Firefox 86.0 released

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,010
Already released. Get it from your internal updater

New​


  • Firefox now supports simultaneously watching multiple videos in Picture-in-Picture.
  • Today, Firefox introduces Total Cookie Protection to Strict Mode. In Total Cookie Protection, every website gets its own “cookie jar,” preventing cookies from being used to track you from site to site.
  • We've improved our Print functionality with a cleaner design and better integration with your computer's printer settings.
    New print preview screenshot
  • For Firefox users in Canada, credit card management and auto-fill are now enabled.
  • Notable performance and stability improvements are achieved by moving canvas drawing and WebGL drawing to the GPU process.

Fixed

  • Reader mode now works with local HTML pages.
  • Using screen reader quick navigation to move to editable text controls no longer incorrectly reaches non-editable cells in some grids such as on messenger.com.
  • The Orca screen reader's mouse review feature now works correctly after switching tabs in Firefox.
  • Screen readers no longer report column headers incorrectly in tables containing cells spanning multiple columns.
  • Links in Reader View now have more color contrast.
  • Various security fixes.

Changed

  • On Linux and Android, the protection to mitigate the stack clash attack has been activated.
  • From Firefox 86 onward, DTLS 1.0 is no longer supported for establishing WebRTC's PeerConnections. All WebRTC services need to support DTLS 1.2 from now on as the minimum version.
  • Consolidated all video decoding in the new RDD process which results in a more secure Firefox.

 

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,472
Last edited by a moderator:

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,010
Thanks, already checked it out. Do you think that I'll have to disable First Party Isolation in order for Total Cookie Protection to work?

View attachment 254512
Some mention here. Look under FF browser

 

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,472
Some mention here. Look under FF browser

I am not sure if I'm right, but I think First Party Isolation is redundant now, as Total Cookie Protection creates an individual cookie jar for every website you visit. Is it that what you are trying to tell me? :unsure:
 

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,010
I am not sure if I'm right, but I think First Party Isolation is redundant now, as Total Cookie Protection creates an individual cookie jar for every website you visit. Is it that what you are trying to tell me? :unsure:
From the below link


Quote

Total Cookie Protection is an evolution of the First-Party-Isolation feature, a privacy protection that is shipped in Tor Browser.

Unquote

So far no mention that 1st-Party Isolation is redundant

In the image below it also says "You are using FPI, which overrides some of FF's cookie settings"

1614092754904.png
 

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,472
From the below link


Quote

Total Cookie Protection is an evolution of the First-Party-Isolation feature, a privacy protection that is shipped in Tor Browser.

Unquote

So far no mention that 1st-Party Isolation is redundant

In the image below it also says "You are using FPI, which overrides some of FF's cookie settings"

View attachment 254513
Well, calling TCP an evolution of FPI indicates that it's redundant. Also, it was mainly meant to be used on the Tor browser while TCP looks like the optimized version for Firefox. It was the same with the removal of encrypted SNI recently. Now they implemented Encrypted Client Hello.
 

SeriousHoax

Level 47
Well-known
Mar 16, 2019
3,630
Does the strict mode blocks all third party cookies? It's not clear to me. It says tracking cookies
  • Strict: Blocks known trackers in all windows, third-party tracking cookies, fingerprinters, and cryptominers.
Source:
 

silversurfer

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,003
Total Cookie Protection is a new privacy feature designed to separate cookie data by website. Each site gets its own cookie storage and that means that access is restricted and not shared across all Internet sites.

Mozilla notes that it decided to make exceptions for non-tracking cookies that are cross-site that are needed, e.g. for sign-in purposes on sites. The organization notes: "Only when Total Cookie Protection detects that you intend to use a provider, will it give that provider permission to use a cross-site cookie specifically for the site you’re currently visiting"

The new feature is enabled automatically when you enable the strict mode of Firefox's Enhanced Tracking Protection feature. Firefox users who want to try the new option may point their browser to about: references#privacy to set the Enhanced Tracking Protection preference to Strict on the page.
 

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,010
Well, calling TCP an evolution of FPI indicates that it's redundant. Also, it was mainly meant to be used on the Tor browser while TCP looks like the optimized version for Firefox. It was the same with the removal of encrypted SNI recently. Now they implemented Encrypted Client Hello.
The image you posted speaks clearly "You are using FPI, which overrides some of FF's cookie settings"
 

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,010
Yea, thats because settings activated in about:config override the settings in the settings menu as far as I know.
What I meant is (IMO) that FPI does more than just handling cookies. So if you have it enabled it'll override some of FF's cookie settings.

Read the below articles on FPI



 
Last edited:
F

ForgottenSeer 78429

The image you posted speaks clearly "You are using FPI, which overrides some of FF's cookie settings"
If I use FPI, and block all third party cookie then what will be difference between this and Total Cookie Protection. Both settings seem similar to me.
EDIT: Apart from the fact that third party cookies will also be loaded in their respective containers in Total Cookie Protection.
 

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
As @silversurfer posted TCP does not block cross site access for cookies which are needed for log-in, while FPI isolates all. Like @HarborFront mentioned FPI does more than TCP, but @SecureKongo hunch that TCP is an evolution (together with recent network partitioning and super cookie protection) of FPi for broader audience use is correct (brings a fair share of the privacy benefits of FPI without risk of breaking stuff).
 

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,472
As @silversurfer posted TCP does not block cross site access for cookies which are needed for log-in, while FPI isolates all.
But why they literally say that every website you visit gets stored in a different jar. Unbenannt.PNG
 
  • Like
Reactions: Venustus

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,472

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top