by Corona-chan?

      2. Ken Shabby Bronze badge
        Joke

        Re: pets

        That'll teach 'em.

    2. Anonymous Coward
      Anonymous Coward

      Facebook has form for inflating numbers.

      https://www.thewrap.com/facebook-inflated-video-views-lawsuit/

  8. Frumious Bandersnatch Silver badge

    I smell good

    because I use lynx

  9. P. Lee Silver badge

    Extend this mechanism

    We probably need a "work domain" and an "internet domain" as well.

    The "internet domain" has lower privileges.

    1. brotherelf
      Black Helicopters

      Re: Extend this mechanism

      > We probably need a "work domain" and an "internet domain" as well.

      *gets flashbacks of the IE6 security settings slider*

      1. Anonymous Coward
        Anonymous Coward

        Re: Extend this mechanism

        I'm sorry to hear that! I sometimes have flashbacks of IE6 too in my nightmares. I hope you will recover soon!

  10. big_D Silver badge
    Angel

    Facebook free.

    Just set it up and activated. It has found no trace of Facebook trackers in Firefox... So that will be my Pi-hole working as expected then.

  11. Zippy´s Sausage Factory

    I didn't install it. Basically because I have an instance of Firefox kept around that is JUST used for Facebook, nothing else. And it breaks Scrabble.

    I'll probably put it back when the EA Scrabble gets deleted from the web sometime in June.

  12. LDS Silver badge

    I can junk Facebook, but I can't junk switches and other devices just because TLS 1.2

    I wish someone could explain Facebook developers that only means people will disable HTTP fully. Some I can access in SSH, some not. And sometimes a visual view is easier to gather some information.

    I wonder if those developers are working from an isolated bunker well before any pandemic took place. Because they look to have a very narrow view of the world.

    1. The Dogs Meevonks

      Re: I can junk Facebook, but I can't junk switches and other devices just because TLS 1.2

      That narrow view of the world is that they are entitled to know everything about you, every scrap of data you produce regardless of if you even have a feacesbook account.

      Anything that fucks with that is a good thing in my book.

  13. James O'Shea

    Question: what if you don't have a FB account?

    Should you still turn on the container? Are FB trackers live even if you don't have an account?

    1. Anonymous Coward
      Anonymous Coward

      Re: Question: what if you don't have a FB account?

      Yes, and yes.

      1. James O'Shea

        Re: Question: what if you don't have a FB account?

        Okay. Facebook has been contained..

        Would I be a naughty person if I considered using Zuck and all senior FB execs as the test pool for testing vaccines for, well, for everything from COVID-19 to Ebola?

    2. katrinab Silver badge
      Childcatcher

      Re: Question: what if you don't have a FB account?

      Facebook will create an account for you even if you are not signed up.

  14. Number6

    OK, this means I can ditch Chrome, which I was using solely for FB-related stuff precisely to keep it separate from normal browsing done in Firefox. That should make the PC a bit more responsive, not having to run two resource-hungry browsers.

  15. Electronics'R'Us Silver badge
    Thumb Up

    I installed this a while back

    Works great.

    Wherever there is a facebook button, it overlays a little gate icon to show it has detected (and blocked) the slurper.

    Never had a farcebook account and never will. Ergo, they should not be able to track me around the web and this nice little tool does precisely that.

    (I have also disabled flash 'cookies' without going to the website and asking for it - it is really simple).

  16. Adrian 4 Silver badge

    It's a start

    Why don't all sites get this treatment ? FB is only the worst.

  17. kmedcalf

    No Prompt for me

    I didn't see any prompt. I guess I have my security set too high to be pestered by such shenanigans.

  18. Anonymous Coward
    Anonymous Coward

    As if 99% of Farcebook users would have a clue what any of this means. Way to shake down The Zuck!

  19. JulieM Silver badge

    Good start

    This is a good start. Maybe it can be enabled by default in Firefox 75?

    The next thing we need to start doing is deliberately messing with tracking cookies.

  20. Maelstorm
    Thumb Up

    I'm surprised that...

    I'm surprised that it's taken this long for somebody to do this. However, I came up with a solution some time ago that works pretty well without fancy addons and extensions.

    1. Go into the settings of your browser.

    2. Navigate to where the settings for cookie handling are located.

    3. Turn on the option to delete cookies when the browser closes.

    And that's it. Everytime your browser closes, if forgets any and all cookies that were set.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020