An upcoming version of Firefox will have tracking protection in private browsing. How does the Firefox Tracking...
Protection feature work? Are there other methods enterprises can or should use to block tracking ads and links or are browser-based features the best approach?
To protect users' privacy, most browsers offer some form of private browsing mode that stops data such as cookies, temporary files and pages visited being saved on the user's device, but this functionality doesn't prevent third-parties, distinct from the site being visited, from collecting information about the pages someone visits. Beginning with Firefox version 43, a new feature in Firefox Private Browsing called Tracking Protection will allow users to block content like ads, invisible tracking pixels, calls to analytics engines and share buttons that may record their behavior across sites to protect them from nonconsensual online tracking.
Firefox Tracking Protection automatically blocks any Web content from a list of domains known to track users provided by Disconnect, a certified public benefit corporation. It is active for all sites when a new private browsing session begins, but as some webpages don't function correctly when certain content is blocked, users are able to disable it for a particular site for the current browsing session. A shield icon appears in the address bar whenever Tracking Protection is blocking tracking domains -- the Security tab in the Web console shows a list of any blocked resources.
Robert 'RSnake' Hansen of WhiteHat Security discusses Web browser vulnerabilities
Firefox Tracking Protection will be far more effective at stopping users from being tracked than the Do Not Track (DNT) header supported by most browsers, as websites and advertisers can choose to either honor or ignore it. A DNT header value of 1 indicates that the user does not want to be tracked but there's no legal or technological requirement to acknowledge the request. The Digital Advertising Alliance, for example, doesn't require its members to honor automatically set DNT values.
There are other options, besides Firefox Tracking Protection, that enterprises can deploy to protect their employees' privacy and address the problem of nonconsensual tracking. There are browser add-ons that block spying ads and other third-party trackers like Privacy Badger from the Electronic Frontier Foundation, Adblock Plus and Ghostery. Disconnect also offers its own products for blocking malicious tracking. While features and functionality may differ slightly between products, enterprises should choose the product best suited to their environment and that allows an easy rollout to all users and their devices.
Read more on the Web browser security features for Microsoft Edge
Find out if the Aviator Web browser is secure enough for enterprises
Learn about Google's new Chrome extension security policy
Dig Deeper on Web browser security
Related Q&A from Michael Cobb
Expert Michael Cobb details how to argue for a multistep secure code review process, like Microsoft SDL, and the pros of secure coding practices. Continue Reading
Researchers developed a tool to help prevent improper certificate pinning that causes security issues. Expert Michael Cobb reviews the issue and the ... Continue Reading
Google Project Zero discovered a WPAD attack that could target systems running Windows 10. Expert Michael Cobb explains how the attack works and how ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.