Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Does FireFox 42 Private Browing Block Web Beacons?

  • 10 replies
  • 3 have this problem
  • 17 views
  • Last reply by Jaywalker

Jaywalker
Jaywalker
more options

I'm enjoying the increased privacy of FF 42 with its "no tracking" setup in private browsing but I have a question. Does its "no tracking" include that which is done with web beacons, a pixel tab attached to images?

OS X 10.10.5

I'm enjoying the increased privacy of FF 42 with its "no tracking" setup in private browsing but I have a question. Does its "no tracking" include that which is done with web beacons, a pixel tab attached to images? OS X 10.10.5

All Replies (10)

guigs
guigs
more options

Hi, Since it uses the same cookie frame work, I would assume so. Since cookies are blocked, the trackers will not receive the cookie.

If you see otherwise, please report it in bugzilla.mozilla.org. The resources for Filing a bug in bugzilla.mozilla.org are listed below:

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Tracking Protection blocks content from specific hosts. You can check security messages in the Web Console (Firefox menu button or Tools > Web Developer) to see what is blocked.

Jaywalker
Jaywalker Question owner
more options

guigs said

Hi, Since it uses the same cookie frame work, I would assume so. Since cookies are blocked, the trackers will not receive the cookie. If you see otherwise, please report it in bugzilla.mozilla.org. The resources for Filing a bug in bugzilla.mozilla.org are listed below:

Does a beacon have to use a cookie to transmit the data or are there other objects it can use?

Jaywalker
Jaywalker Question owner
more options

cor-el said

Tracking Protection blocks content from specific hosts. You can check security messages in the Web Console (Firefox menu button or Tools > Web Developer) to see what is blocked.

Thanks, but I don't know what I'm looking for as it applies to beacons. I appreciate it, though.

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Does anything show as blocked if you only enable Security messages in the Web Console?

You can also check the Network Monitor.

Modified by cor-el

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

"Beacon" could have multiple meanings. The classic case would be a marketing email. The sender wants to know if a message was displayed by the recipient. The message includes an <img> tag with a specially coded unique URL. In that case, you don't need a cookie to know that the message sent to that recipient was displayed by someone, it is captured by the web server simply from the request. (This is why many mail programs block images by default.)

If that's what you had in mind, it would depend on the domain used for the image. For example, "the list" including these addresses for MailChimp messages:

  • "campaign-archive1.com"
  • "list-manage.com"
  • "mailchimp.com"

https://github.com/mozilla-services/shavar-prod-lists/blob/master/disconnect-blacklist.json

I think with tracking protection enabled, Firefox will ignore requests to those domains for third party content -- and thus not retrieve the image -- but I haven't tested myself.

Since tracking protection really is directed at cross-site tracking, email beaconing domains probably are not a high priority. If these are a concern for you, perhaps an add-on would be helpful.

Jaywalker
Jaywalker Question owner
more options

jscher2000 said

"Beacon" could have multiple meanings. The classic case would be a marketing email. The sender wants to know if a message was displayed by the recipient. The message includes an <img> tag with a specially coded unique URL. In that case, you don't need a cookie to know that the message sent to that recipient was displayed by someone, it is captured by the web server simply from the request. (This is why many mail programs block images by default.) If that's what you had in mind, it would depend on the domain used for the image. For example, "the list" including these addresses for MailChimp messages:
  • "campaign-archive1.com"
  • "list-manage.com"
  • "mailchimp.com"
https://github.com/mozilla-services/shavar-prod-lists/blob/master/disconnect-blacklist.json I think with tracking protection enabled, Firefox will ignore requests to those domains for third party content -- and thus not retrieve the image -- but I haven't tested myself. Since tracking protection really is directed at cross-site tracking, email beaconing domains probably are not a high priority. If these are a concern for you, perhaps an add-on would be helpful.

I'm less concerned about beacons in email, as my incoming images are blocked by default. Some images I have to load or friends will be offended, but I don't allow most things aboard, and when I do I delete cookies soon after. (Not that cookie deletion helps there, given the url tag you mentioned - thanks for the info.) 

I'm more concerned about beacons attached to images in normal browsing. In some news sites, for example, some images are present and some are not. Are these being blocked by NoScript? Disconnect? Privacy Badger? FireFox 42? I don't even know if the reason for blocking it was there were beacons aboard these images or if (most likely) it was being served by a blacklisted ad network. I realize these may be overlapping concepts but I'm trying to come to terms with the "web beacon" part of this in order to determine if/when I'm loading them on my browser.

Finally, I don't even know whether some other http object (besides the url tag in the marketing email you mentioned) besides cookies can transport the beacon info if I do delete cookies.

You might be able to tell that I really don't like being tracked...

Jaywalker
Jaywalker Question owner
more options

My second paragraph above is listed as one line with a slider in my browser window, so I'm reproducing it here. Apologies if you're not seeing the slider:

"I'm more concerned about beacons attached to images in normal browsing. In some news sites, for example, some images are present and some are not. Are these being blocked by NoScript? Disconnect? Privacy Badger? FireFox 42? I don't even know if the reason for blocking it was there were beacons aboard these images or if (most likely) it was being served by a blacklisted ad network. I realize these may be overlapping concepts but I'm trying to come to terms with the "web beacon" part of this in order to determine if/when I'm loading them on my browser. "

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

With multiple blockers running, it is difficult to distinguish what causes what. Firefox's built-in list of tracking domains is supplied by Disconnect, so I think Tracking Protection and the Disconnect extension would have roughly the same effect, although the extension may well have extra features I don't know about.

When a browser requests any resource, whether it's a page, an image, a script, a style sheet, a frame, a video, etc., either a specially coded URL for the request, or the cookies sent with the request, could be used for tracking. But since turning off the computer isn't an appealing option, you have to choose your compromises, or use someone else's computers.

Jaywalker
Jaywalker Question owner
more options

cor-el said

Tracking Protection blocks content from specific hosts. You can check security messages in the Web Console (Firefox menu button or Tools > Web Developer) to see what is blocked.

cor-el, when using the web developer/web console on The Huffington Post, for example as it's one of the most broken when I'm using all my privacy add-ons, I get what appears to e to be a lot of Java Script errors and a few CS, but I can't see any Security issues.