Firefox Firefox 86.0 released

HarborFront

Level 57
Verified
Content Creator
Oct 9, 2016
4,682
Already released. Get it from your internal updater

New​


  • Firefox now supports simultaneously watching multiple videos in Picture-in-Picture.
  • Today, Firefox introduces Total Cookie Protection to Strict Mode. In Total Cookie Protection, every website gets its own “cookie jar,” preventing cookies from being used to track you from site to site.
  • We've improved our Print functionality with a cleaner design and better integration with your computer's printer settings.
    New print preview screenshot
  • For Firefox users in Canada, credit card management and auto-fill are now enabled.
  • Notable performance and stability improvements are achieved by moving canvas drawing and WebGL drawing to the GPU process.

Fixed

  • Reader mode now works with local HTML pages.
  • Using screen reader quick navigation to move to editable text controls no longer incorrectly reaches non-editable cells in some grids such as on messenger.com.
  • The Orca screen reader's mouse review feature now works correctly after switching tabs in Firefox.
  • Screen readers no longer report column headers incorrectly in tables containing cells spanning multiple columns.
  • Links in Reader View now have more color contrast.
  • Various security fixes.

Changed

  • On Linux and Android, the protection to mitigate the stack clash attack has been activated.
  • From Firefox 86 onward, DTLS 1.0 is no longer supported for establishing WebRTC's PeerConnections. All WebRTC services need to support DTLS 1.2 from now on as the minimum version.
  • Consolidated all video decoding in the new RDD process which results in a more secure Firefox.

 

SecureKongo

Level 11
Feb 25, 2017
528
Last edited by a moderator:

HarborFront

Level 57
Verified
Content Creator
Oct 9, 2016
4,682
Thanks, already checked it out. Do you think that I'll have to disable First Party Isolation in order for Total Cookie Protection to work?

View attachment 254512
Some mention here. Look under FF browser

 

SecureKongo

Level 11
Feb 25, 2017
528
Some mention here. Look under FF browser

I am not sure if I'm right, but I think First Party Isolation is redundant now, as Total Cookie Protection creates an individual cookie jar for every website you visit. Is it that what you are trying to tell me? :unsure:
 

HarborFront

Level 57
Verified
Content Creator
Oct 9, 2016
4,682
I am not sure if I'm right, but I think First Party Isolation is redundant now, as Total Cookie Protection creates an individual cookie jar for every website you visit. Is it that what you are trying to tell me? :unsure:
From the below link


Quote

Total Cookie Protection is an evolution of the First-Party-Isolation feature, a privacy protection that is shipped in Tor Browser.

Unquote

So far no mention that 1st-Party Isolation is redundant

In the image below it also says "You are using FPI, which overrides some of FF's cookie settings"

1614092754904.png
 

SecureKongo

Level 11
Feb 25, 2017
528
From the below link


Quote

Total Cookie Protection is an evolution of the First-Party-Isolation feature, a privacy protection that is shipped in Tor Browser.

Unquote

So far no mention that 1st-Party Isolation is redundant

In the image below it also says "You are using FPI, which overrides some of FF's cookie settings"

View attachment 254513
Well, calling TCP an evolution of FPI indicates that it's redundant. Also, it was mainly meant to be used on the Tor browser while TCP looks like the optimized version for Firefox. It was the same with the removal of encrypted SNI recently. Now they implemented Encrypted Client Hello.
 

SeriousHoax

Level 34
Verified
Mar 16, 2019
2,383
Does the strict mode blocks all third party cookies? It's not clear to me. It says tracking cookies
  • Strict: Blocks known trackers in all windows, third-party tracking cookies, fingerprinters, and cryptominers.
Source:
 

silversurfer

Level 69
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
5,831
Total Cookie Protection is a new privacy feature designed to separate cookie data by website. Each site gets its own cookie storage and that means that access is restricted and not shared across all Internet sites.

Mozilla notes that it decided to make exceptions for non-tracking cookies that are cross-site that are needed, e.g. for sign-in purposes on sites. The organization notes: "Only when Total Cookie Protection detects that you intend to use a provider, will it give that provider permission to use a cross-site cookie specifically for the site you’re currently visiting"

The new feature is enabled automatically when you enable the strict mode of Firefox's Enhanced Tracking Protection feature. Firefox users who want to try the new option may point their browser to about: references#privacy to set the Enhanced Tracking Protection preference to Strict on the page.
 

HarborFront

Level 57
Verified
Content Creator
Oct 9, 2016
4,682
Well, calling TCP an evolution of FPI indicates that it's redundant. Also, it was mainly meant to be used on the Tor browser while TCP looks like the optimized version for Firefox. It was the same with the removal of encrypted SNI recently. Now they implemented Encrypted Client Hello.
The image you posted speaks clearly "You are using FPI, which overrides some of FF's cookie settings"
 

HarborFront

Level 57
Verified
Content Creator
Oct 9, 2016
4,682
Yea, thats because settings activated in about:config override the settings in the settings menu as far as I know.
What I meant is (IMO) that FPI does more than just handling cookies. So if you have it enabled it'll override some of FF's cookie settings.

Read the below articles on FPI



 
Last edited:

Upendra19

Level 5
Mar 5, 2019
216
The image you posted speaks clearly "You are using FPI, which overrides some of FF's cookie settings"
If I use FPI, and block all third party cookie then what will be difference between this and Total Cookie Protection. Both settings seem similar to me.
EDIT: Apart from the fact that third party cookies will also be loaded in their respective containers in Total Cookie Protection.
 

Lenny_Fox

Level 19
Verified
Oct 1, 2019
912
As @silversurfer posted TCP does not block cross site access for cookies which are needed for log-in, while FPI isolates all. Like @HarborFront mentioned FPI does more than TCP, but @SecureKongo hunch that TCP is an evolution (together with recent network partitioning and super cookie protection) of FPi for broader audience use is correct (brings a fair share of the privacy benefits of FPI without risk of breaking stuff).
 

SecureKongo

Level 11
Feb 25, 2017
528
Top