Firefox Borrows From Tor Browser Again, Blocks Canvas Fingerprinting

An anonymous reader writes: Mozilla engineers have borrowed yet another feature from the Tor Browser and starting with version 58 Firefox will block attempts to fingerprint users using the HTML5 canvas element. The technique is widely used in the advertising industry to track users across sites. Firefox 58 is scheduled for release on January 16, 2018.

Canvas fingerprinting blocking is the second feature Mozilla engineers have borrowed from the Tor Project. Previously, Mozilla has added a mechanism to Firefox 52 that prevents websites from fingerprinting users via system fonts. Mozilla's efforts to harden Firefox are part of the Tor Uplift project, an initiative to import more privacy-focused feature from the Tor Browser into Firefox.

Re:good!

[Noah Haders]

I agree, summary has a snotty tone. Is it a good for cutting edge security features to be expanded to mainstream browsers? I’m happy for it.

Re:

[Anonymous Coward]

I agree, summary has a snotty tone. Is it a good for cutting edge security features to be expanded to mainstream browsers? I’m happy for it.

'Borrow'. As if there is a debt to be repaid. That isn't how FOSS works. The whole point of FOSS is the Free part. No debt, no 'borrowing'. Just 'sharing' good ideas to be used by anyone for whatever they like (so don't tell people how to build pocket nukes please)

Re:

[Desler]

Yeah it’s for generating 2D graphics.

Re:

[Desler]

Browsers were able to display graphics long before HTML 5 existed.

Cool story, bro. Canvas is for procedurally generating graphics not just displaying something.

Re:

[tepples]

Canvas is for procedurally generating graphics not just displaying something.

Then have the server procedurally generate the graphics, compress them, and send them to the browser. Servers have been procedurally generated graphics long before HTML5.

The impression that I get from a lot of comments lately is that if an application wants to do more than Web 1.0 (navigation and form submission) allows, it ought to be native instead of a web application.

Re:

[DontBeAMoran]

I use canvas for a custom grayscale image conversion tool I made. It has to be real-time when the user moves the sliders, constant communication and server-side rendering and uploading just wouldn't be good enough.

Re:

[tepples]

I use canvas for a custom grayscale image conversion tool I made. It has to be real-time when the user moves the sliders, constant communication and server-side rendering and uploading just wouldn't be good enough.

You could instead make it available as source code and as a Windows executable.

You're right!

[Anonymous Coward]

You just won a FREE T-shirt! [ebay.com]

Re:

[DontBeAMoran]

"A windows executable" would be of zero use to me.

Re:

[barbariccow]

I think he was suggesting that NOT EVERYTHING is appropriate for the web. And surely that is true, web 2.0 and such only really gained momentum because of how crappy windoze is that the only trusted way to run applications on business computers was in a sandbox..

Re:

[tepples]

You could instead make it available as source code and as a Windows executable.

"A windows executable" would be of zero use to me.

Then compile the source code.

Re:

[DontBeAMoran]

And how do you compile PHP, HTML, CSS and Javascript into a cross-platform application?

Re:

[tepples]

Translate the PHP into Node and use Electron.

Re:

[Carewolf]

Does this canvas element in HTML5 have legitimate uses, or was it included specifically to help advertisers covertly track users?

Yes, but reading from it is much more questionable. Not only do a website rarely have use of encoded pixels, and if they want to copy a block they could just paint the commands again.

Awesome

[Anonymous Coward]

Web browsers should add these kind of features, not other silly stuff.

Addons

[markdavis]

Fingerprint blocking is a good feature, unlike the last unnecessary "screen print" or whatever feature. However, I won't be "upgrading" because half the addons I need won't work. :( I suspect a lot of us will be stuck on older versions of Firefox for quite a while...

Re:Addons

[serviscope_minor]

I've actually spoken informally to some firefox people in person regarding addons.

They do know it's a problem, but they feel that the temporary disruption was worth it. They also know the new webextension system is not yet up to the task of replacing the old extensions, but neither is the old one is severely holding up the browser in terms of both security and performance.

The idea is that they get the first version up and running, then work on improving the extension system to put back as many of the missing bits as they can, but in a manner which doesn't break performance or security. With luck, by the time the last pre change LTS goes out of support, the new extension will be able to support the kind of things that people need. Apparently there are quite a lot of heavy extension users at Mozilla so there's internal pressure to get firefox to be as good as it always was in this regard.

Personally I'm optimistic that they can achieve their goal.

Re:Addons

[markdavis]

I understand their reason and desire to switch to webextension, but the issue is that there are some things that many of us need to do that NO "webextension" addon is going to be allowed to do. This is because these new addons will not be allowed to modify the UI or underlying operation of the browser. Three such examples:

FlashStopper (stops html5 video autoplay)
ClassicThemeRestorer (makes the UI bearable)
EnvironmentProxy (sets proxy based on environment variables)

I am confident other important addons will be retained- I already see that UblockOrigin, Adblock Plus (as "AdBlock 57+"), and NukeAnything all work. But I can't bear to use the browser without certain other things.

Re:

[Anonymous Coward]

At this point it's become clear that anything more transformative than basic UI stuff is not something that can be properly supported while keeping the core product tenable. I too went through a denial phase where I presumed that it was possible to keep every addon working while fixing the core browser, if Mozilla just magically put in even more effort and didn't care what it actually cost, but we have to acknowledge reality sooner or later. We're not the ones doing the work, we're just complaining that we

Re:Addons

[markdavis]

Well said. I think the main issue was and has been, however, that Mozilla hasn't really been listening to what the users (and often developers) are saying. We wouldn't complain about the loss of addons that modify the UI had Mozilla not taken away the native ability for user to control the UI. A classic example is "tabs on bottom." It was HUGELY unpopular when Firefox finally removed that single option. And there was really no good reason to remove it. Addons saved the day, and now that will be gone too. And they added insult to injury by adding stuff that users didn't care about or want, things like screenprint, hello, pocket... things that could have easily been optional or even included addons. Development resources that could have gone to filling that UI-control that users do want, and/or performance, and/or bug fixing.

My example of the "Flash Stopper" addon really is a perfect example of the jam in which people find themselves. It is something the browser should be able to do, natively and correctly. Autoplay of video is a HUGE annoyance to many users. And the built-in feature that Firefox offers to supposedly help control the problem is just broken. Here is the bug report: https://bugzilla.mozilla.org/s... [mozilla.org] 2 years and still broken! And now the addon that fixed the problem for perhaps 50,000 users (who managed to find it) will be forever gone because WebExtensions won't allow even third-parties to fix it.

My other example- the Environment Proxy is another perfect example. Up to version XX (forget which), Firefox honored the environment variables for simple proxy control. And one day- BAM, it is just broken. An addon came out to work around the problem, and many years later, there is STILL no native fix. And WebExtensions will take away that solution, too.

So please understand why I am complaining so loudly. It isn't just about not liking change, there are real issues that leave me and others in a real pickle.

Re:

[Anonymous Coward]

The problem here isn't that Mozilla chose to not replace everything, but that they chose a timeline that doesn't work for you. You expected them to miraculously have everything ready for you on a silver platter before they shipped an improved core browser, and when they decided they couldn't do everything before they *had* to ship a core browser, you found yourself in a pickle.

Anyone complaining that they're "not listening" is honestly just full of themselves at this point. Mozilla clearly are listening: th

Ctrl+Q

[tepples]

At this point it's become clear that anything more transformative than basic UI stuff is not something that can be properly supported

Even the UI isn't malleable enough.

I tried Firefox 57 during the first few days of beta. When reaching for Ctrl+W, Ctrl+Tab, or Ctrl+Shift+Tab while researching sources to cite in a Slashdot comment, I would often accidentally press the adjacent Ctrl+Q, causing data loss in forms that neither the browser nor the website knows how to save. Firefox's Restore Previous Session doesn't save script-built forms, such as Slashdot's inline reply form. Nor does Slashdot save them at Preview.

The Keybinder extension wo

Re:

[CrashNBrn]

This is because these new addons will not be allowed to modify the UI or underlying operation of the browser.

Not so much. Firefox's UI can be modified with CSS. Just like when Australis was first introduced.

Tree Style Tab is running in a customizable sidebar; normal tabs at the top can be hidden - with CSS. Try that in Chrome... The least useless SideTabs for Chrome is Sidewise, and it has to run in a completely separate window.

There's also Tab Center Redux [mozilla.org] - a continuation of Mozilla's Tab Center [firefox.com] (Test Pilot experiment), which completely replaces top tabs with side tabs.

And for all the curmudgeons that reject cha

Re:

[Waccoon]

There's also the problem that defining a new API is something that's been put off for way too long, because they wasted so much time with marketing gimmicks and UI redesigns.

It's an extensive change and certainly not easy, but it's clear to the Mozilla community that many things in the browser have been broken and essentially ignored for the better part of 10 years (freezes due to cycle collections, for example, which IMO is a bigger problem than raw performance). Once Chrome launched, Mozilla had an, "Oh,

Re:

[Hognoxious]

Asshole hangs out with assholes. Whodathunkit?

Re:

[Hognoxious]

Good comeback, Cal!

Re:

[0100010001010011]

Refusing to break backwards compatibility is how you end up in the situation Microsoft is in.

Sometimes you need to clean out the attic. I've tested betas and am fairly impressed. Anything that is used will get ported or someone will make something to do something similar.

Re:

[Anonymous Coward]

It's not a terrible idea to get WebExtensions running and ramp up to a better feature set. It's turning off the old extension system while the new API implementation is still bare-bones which is causing the problem.

Re:

[theweatherelectric]

long live pale moon

How does Pale Moon perform in benchmarks and real world usage (like, say, an HTML5 game) versus Firefox 57? Do you have concrete numbers you can show me?

Re:

[MrL0G1C]

https://www.waterfoxproject.or... [waterfoxproject.org]
A fork that continues 'legacy' support.

Re:

[Noah Haders]

Good man, I’m glad. I will always think of you as the HOSTS guy.

Re:

[Noah Haders]

Yeah, i’ll meme that

https://imgur.com/a/85dq7 [imgur.com]

Speaking of Firefox

[wjcofkc]

If like me you gave up on it years ago because it became bloated and slow, try out the latest beta. It's really fast even under a heavy load.

Re:

[theweatherelectric]

the damned browser is allowing ad companies to shovel mountains of video onto the local drive

So use an ad blocker. Problem solved. uBlock Origin [mozilla.org] is a good one.

Re:

[antdude]

OK, but what about the old extensions? :P

Re:

[ayesnymous]

Memory usage got really bad in a recent release. Previously I'd have 10 windows open with around 100 tabs total, and that took up about 2 GB of RAM. For the last few weeks though, those same 10 windows/100 tabs causes Firefox to get up to 6 GB memory usage.

Borrowed from a derivative project?

[FatdogHaiku]

OK, "Mozilla engineers have borrowed yet another feature from the Tor Browser" sounds like they are ripping off some projects better design features, but to be fair, the Tor Browser is BUILT on Firefox to begin with.
That being the case, how is this not just common sense on the part of Mozilla to use features of the derivative to make their own browser better? Tor is still using the Mozilla Public License for their browser so I just don't get the slant of the headline...

https://en.wikipedia.org/wiki/Tor_(anonymity_network)#Tor_Browser [wikipedia.org]

Re:

[Freshly Exhumed]

Tor and Mozilla folks work together on these things. That's what they themselves say.

Re:

[FatdogHaiku]

That only makes sense. My problem was with the confusing headline, the way it reads, there is something wrong with their arrangement, and I just don't see that...

Re:

[maestroX]

Unfortunately this sounds good on paper but in practice it's not going to make any difference for now. Until a sizable portion of browsers do this, blocking is actually going to be an identifying characteristic. The advertisers are going to get a line up of victims and instead of you being the one with Arial and Roboto on their hat, you're going to be the one wearing the tin foil one. That's still a unique, identifying feature until enough of us are wearing tin-foil that they can't tell us apart (by our hat

Re:Unfortunately blocking is self identifying

[fahrbot-bot]

Unfortunately this sounds good on paper but in practice it's not going to make any difference for now. Until a sizable portion of browsers do this, blocking is actually going to be an identifying characteristic. The advertisers are going to get a line up of victims and instead of you being the one with Arial and Roboto on their hat, you're going to be the one wearing the tin foil one. That's still a unique, identifying feature until enough of us are wearing tin-foil that they can't tell us apart (by our hats).

Firefox usage is still above 5% nowadays. Not much, but enough to ensure improvement over identification through font fingerprinting. Blocking at least hides software (OS)/hardware details, which make targeting vulnerabilities a lot harder.

Though I can't attest to the validity of the argument, here's an article I thought was interesting describing how blocking canvas fingerprinting on a low-adoption scale may make one more easily trackable (as the blocking can be used as an identifier): How Canvas Fingerprint Blockers Make You Easily Trackable [multiloginapp.com] If the argument is valid, then adding the capability to Firefox and having blocking enabled by default will help eceryone.

Firefox

[beep54]

Hope this trickles out as I have given up on Firefox and now use Pale Moon.

Blocking is the Wrong Approach

[Anonymous Coward]

I like the idea that Mozilla is working with the Tor guys, they have a lot in common.

But not this. Tor users want to blend together to appear indistinguishable because that's what Tor itself does. But normal browser users aren't behind Tor. They don't have the same use case. What's the point of looking exactly like every other browser if you continue to use the same IP address for days at a time?

Instead of just trying to block fingerprinting outright, Mozilla should be looking at ways to corrupt fingerp

Pale Moon

[Paronymous_Coward]

Pale Moon [palemoon.org], a Firefox fork, has had this for ages in about:config
Just set "canvas.poisondata" to "true"

Re:

[Anonymous Coward]

And the benefits for the feature there are rendered nonexistent, because you're one of a few thousand people using Pale Moon, and one of the ever fewer subset of those users who have toggled that feature.

Re:

[WallyL]

See subject. It's people like you that keep me coming back, for the giggles. Oh, and learning things on occasion.

Block all 3rd party cookies

[madbrain]

Hey Mozilla engineers, if you really want to lower tracking for your users, you should change the default 3rd party cookies setting from "allow from visited" to "never". No more seeing ads for the things you have searched for, after doing that, among other things.

It breaks a few low-value sites like some message boards, but screw those. Privacy is more important.

Disabled by default

[CaffeinatedTech]

Just read the bugzilla thread. https://bugzilla.mozilla.org/s... [mozilla.org] This is part of the `privacy.resistFingerprinting` preference which is disabled by default for all users. So developers who actually legitimately use canvas shouldn't be hit too hard. Just another post on the FAQ page.