Focus (for Android) doesn't use Google analytics directly, but it's an indirect dependency - see below.
Focus does have:
- Mozilla telemetry: enabled by default in Focus, disabled by default in Klar. This only sends data to Mozilla servers, and only concerns what features people use (i.e. do people use share, do people use custom tabs, do people clear using the bin button or the notification). This stuff is used for deciding what features to prioritise (or remove), and doesn't involve Google servers.
- Adjust SDK: an install attribution tool (aka install referrer tracking). This is only used to determine whether the app was installed as the result of a specific (google-hosted) ad campaign. Adjust depends on play-services-analytics. ( https://www.adjust.com/glossary/install-referrer/ ). This only comes into play if you install the app from the play store (which funnily enough Google own). This is the only time play-services-analytics shuld be used, i.e. on first install. This is also disabled in Klar.
(The more interesting question is: could Focus receive the INSTALL_REFERRER itself for ads attribution instead of using Adjust? That data might be meaningless without asking google to tell you where it came from, and they provided it in the first place anyway...)
The kind of intrusive cross-site “we want to know evetyrging you do on the internet” style tracking that focus blocks is completely different than the minimal application usage telemetry that it collects.
Focus increments a counter if you search. With no way of knowing who you are, what you searched for or any way to correlate it to other telemetry.
Pretty sure they will get your IP. If you use any other Mozilla product, chances are they know who you are. And they can correlate it with other telemetry data. Not saying they do, just that they can.
The biggest problem with this line of thinking is telemetry data _can_ be used extremely effectively to "serve you better".
Denying the ability to collect telemetry data for privacy conscious products is to deny them the ability to improve their products using data-driven approaches that have been proven to be overwhelmingly effective in practice.
This would be an extremely heavy handicap, and could very easily make a tangible difference in the prospect for any such product to gain the market share and the resulting network effects needed to become and remain competitive with products and companies that couldn't care less about your privacy.
So at the end of the day, condemning companies like Mozilla who clearly make a serious effort to collect only the most essential and non-identifiable metrics to improve their product can be quite counter-productive if your endgame is for privacy-conscious apps and companies to be as successful as their mainstream counterparts one day.
It collects things like "how slow is rendering" or "do you use feature X?". It's all anonymized, and you can verify this from the source (you can also turn it off). Folks are very careful if adding new telemetry metrics.
I'm okay with telemetry, if it makes Firefox better. It's a way of 'paying' for Firefox. Your trust has to go somewhere eventually, and Mozilla doesn't seem like a bad option.
IIRC it is pretty anonymized already. I don't recall the details.
Also, Mozilla's privacy policy explains what Mozilla can do with the data. Generally it's not a matter of trusting the company as much as it is believing they'll follow their own privacy policy, which IMO is a reasonable assumption for most companies (including Facebook and Google, which use your data but do tell you about it)
I'll add an anecdote as a counter-example (I think the details might be a bit off here, it might not be VS):
Visual Studio removed 'macro' functionality, and a bunch of developers went to the forums to complain and demand an explanation.
That explanation was as follows: None of those developers enabled "send usage feedback," so the usage statistics for macros was close to 0%. The developers sensibly thought it made sense to stop supporting that feature.
There's a tradeoff associated with extreme privacy, and perfect is the enemy of good.
Hypothetical example... but what nefarious things can one do knowing that some anonymous user happens to e.g. refresh pages a lot (or even, how can that data be sold)? OTOH it does let the developers know whether removing the refresh button would affect a lot of users. Or whether moving it elsewhere is sensible (e.g. to the toolbar if used a lot, or into a deeper menu if rarely used).
Sure, this example is contrived. But in some cases features make app development more complicated (ALSA support in desktop firefox might be a better example, but I'm not super familiar with that case). Knowing that a feature isn't used makes it easy to accurately remove crufty/complicated features without negatively impacting a lot of users. And makes it possible to justify retaining complex features that happen to be useful to many users.
Same story with crash reports (typically users have to explicitly confirm sending crash reports in many applications, no idea what kind of system Focus uses though). You need to know which issues are actually important, developers don't have infinite time (as much as we wish we did).
(I used to be sceptical too... but you're sailing blind without this kind of data, and ultimately hurting both yourself and your users.)
The data that is sent doesn't contain any relatable information, but you still have to connect to the Mozilla server to deliver it which in turn could be associated with the content you sent.
Mozilla unlikely does that right now, but they have to advertise truthfully nonetheless. Even if the reason is merely that people won't turn on that feature otherwise, there is no need for us to tolerate such hypocrisy.
Why not do privacy properly? Then the first comment in any conversation won't be well, there is that in-house telemetry.
You can't advertise as a "private browser" an get away with that PR bullshit. "Anonymous" usage data is anything but when the server receiving it can easily tell who it's coming from. Mozilla is not the user, it breaks the entire idea of privacy.
As people below have already added their comments, I just want to give my two cents. This is not PR bullshit, but the Focus team can consider asking users on first run.
This private browser, having been using it since beta on iOS, is nothing more than just a private browsing window like the one offered in Desktop version (I am not here to debate the technical implementation since I do not know).
Telemetry does not break privacy. Privacy is a contract between the user and the product creator. In this case, Mozilla offers opt-out and does its best effort to document. User has the right to opt out or even choose not to use the software.
To me, this is a positive user feedback, but not some PR bullshit (frustration I get it). When someone says your session is private under TLS, well, your IP and user-agent are almost guaranteed captured in server logs, but you can choose to believe/not believe the service provider promises in the respective ToS.
Part of the problem is when Mozilla gives data to Google, there is no way of knowing what Google does with it.
If you want to trust Mozilla AND Google AND trust that no gag orders have been issued to the above companies by the NSA, CIA, FBI et al, fine. That's the way 99% of apps work. They all have privacy policies, and people generally trust them.
The whole point of explicitly "private" or "anonymous" software is that there are a bunch of users that do NOT trust the above.
Calling your software "private browsing software" and then having Google-anything embedded in it is like serving vegetables cooked in chicken broth and calling your dish "vegetarian". Although 90% of the population will gladly eat your chicken broth, it's disingenuous to sell it to actual vegetarians.
As mentioned elsewhere in this thread, the Google SDK is only used to record whether the app was installed by way of an ad campaign Mozilla is running on Google. All other telemetry data goes directly to Mozilla servers, and contains things like "feature X was used"—not browsing data.
That is not actually what I said. The only component we use for campaign tracking is Adjust which has nothing to do with google services. Adjust has gone through a very tough vetting process.
> - Adjust SDK: an install attribution tool (aka install referrer tracking). This is only used to determine whether the app was installed as the result of a specific (google-hosted) ad campaign. Adjust depends on play-services-analytics. ( https://www.adjust.com/glossary/install-referrer/ ).
play-services-analytics is what I meant by "the Google SDK" in question; sorry if that was unclear!
You include an untrusted, proprietary binary from Google. Not directly, but as a recursive dependency: com.google.android.gms:play-services-analytics
So, yes, you give data to Google. The Google analytics dependency you include could literally be malware, and you could not test, or know. And you never know if it doesn’t just decide to steal your data and transmit it all, be it by Google’s decision or because an NSL was issued to demand Google do that.
So, yes, as soon as you include this dependency, the entire browser has to be considered compromised, and you might as well just use Google Chrome.
I'd like to see some actual evidence that we can act upon rather than a strong unsubstantiated opinion. If we really leak anything than I will stand corrected and the team will fix that promptly.
Because that library is there does not mean that we are giving data to Google. It does not even mean that it is active or that it is sending anything.
This is a very strange conclusion that you present. I feel you are just twisting and turning to come to an unfavourable outcome here.
Even Google has decent data collection policies. They will not randomly make an application collect data without the developer opting in. We did not opt in. We are not including any sort of google analytics api key to enable anything.
> Even Google has decent data collection policies.
I’m not sure if you’re trying to intentionally ignore the issue here.
You are asking people to trust Google. If people trusted Google, they’d use Google Chrome in the first place. Your entire userbase is people that don’t trust Google, at all.
If you use Google proprietary software in Firefox, and tell people to just trust Google, you just entirely destroyed every value Firefox ever had, and your own job.
The whole purpose of Firefox is that I don’t have to trust Google. That I don’t even have any kind of interaction with Google. That I can exist without having to use Google’s technology.
If you use Google Analytics in Firefox’ Addon menu, or in Firefox Focus, and say "but Google doesn’t technically track people because we have a contract with them", then I can just as well use Chrome. If I trusted Google to keep their word, I’d use Chrome.
Chrome runs far faster, looks better, is easier usable, has better addon support, works with more websites because everyone only supports Chrome anymore, it actually supports 10 bit video, oh, and it even does hardware video decoding on Linux.
The entire reason anyone still uses Firefox is because they don’t trust Google. If you ask people to trust Google, you’re literally telling them to just use Google Chrome.
That is the elephant in the room that everyone at mozilla tries to ignore by putting Google Analytics into the addon menu of Firefox (and, as result, also in the Tor browser), and by importing a Google Analytics library into Firefox Focus. This destroys the one single value that Firefox has in the current world: It’s not Google.
I don't think they're ignoring the issue, I think you're pushing an issue that they've already explained in parts of their statement that you chose not to quote.
>
st3fan: Because that library is there does not mean that we are giving data to Google. It does not even mean that it is active or that it is sending anything.
Having gone through the comment chain in other places it seems like your entire position in the debate between you and st3fan is based on ignoring what he's actually saying in general. In response to their request for evidence your responded
>That's pretty simple. Don't use proprietary software.
which sidesteps the query entirely and does nothing to lend credibility to your original position.
I don't expect to change your mind and frankly I don't have a reason to, but if your goal is to have productive or persuasive conversations then you may want to evaluate your current communication strategy.
It is disappointing that it seems the Mozilla representative on this thread does not appreciate that Google cannot be trusted on this. Anyone who has been a Chrome user for a period of time, and tried to use its privacy settings to stay private, will have noticed that they do not observe their own policies. Their entire business is based on monitoring people to improve targeting of advertising. I am technical (former CTO) and have put a lot of time into carefully tweaking settings for privacy, and there is no question that Google "cheat" on this.
I thought Firefox Focus was a great step forward in privacy, but I am dismayed to see it includes Google code, that it uses a third party analytics library, and that the developers do not see either of those as a big problem.
Well, the browsing is private. The way you obtain and use the browser isn't necessarily. It's an important distinction, though it's certainly still enough to be a dealbreaker for some.
>Telemetry does not break privacy. [...] User has the right to [...] choose not to use the software.
So, every software is the pinnacle of privacy, right? After all, you don't have to use them... Idiot.
I don't have to trust them if the code is open source and it doesn't send any data back to them or anyone else unless I explicitly allow it. I will try this browser and I will turn off telemetry, just like I do with Firefox. What makes me angry is why call it a "private browser" and not take it all the way? You can accomplish everything this browser does with Firefox except you have to configure it, why leave this one last thing enabled by default? I know no one at Mozilla really thinks "you can trust us" is a valid claim in the privacy game so something else is up, probably not a conspiracy, but at the very least, the wrong people are making some calls.
Absolutely correct jasonkostempski. YouTube search any martech data analytics talk to prove the "anonymous" is anything but. That anonymous I'd is ran through 15 data streams and linked back to your primary id. That's the only way the figured out the multi device single user analytics.
Reading that link it says nothing about disabling Google analytics, which is what the parent post implies is at play here. It is not clear that is the case, but if it is, the disable button does nothing to help you.
Firefox's about:config does not seem to work on FF Focus either.
If you recursively import a proprietary binary, it still ends up in the resulting apk. I’ve checked the APK, the Google Analytics libary ends up in it, and it is not in any way sandboxed from the rest of the browser.
It may end up in the APK but that does not mean it is actually used. This is the unfortunate side effect of pulling in dependencies with dependencies.
I can assure you that Adjust does not talk to google analytics behind our backs. It may have that option, but we did not configure it to use that functionality. What would it talk to, we did not configure an API key.
I will find out if we can remove this dependency to avoid confusion.
I'm relatively uninformed here, but Google often requires Android app developers to bundle Google Play Services for various features like Chromecast[1]. It is possible that the Mozilla folks needed Google Play Services for some feature.
I'm a developer, and I've worked with this before, but the library included here has only the purpose of analytics, and is not required for anything else.
Google has recently been moving GCM over to FCM, since the Firebase acquisition, and FCM has a hard dependency on the analytics library for some reason (even if you're not availing of the service - perhaps as a veiled upsell attempt).
It seems very likely that Firefox would be making use of GCM/FCM - I think most major apps do - so this could be it.
Incidentally, this same topics is one of the main controversies around the development of the Signal chat client - it uses GCM, which a good few prospective users object to on similar grounds.
Unfortunately, unless you've rooted your phone, GCM/FCM is the only battery-efficient way to provide push to Android phones.
> Unfortunately, unless you've rooted your phone, GCM/FCM is the only battery-efficient way to provide push to Android phones.
But, and this is the interesting part, the userspace library of FCM can be easily reversed and cloned (the information required for that is here https://gist.github.com/justjanne/153bd4886f92be0ee57fb40842...), and the system-side part of FCM has been cloned in an open way (see the µG project).
I was aware of the µG project (it requires root to install though), but I'm not sure I see the point/relevance of cloning the userspace library outside of using it with µG. If you don't have µG, your cloned userspace library is still sending everything through Google's servers right?
Note: I should possibly have been clearer above by saying "is the only battery-efficient way to provide push to Android phones without root"
IIRC, Signal now falls back to not using GCM if it isn't available on the phone, so users concerned with that which don't have Google Play Services on their phone can still use Signal. Of course of it is available Signal will use GCM, for the battery savings.
Maybe, but Mozilla has a quite a record for using firefox for surveillance and spying purpose, the early versions of firefox had a proprietary modules just for this purpose and the recent version have 'telemetry'.
AFAIK f-droid always had a warning about firefox containing and promoting non free in addition of tracking users
It is not surveillance or spying ffs!!!! It is telemetry, which is anonymized data for the purpose of statistics and crash analysis.
remember, you can check the source code. You can build your own version. Telemetry helps people. Telemetry helps Mozilla deliver better firefox. STOP SPREADING FUD.
Im sure ad companies claim much the same thing, tracking is just telemetry for statistical anonymized bulk purposes, that is really just benefiting the user!
The point is you cant have it both ways, both decrying tracking of users and then actively enaging in it, and agressively defending it when it comes to light.
Except for the part where you completely ignored their point that you and anyone else with security concerns can conduct their own audit of the code and verify whether or not the telemetry functionality is performing in the manner described.
You have to understand how extremely strict Mozilla is with using third-party services for things like crash reporting and telemetry. It is extremely difficult to find services that meet our very high standard for privacy.
Wait... Focus doesn't use Google Analytics because they don't meet your very high standards for privacy. But it does use Adjust, which means Adjust does meet your very high standards, even though it uses Google Analytics?
This is a misunderstanding. Adjust does not use google analytics. You are connecting unrelated things. The existence of a library, which actually is not a google analytics library, does not mean at all this app talks to google servers.
AFAIK Focus and Adjust make no connections to google. Check the source?
But Adjust only comes into play when the app is installed by clicking on a Google ad campaign. So at that point, Google already knows you've clicked on the ad and installed the app (because that's how they bill Mozilla).
I don’t think Adjust is for Google ad campaigns actually. It is used for links we put in our emails or in Firefox desktop. Or for ads that we buy on Facebook. I don’t think there is any connection to google.
We also include Adjust in Focus (not in Klar) for attribution tracking - to understand where the install came from. (This is useful if you are spending money on campaigns and you would like to understand what campaigns are the most effective)
Mozilla can solve this problem the right way by doing what debian does when it wants to collect statistics: Ask users if they want to donate their information to Mozilla on first run or during the installer.
Recording users' behavior by default with informing the user clearly and giving him the option to opt-out is abhorrent, regardless of the benignity of the reason behind it.
Disclosure: I use firefox, but periodically strip all relevant hidden add-ons and disable all information sending possible.
> Mozilla can solve this problem the right way by doing what debian does when it wants to collect statistics: Ask users if they want to donate their information to Mozilla on first run or during the installer.
> Recording users' behavior by default with informing the user clearly and giving him the option to opt-out is abhorrent, regardless of the benignity of the reason behind it.
(Even as a Firefox/Mozilla fan,) I completely agree that this behavior is what Mozilla should follow everywhere. I always choose to enable telemetry for Firefox because I want to help Mozilla and trust it. But defaults need to be sensible and protective of the user, first and foremost. If most people choose to turn it off on first run when asked for, then the actions to be taken would be educating users (in simple language) on the scope of data collection and improving the reputation of the organization/company behind it.
I dunno. The stats are really super useful for insight into how REAL PEOPLE (not self-selected do-gooders) use the software, and also how new things (like Stylo!) interact with the many unique hardware, driver, software environments people run Firefox on.
Then let's record video and audio from everyone who has installed Firefox to understand even better how the real users use the browser. Let's also record all the sites they visit and all the keys they press on a virtual keyboard.
Mozilla have used various telemetry tools over time to assist with product development. It's possible they're trying to covertly track users but unlikely. It should certainly be known and public but does not necessarily equate to spying.
Intent makes absolutely no difference. If an application is sending any information, anywhere that is not controlled by the user, and only the user, even if the user can clearly see all of it, it is, by definition, not private. No matter what Mozilla says, anonymity cannot be guaranteed. If they want feedback, they should ask for permission after a crash is detected locally. It should offer the options "No"; "No, never ask again"; and "Yes, ask again for future errors". It should explicitly not offer "Yes, always send" and "Always send" sure as hell should not be the default in a "private browser". The only way you can truly trust someone is when you don't have to.
The proprietary module (now long removed) is among the reasons the iceweasel project was born (not the debian one but the GNU one that has been renamed icecat when debian took over the iceweasel name).
It is a known fact that for years 90% or more of mozilla money came from google in exchange for making its search engine the default including tracking through an additional parameter in the URL.
Disabled Encrypted Media Extensions (EME)
Disabled Web Runtime (deprecated as of 2015)
Removed Pocket
Removed Telemetry
Removed data collection
Removed startup profiling
Allow running of all 64-Bit NPAPI plugins
Allow running of unsigned extensions
Removal of Sponsored Tiles on New Tab Page
Addition of Duplicate Tab option
Locale selector in about:preferences > General
For the android version, the f-droid page does not exist anymore since firefox has been removed from f-droid, but there the wiki archive I linked earlier:
https://f-droid.org/wiki/page/org.mozilla.firefox
There used to be a collection of privacy patches to remove all the tracking, leaking and privacy issues but I can't find it through web search, it seems to have been replaced by https://github.com/williex/firefox-privacy
Mozilla insist it is health report, analytics and telemetry which is marketing words for tracking and spying.
> The proprietary module (now long removed) is among the reasons the iceweasel project was born (not the debian one but the GNU one that has been renamed icecat when debian took over the iceweasel name).
Do you have a reference for this? The Wiki page, and the project application, seem just to refer to a desire to avoid non-free plug-ins:
> ALL GNUzilla Programs will basically BE Mozilla Source Builds, with the major exception being the implementation of NO proprietary softwares, including plug-ins, according and adhereing to the GPL.
(http://savannah.gnu.org/task/?4529). That's certainly not inconsistent with what you said, but it seems a stretch to deduce what you said without some other reference.
You can disable it in the settings, and you can install Firefox Klar (the exact same code, but made for more privacy-consious countries) from FDroid[1] which has everything disabled by default.
> " Firefox Klar is a version of Firefox Focus for Germany, Austria and Switzerland with user activity tracking disabled by default." [1]
> "For clients that have "send anonymous usage data" enabled Focus sends a "core" ping and an "event" ping to Mozilla's telemetry service. Sending telemetry can be disabled in the app's settings. Builds of "Focus for Android" have telemetry enabled by default ("opt-out") while builds of "Klar for Android" have telemetry disabled by default." [2]
I don't know but assume its a similar issue as with Google Analytics. In Germany, you are not allowed to use default configured Google Analytics. User IPs are PII for our data protection laws (it is possible for someone on earth to know who is probably behind that IP like telcos). As a consequence, we need to disable IP tracking:
Really strict data privacy laws with a regulatory environment that doesn't play games and heavily leans towards consumer rights. In Germany at least, you're also required to obtain double opt-in and record extensive documentation of the entire opt-in process just for email marketing. If you overstep your bounds and draw the attention of regulators in Germany, it has all the comfort of the Eye of Sauron staring at you[2].
[2] Lord of the Rings reference. Most apt description I can think of for the dread that comes at the mere thought of pissing off German regulators in this area.
Gecko/Webview is a compile-time switch and both the F-Droid and Play Store builds use Webview. The iOS version is Webview-only or Apple wouldn't allow it on the App store.
Technically, Apple does not have a monopoly, unless you want to argue they are the monopolist of the market for iOS devices. They don't even have a majority market share of smartphones in most jurisdictions.
That being said, I still believe it is an abuse of market position, and I'm not sure how we can fight it.
In most parts of the EU Apple has a marketshare around or below 15%. That’s about the same that Windows Phone 7 had at its peak.
So, think about how much of a monopoly position Windows Phone 7 had, and try to imagine Apple had that. You can probably imagine why Apple is not in any shape to abuse their position.
I think I'm only surprised to see this comment and not that Firefox bundled analytics into their app. What's controversial about anonymized usage statistics in 2017?
Well, about the very same moment you see "Browse like no one's watching / Automatically block online tracking while you browse" app starts to silently send some data to app.adjust.com and incoming.telemetry.mozilla.org.
If that's not controversial, that's at least ironic.
(Just to clarify: this particular behavior was observed on a version from a Play Store, not FDroid. And this was about 1.5 months ago or so. But I doubt things had fundamentally changed since then.)
Honestly, if you're browsing through your ISP or carrier's data service, you're not anonymous and people are watching. That point of view is the only way to operate.
Just because everyone is doing it does not mean it is ethical and ok. There is nothing anonymized about sending info about my browsing behaviour to one of the world's biggest corporations that monitors vast amounts of the internet. Mozilla should be doing the good thing, not feed a data kraken.
Windows 10 peed in the pool when it redefined "telemetry" to include core dumps, documents, keystrokes, and even remote terminal access for MS engineers.
Now, people are rightfully suspicious of any software that phones home at all.
MS did take it to the next level, but for me any application which phones home without users consent is in the wrong. This is one of the major reasons I don't use Chrome. Anywhere.
I'm not sure from your comment whether you're just being pedantic in pointing out that while regrettable this isn't surprising (in which case your comment is not very constructive), or whether you actually think it's OK for Firefox to do this.
Since you've used the term "anonymised" quite pointedly, I'm guessing the latter. I do find it surprising that anyone would assume data Google is collecting on your usage is somehow anonymous.
More along the lines of: I now fully expect the cost of entrance for free applications to be data the developers collect of my usage. It's naive to assume otherwise.
That's the case for some, but (1) most applications that lean that way are likely to be closed source as there is a certain sense of apparent moral high ground that comes with open sourcing and (2) more importantly Mozilla sells themselves on respecting privacy, first and foremost.
> I now fully expect the cost of entrance for free applications to be data the developers collect of my usage.
Apparently this is also true of applications & services you pay for these days too. Includes ISPs, cell companies, cable apps where you input your customer code, paid subscriptions to online news... the list is endless.
Historically, even though GA was part of GMS, it did not require GMS to operate. You might be OK without GMS ... but things may have changed since the addition of firebase.
Depends on your views about privacy, tracking, google and mozilla. Also your degree of tolerance.
To me privacy is of vital importance, tracking is to be avoided at all cost, so this is as bad as it can be. But I'm now used to mozilla engaging in tracking, giving away my privacy to google for money and firefox developers punishing users and distros who disabled their included spying tool.
Historically, even though GA was part of GMS, it did not require GMS to operate. You might be OK without GMS. I'm not sure now that there has been transitioning over to firebase.
Have been using this a while, it's really nice as the default browser to open links in. Having the floating button to clear everything is neat and I like the UI desing. It's also really fast.
I'd like to see better support for getting SSL/TLS info - why can't I tap on the padlock and get the certificate info (EV, OV, DV?), cipher suite, HSTS etc?
FYI the most recent version of the Reddit app for iOS (3.5) has an option to open all links in an external browser. Apparently the safari view controller is in the works as well.
This is useful to use as your default browser. It has a quick way to open the same link in another browser, so you can use it as a sort of quarantine to vet unknown links before exposing your main browser and all its juicy user data to a new website.
Wasn't there a huge anti-trust lawsuit against Microsoft for preventing other browsers on their platform? How does Apple get away with it when MS couldn't?
I am not up to date. I didn't realize they allow other browsers now. When I was building iOS apps Apple had specific wording which prevented apps in the app store which duplicated functionality already available in iOS. That meant things like the AdBlock Firefox build could not be published in the App Store.
It was, in great part, their legal team and strategy that pushed me away from Apple.
Apple still doesn't allow true browsers in the app store. Not because they disallow duplicate system applications (plenty of calculator apps out there). The problem is that Apple does not allow any developer to use a browser engine other than built-in Safari. Apple also doesn't allow virtual machines/on the fly compilation of code, making any alternate, fast enough Javascript engine practically impossible.
"Browsers" on iOS, such as Firefox Focus and Chrome, just repurpose the built-in Safari engine with some modifications (bookmark sync, extra content blocking, etc.)
How is this news ? I installed it weeks ago on my IPhone. I don't understand why Mozilla just announced it now. Maybe it's a new version.
On the browser itself, I launched it, navigate on a URI, closed it, relaunched it, type the firsts characters of my previous URI and it auto completed it. From my history I guess.
So it's not like incognito mode on other browsers. (Haven't retested again)
They launched the android version not too long ago. This is probably just a push to get the word out to people who may not have heard. Fair enough in my opinion.
> From my history I guess
I don't think it's from your history. It seems like many common websites are preset to autocomplete; stackoverflow.com for example. Because it doesn't save history this seems like a nice way to reduce friction for users. I could be wrong though.
> I don't think it's from your history. It seems like many common websites are preset to autocomplete; stackoverflow.com for example. Because it doesn't save history this seems like a nice way to reduce friction for users. I could be wrong though.
In my experience, your statement is correct. Firefox Focus does not store history. It does have a long list of sites that it autocompletes. Whenever I visit HN, I actually type news.ycombinator.com into the address bar since Focus does not have bookmarking. But I don't mind that, and consider that as a feature.
It's likely that's because it currently uses the built-in Android WebView (which may store its own pseudo-history). That is a problem, but I believe their plans to replace WebView with Gecko will likely solve this problem. https://github.com/mozilla-mobile/focus-android/issues/13
I wish open source projects publish the compiled .apk file not just the source code.
If I want to install this on my Fire HD I either have to download the .apk from some dodgy mirror site or install Google Play with some workaround on the Fire HD. Cause Firefox Focus is not available in the Amazon App Store. I mean yeah I can do both in the end, not a big deal, but I just want the .apk nothing else.
At least there is Yalp Store now [1]. But I agree it would be nice if more oss projects would provide the apk directly (or even better prepare the project for easy F-Droid inclusion).
It is on FDroid[1], and they provide official builds[2]. I really wish people would actually check stuff like this (that takes a few minutes) before spreading FUD.
As an aside, I only use FDroid on my devices to install APKs (the only exception being Signal which now provides bare APKs[3]).
I did check. And it's not at all clear from FDroid that Klar and Focus are the same thing (and reading the other comments here.. it sounds like maybe there is some difference?)
I almost only use FDroid, but it can be sometimes of a pain. Like not even having Firefox and VLC is kinda bananas
Sure. Sorry for the late response! It is basically maintained by a reputable source (android police) and they also seem to take security seriously. If they cannot verify the origin of an APK for sure, they rather reject it.
The purpose is to be used for quick browsing, like Google Searches, without worrying with trackers and someone getting your history.
You can always use incognito mode, but this is more convenient.
It is also really fast and lightweight, which is a plus for most mobile devices.
It is not meant to replace your main browser (probably).
Also, as rcthompson said in another comment:
> This is useful to use as your default browser. It has a quick way to open the same link in another browser, so you can use it as a sort of quarantine to vet unknown links before exposing your main browser and all its juicy user data to a new website.
Honestly, most of the time when I use Google Searches is because I want to look for something, and I love when Google personalizes results so that if I type "Amiga" it knows it's the computer and I don't want to learn Spanish. Most importantly, I end up visiting lots of websites that I might want to comment on, visit later on/not lose if my phone dies, share with my girlfriend, etc.
I personally don't see any advantage with incognito mode unless you want to hide porn from your spouse, so I guess I'm not the target for a browser created to be incognito-mode-only, and if I was I would probably use Tor, because they might not be share my info, but my IP is there for everyone to see along with the websites I visit.
I want to see the same internet as everyone else. The more my experience is customized to me, the more disconnected I am from people who aren't like me, and the more our views will diverge over time. Ultimately it leads to bad outcomes; Trump, or possibly eventually civil war. So I am against too much automatic hidden customisation.
You might think that's hyperbole. I don't. I'm deadly serious; I think something worse than Trump is coming down the tracks because of an increasingly divided polis, and it's divided because of atomisation of world perspective. Filter bubbles driven by hidden preferences are directly responsible for shielding people from unpleasant perspectives, on both sides.
> I personally don't see any advantage with incognito mode unless you want to hide porn from your spouse,...
This is a very naïve view of what incognito/private browsing mode is for. Tor (not Torbrowser) is very different from incognito/private browsing. Even for your own use, it's another layer of defense to reduce the storage of information on the device about whatever you've been up to. Certainly porn is not the only topic that can polarize people and have them assume things about you. We live in a world where even tiny things can be taken out of context, manipulated and used against us either by the people close to us, or the places we work for, or even the government. You may share a device with someone or allow someone to borrow it. You may have your device stolen while having minimal or no passcode or other protection (like encryption of data stored). There are many layers to look at to be secure enough.
The way I see it, you're putting yourself more at risk if you do not distinguish what requires private/incognito mode (it could even be Facebook), how often you should clear things up (like browsing history, caches) on your device/computer, etc.
> This is a very naïve view of what incognito/private browsing mode is for.
Maybe I didn't word it correctly, I meant that all it's good for is to hide porn from your spouse.
If you think incognito mode protects you in any way, than it's you who is naive.
If anyone really wanted to track you, they can use your IP and see every single page you've visited. Even the size of your window is enough to track you.
Tor is the only tool I know that you can use if you don't want to be tracked.
> We live in a world where even tiny things can be taken out of context, manipulated and used against us either by the people close to us, or the places we work for, or even the government.
Sure, but I think that we shouldn't be paranoid about it (please don't hack my account to prove a point :-)). What is the actual risk that your government will track your browser and use a tiny thing against you? I wear seatbelts because the risk of an accident is high, I don't wear a helmet to protect my head in case a small meteorite hits me.
I don't think any government or anyone has the right to spy on anyone else, and organizations should work to prevent that, but I think a lot of it is hype. We live in a world where people post pictures on Facebook of themselves drunk, doing drugs and showing off things they stole, all while leaving harsh, racist, hateful comments.
I would be worried more about ourselves leaving ever-lasting indications we're idiots on social media, more than about governments spying on us to get evidence to frame us.
I'd quit while you're ahead there niko. Your comments demonstrate a lack of understanding of the space which is totally OK. It is not OK to act in a retaliatory manner when you are not the master of a domain and are specifically called out on it. Humility is the most important skill a software developer can learn.
Thanks to leaks and other revelations we don't need to be paranoid because we have enough information to understand to what extend the overreach goes. We can be reasonably anxious and mistrustful of State run programs.
You don't have a privacy agreement with secret spy programs. Yeah maybe they are just going after the terrorists but maybe they are sharing all data across agencies. Maybe those agencies are using that data in unsavory ways to further their own agendas. A documented example is the DEA using https://en.wikipedia.org/wiki/Parallel_construction to make drug arrests based on data collected illegally.
My main problem is this leaky information/power. I generally trust the folks in the intelligence community to keep each other in check, but, by design there is no transparency for secret programs. There's an opaque group of people getting all the data and the funding. It is the weakest link and we can't inspect it to see how healthy it is. To me it is terrifying to think about the power in those tools and what the right wrong-person could accomplish with the information they have.
Firefox Focus just makes cookies and history ephemeral instead of durable. It looks like it blocks 3rd party scripts by default as well. Blocking 3rd party scripts with uMatrix has been better than using an ad blocker for me. Constantly having to adjust the permissions in uMatrix gives you a real idea of how much crap is tracking you all the time.
Install uMatrix, don't transport literal tons of cocaine across international borders, and you will probably be OK.
Don't be worried about leaving idiotic posts on social media. It apparently doesn't matter for high profile careers.
> If you think incognito mode protects you in any way, than it's you who is naive.
> If anyone really wanted to track you, they can use your IP and see every single page you've visited. Even the size of your window is enough to track you.
> Tor is the only tool I know that you can use if you don't want to be tracked.
Sorry, it seems like you didn't read my post fully or get it. I described that incognito/private browsing mode is one layer of defense, not the only layer. I also provided examples of your device being borrowed by someone else or it being stolen. In those cases, whether you used Tor (not Torbrowser, which I explicitly excluded even in my previous comment) doesn't matter. Whatever your browser has stored on the device - including browsing history, cache, cookies - is available to them to use or sell to others.
Also, I didn't mention the government as the sole hostile entity in my comment. One's own employer may use information in your browser cache on an employer provided device to fire the person or even file a criminal lawsuit against the person. Some malicious program a person downloaded may scrape all information from your caches and send that to insurers or other "data brokers" who in turn would classify you as too high a risk to support. There are far too many possibilities here that I cannot list every single one of them.
As for those who post pictures on social media about being drunk, posting racist messages, etc., that's really bad in many ways, but such protections and more should also start with each of us individually. It's in that space that I see using icognito/private browsing mode as one more helpful layer. Tor is another layer. Encrypting one's devices' storage is another. And so on.
Not everyone enjoys the filter bubble, but I tend to agree with you that always on incognito mode is annoying and does not protect your privacy except from your spouse.
If you want to protect your privacy at least use tor.
But it's been pointed out in the top comment that the browser itself includes a tracking and reporting antifeature. So much for not worrying about tracking.
Depends on what it's tracking.
There's a huge difference between "On average Focus was started 30 times a day by any single user" (which can inform resource allocation decisions for that project) and "bigbugbag was reading hacker news for 4 hours on Tuesday" (uhm. no.)
They should be more transparent and upfront what they're collecting and why though.
> They should be more transparent and upfront what they're collecting and why though.
... on their flagship browser. On their super-private, pinky-swear no tracking we-hate-ads-but-sure-do-love-you tiny browser, there should be... no tracking.
I disagree with you. This should apply to their flagship browser too. Have you read the marketing crap they push about desktop firefox ?
The 100% fresh, free-range, ethical browser
More privacy
Firefox doesn’t sell access to your personal information like other companies. From privacy tools to tracking protection, you’re in charge of who sees what.
More freedom
Following the pack isn’t our style. As part of the non-profit Mozilla, Firefox leads the fight to protect your online rights and champion an Internet that benefits everyone — not just a few.
Then you click the privacy policy and you're welcomed with:
Things you should know
Firefox automatically connects to us and our service providers to provide updates, security, Snippets, Firefox Health Report, and other features.
They also have a very loose definition of personal information: 'For us, "personal information" means information which identifies you, like your name or email address.' In times when we know a handful of cross-referenced metadata is enough to identify someone with a high level of success this is unacceptable from some entity who claims to champion privacy, online rights and user freedom. It only shows that either there are highly incompetent people in charge at mozilla or that they treat their users as too dumb to notice.
IMHO there should no tracking by default on firefox desktop and opt-in for those who want to. Actually I'd even go further and say that no browser should include tracking and should block all trackers, analytics, commercial advertising and other PR words for surveillance, spying and profiling.
With relatively few efforts this was something one could almost achieve, at least get closer to, through extensions in firefox. Mozilla put an end to it by dropping their extension engine.
It also depends on who it is sharing the data with, here it may be shared with google.
It also depends on what the data is used for, let's take an absurdity : 'send drones to kill all users that started Focus 30 times a day on average'
A closer to reality example is "our data shows less than 1% users have alsa only system, our implementation is sort of broken in fringe case and requires an overhaul that we don't want to do so instead of fixing it let's just drop it altogether, less than 1% of users is not enough to matter".
The features you explained are exactly what I was looking for in a mobile browser. In fact, i wish they launch Focus for Desktops operating systems too.
If you don't log in into websites, I don't see why you would leave yourself exposed and very easily hacked with Firefox or private browsing if there's Tor.
Private browsing is NOT secure. It's just a shortcut to avoid clearing your history manually. ANYONE can see who you are, and what sites you visit with easy-to-use tools that are available online for free.
Security is not an absolute. The best you can do is talk about whether something addresses a particular threat model.
There are different tradeoffs to Tor. A big downside is that unencrypted traffic is now easier for intermediaries to read and even change, because of how exit nodes work.
> In fact, i wish they launch Focus for Desktops operating systems too.
Yes, I was just thinking the same thing. I can almost imagine a world where software believes me about what kind of experience I want, "full site" on mobile or "mobile site" on the desktop, rather than browser sniffing followed by awkward clicking around to correct its misapprehensions.
It's amazing how far apart I got from every single one of Mozilla's visions, from using Firefox as my main browser 8 years ago.
I love the fact that—as an example—as I travel Google shows me tools that I'll be interested in, like a currency converter, translate + word of the day in the local language, etc. etc.
I would absolutely hate having my main browser constantly forget who I am. I feel almost blessed every time I visit a website that I can log in with one click (or I'm already logged in), and when I sign up or buy stuff I can autofill my name, email, address, and credit card without having to start from scratch.
I'm not ready to give up extreme convenience and lots of time for the ideal of safeguarding my privacy with Google or Apple.
I absolutely could not agree less. Every time Google shows me some sort of "magic" that I know involves their massive compendium of personal data, I'm reminded of how much I been detest that they've stolen that information from me. No matter how much I opt out, say no, and turn things off, they continue to extract wealth from my need for basic modern services. I can't tell you much much I appreciate Mozilla understanding that and releasing products that feel usable without being exploitive.
> Every time Google shows me some sort of "magic" that I know involves their massive compendium of personal data, I'm reminded of how much I been detest that they've stolen that information from me.
So just use something else! Oh, wait, you want to check your official university e-mail? That's provided by Google now. Oh, wait, you wanted to check city transit information? That's provided by Google now.
(I'd probably use Google for the latter anyway, but it'd be nice to be able to pretend that I had a choice.)
> So just use something else! Oh, wait, you want to check your official university e-mail? That's provided by Google now. Oh, wait, you wanted to check city transit information? That's provided by Google now.
Google's own policies prevent it from doing data mining on GSuite accounts, like official email provided by Google in universities or companies or businesses. I'm sure other providers have similar policies as well. Unless you don't trust Google even a bit, your comparison on the email provider point is useless. I prefer separating things out and examining them instead of combining everything into one single worrisome name.
Every single thing you describe can be done without giving Google all your personal data. Log in with one click, autofill, etc is all browser-local. And currency converter, translations, word of the day, etc can all be done as browser extensions.
> Log in with one click, autofill, etc is all browser-local.
Yes, but if I sign up from my cell phone, I'd like to have that info on my desktop browser automatically and on other computers, so no.
> And currency converter, translations, word of the day, etc can all be done as browser extensions.
Sure, but what a pain. I wouldn't go through the pain of searching, installing, configuring, and then removing an extension for each one of of those things. I just don't care about any of them that much, it was just nice having them there automatically.
> Yes, but if I sign up from my cell phone, I'd like to have that info on my desktop browser automatically and on other computers, so no.
I'm pretty sure Safari will sync that info using iCloud, and I think Firefox has its own sync mechanism that can be used for this.
Or you could use any one of the numerous password managers (I use 1Password).
> Sure, but what a pain. I wouldn't go through the pain of searching, installing, configuring, and then removing an extension for each one of of those things.
If you actually care about having any of those, it's really not hard to search for and install extensions. You seem to be overplaying the difficulty involved here, especially for something of such relative low utility.
I actually love this browser (been using it for a month or two), but it seems like your usage is just different.
I prefer to stay anonymous, but use the "real" FF occasionally for stuff I need to be logged in for. Browsing links friends send me, or checking something with a quick google search is something that I'd rather stay anonymous for, so I prefer having it available.
I cannot agree more, it seems mozilla is out of touch with their users and advocates, don't listen to feedback and just do whatever will lose them the most marketshare and alienates their supporter so their flagship firefox will become irrelevant in the least time possible.
It looks like they're scrambling to try to stay afloat and miss and miss again.
Since I started using Firefox Focus for one-off searches, I'm surprised at how infrequently I really need to be logged into any websites to complete my task. Nice that Focus simply clears all those trackers and search history when I close it.
I'm wondering why this is not a simple setting on firefox. Are they trying to collect data on how many people have interest in privacy or something ? (another comment pointed that Firefox focus tracks users and reports to mozilla)
That was my initial reaction too, but I think it makes sense.
Everyone has use for both full-featured browsing where you can stay logged in to frequent sites, retain history/bookmarks and such, as well as private browsing where you don't want any history kept. On the desktop the way the UI is currently setup, full-featured is the default and private is an extra step you have to take, and as such private is typically only used for special occasions.
Focus reverses this dynamic by making private browsing easier, faster, and more streamlined than full-featured browsing, so people will start making private browser the default for most quick web tasks, and just go to the slower the full-featured browser when they need it.
Having two different launcher icons for these two modes is more convenient for the user, and AFAIK it isn't possible for a single app to install multiple icons in iOS[1]. Besides, not everyone wants to use Firefox as their main mobile browser. So a separate app makes sense.
This would have been perfect for iPad 2's and 3's on which Safari and the normal Firefox keep crashing under the weight of the current bloated web.
But alas, the "simple and lightweight" Firefox Focus actually requires a heavyweight 64-bit processor:
> Why aren't older Apple products supported? Safari Content Blockers (which include Firefox Focus) are only available on devices with an A7 processor (64-bit) or later. Only 64-bit processors can handle the extra load of content blocking, which insures optimal performance. For example, since the iPad 3 has an A5 processor, Firefox Focus is incompatible.[1]
Come on, iPad 2's and 3's are less than 5 years old. There has to be some way to keep the iPad 2 or 3 alive if all you want to do browse the web.
In terms of lightweight iOS browsers, I like iCab Mobile[1]. It's compatible with iOS 7 and up, which should include an updated iPad 2/3. It also natively supports Adblock lists(including EasyList by default).
The claims don't sound like they are based if fact so much as they probably ran into a build issues and they couldn't justify committing the resources to enable supporting older platforms which made up X number of devices.
> For example, if you need to jump on the internet to look up Muddy Waters’ real name
Best idea ever. That's the most common use case people have and one that's drastically underserved by current browsers.
If people can't get their browser to quickly open a link to simple stuff, it means the web is failing. If the web is failing they'll quickly jump over to sending images over WhatsApp or fall into the trap of using the Facebook app for all their needs that could be otherwise served by the web.
For example, if you need to jump on the internet to look
up Muddy Waters’ real name, and instead of “McKinley
Morganfield” you get pop-up ads, screen takeovers,
“sponsored” content and other third-party advertising-
driven distraction, then you know what browser overkill
feels like.
What? I don't understand how that's possible. If you just google search for Muddy Waters, it tells you his real name right on the search results screen. Even if it didn't, his Wikipedia page is one of the first results, and it doesn't have any pop-up ads, screen takeovers, etc.
Am I missing something, or can someone explain what they're referring to?
I think you're taking the example a bit too literally. You know exactly what they're talking about. It's become almost impossible to use a phone browser for anything quick. They are slow to begin with, and with all the ads and other crap it's just not even worth it half the time.
I once read that for this reason, many people send screenshots instead of links - so others don't have to reproduce the right sequence of closing ads, etc to show the content the user is interested in sharing.
Sure, but then you're depending on Google search. And hoping that the information they bring to the top is actually correct. When you actually have to peruse the search list and click on a site, that's when the trouble begins.
When I'm asked to look something up on my LG G2 budget phone, I usually just say "Can't, sorry" or "Sure, give me a few minutes".
That's easy, Firefox could just download a copy of The Internet on installation and run an indexer over it, so that you could look up any information you need. How foolish of them!
Wikipedia's banner ads have grown effectively into full-page interstitials. And then after I blocked the first one, there was a second one embedded in the article.
Not OP but I find the ad-blocking not to be great, and I'd love to have a JS blocker built in. Focus is nice to have as a "default to privacy mode" option, but I definitely end up missing my addons.
I love Focus. I wrote about it here[1], albeit poorly, but it just made me so happy to be able to use my phone again for web browsing. Sometimes I open Chrome and the tab that loads was something I was testing weeks prior... it's taken that big of a backseat to Firefox Focus.
Brave goes further, it's https by default and even includes fingerprint blocking. It's been my default browser for while now and it's a joy to know I'm not feeding the beast.
I have been using this for a while on one of my phones (OnePlus 5, newest version of OxygenOS) and am fairly satisfied with its overall performance. It works seamlessly for casual browsing - i.e. opening pages from Reddit or similar. I however cannot help but feel as if the standard version with appropriate extensions (i.e. Disconnect, uBlock Origin and thus forth) remains a better alternative than Focus in solving the very issues Focus seeks to accommodate. I do very much love how closing the browser erases everything though. It is worth mentioning that the ability to install extensions is exclusive to Android for now, so Firefox Focus has become my go-to-browser for my iOS devices. If you have Android the above is worth considering though!
I love Focus and now use it for almost all of my mobile googling. One thing that would be nice is a share extension, so that when I'm in Safari and see a link I want to open I can share it to Firefox Focus. Right now I have to "share" it to [copy], open Focus, and paste it in. Not a huge hassle, but would be nice to streamline.
Is there a good share to clipboard app? I tried the only one I found once and it tried to open google drive when I tried to use it. I'm not giving Google all the things I copypaste. Now I share to some notepad app and then copy from there.
You could, until mozilla decided to drop support for extensions that made this possible that is.
Alternatively there is waterfox + ublock origins.
Waterfox is firefox without the mozilla crap:
Disabled Encrypted Media Extensions (EME)
Disabled Web Runtime (deprecated as of 2015)
Removed Pocket
Removed Telemetry
Removed data collection
Removed startup profiling
Allow running of all 64-Bit NPAPI plugins
Allow running of unsigned extensions
Removal of Sponsored Tiles on New Tab Page
Addition of Duplicate Tab option
Locale selector in about:preferences > General
I guess not, because it might have several features that could potentially make some websites not work. I don't know if it's entirely w3c proof or not.
I think this browser is rather smartphone oriented, and might "clean up" some pages to make them lighter. I don't know.
Because Firefox Focus isn't itself a browser, but rather a wrapper around Android and iOS's built in browsers. That is why the underlying engine in blink/webkit and not gecko.
I am probably drastically simplifying things but the primary components of the app are just a content blocker and a preferences page.
It's currently also true on Android, because Gecko doesn't yet provide a WebView style embeddable component, so Firefox Focus uses the default Android WebView instead.
It is also the case on Android. It's nice, because many people will want to install it alongside a full-blown browser. And it makes browser startup quite a bit quicker, making it very much effective at this one-off search use-case.
And it happens to block the vast majority of ads, so Mozilla isn't exactly making friends with webpage owners by supplying this. Had they used Gecko for this, then the percentage of people on Gecko with ads blocked would have risen and that might have resulted in webpage owners spending less time to ensure that their webpage isn't broken on Gecko, therefore effectively dragging down the situation for actual Firefox.
Considering how may people still have 8GB/16GB phones, I doubt it. On iOS sometimes you have to delete apps, especially ones that build up large caches like Facebook.
What usually happens with these phones is they have something like 8GB or even 16GB, but they are poorly paritioned. It could be something like 5-6GB for /system (the OS) and they somehow only leave 2GB for the /data partition.
I've seen a phone like this running Lollipop. The best part is when it decides to auto-update all the built-in (Google) apps, collectively consuming a total of 1-1.5GB of /data, at which point Google Play refuses to let you install any apps because you do not have enough free space available.
> What usually happens with these phones is they have something like 8GB or even 16GB, but they are poorly paritioned. It could be something like 5-6GB for /system (the OS) and they somehow only leave 2GB for the /data partition.
> > > Considering how may people still have 8GB/16GB phones, I doubt it. On iOS sometimes you have to delete apps, especially ones that build up large caches like Facebook.
which is clearly referring to the pre-OS available space.
I've been using it as my default browser for Android for a while and I like it. The only thing I don't love is the notification saying the browser is open, it triggers my "OCD" . I understand why it's there but I wish there was some way around it.
> The only thing I don't love is the notification saying the browser is open, it triggers my "OCD" .
Why not just turn off notifications for Firefox Focus? At least on Samsung-skinned Marshmallow, that seems to do the trick.
(Grumble grumble, but it still reminds me that I'm running in power-saving mode, which is a vital notification that only applies whenever the phone's on. Thanks, Samsung!)
Hmm. Just visited a few of the pages I normally visit on my phone in Firefox for Android, and immediately got several pop-ups and banners that don't normally get through.
So I'd say its adblocking is still less effective than regular Firefox for Android + uBlock Origin add-on.
It does feel quite speedy, though. Could possibly be what I start using in the future to read HN articles.
The headline in this submission fails to deliver the primary message of the actual op, which is that Firefox focus is a lightweight mobile browser. That it blocks third-party tracking by default is secondary
It uses Android WebView componenent (in 1.2.1, I am not sure about future releases.)
You can install the Gecko version if you compile the code yourself for now. Although I believe they will probably switch to Servo instead of Gecko once it is ready.
Does Focus have a "HTTPS everywhere" feature? I didn't see mention of it on the site, so I'm guessing not. That is one thing that I'm sorely missing on iOS.
Wonder if they could embed the Tor proxy into the apk, that way it would be completely transparent -- no need to download Orbot whatsoever. This might also work for iOS
I like and use Orbot, but requiring it isn't the greatest UX.
I have really come to appreciate this browser even though I have been using it for just about a month. It is fast and clean. Clicking links from email and knowing they will open in effectively a private browser instance is a great feeling. I missed the multi-tab feature for a little bit but have now adjusted.
People were displeased at first, but you and this article made me try. I like the limited feeling very much; also the interface and theme is slick. Kudos firefox.
That is correct. I use Firefox as my normal mobile browser and opening new tabs for links was what I was familiar with. I haven't missed this too much with Firefox Focus (I actually use Firefox Klar from F-Droid, which is the German variant of Focus without GA libraries) and have come to love its speed and cleanliness. EDIT: clarifying my complicated and confusing initial sentence.
Focus was initially intended for users who are concerned about privacy, but in no way short of helpless in actually trying to get it. The type of user that has trouble finding or even understanding Private Browsing in Firefox. (Focus does not actually protect privacy more than Firefox's Private Browsing mode either.)
Launching a separate app on the other hand is a familiar concept and does also explain quite nicely that browsing history won't be saved, as it's normal that data does not get shared between apps, whereas Private Browsing is a separate concept that needs understanding.
And this in effect had implications on the design. Not having tabs was a deliberate design choice, because this type of casual user does generally not understand those either.
That it would get so much adoption in the tech world was very much unexpected.
I've been using this on Android for weeks. It's super fast, blocks a lot of annoying ads (think jumpy mobile overlays). No bookmarks or tabs, so if you're looking at a recipe for a dish you're making, there's always a chance it gets wiped. Just use Chrome for that. Highly recommend.
Just set Firefox Focus as the default, and if you want to keep the link open, use Menu -> Open with Firefox. That way you can vet links with privacy on by default.
I've been using this on and off for a few months since it came out. It's very smooth and enjoyable to use for looking things up quickly. But Samsung Internet Browser's[0] content blockers (AdBlock Fast, Disconnect) is also smooth and does a better job of blocking ads than Focus. Neither are as good as uBlock Origin, of course, but then you must use the "real" Firefox on Android which is not very smooth and feels very foreign on Android.
Even if apps which don't include analytics package release via Google play store would be subject to collection of device identification metrics. Which could be prevented using module such as Xprivacy as shown here - https://imgur.com/a/AuARo
As an alternative, you can install the regular Firefox (for android at least) and install the uBlock extension. If you don't like the telemetry, like myselves, you just
type about:config in the address bar, and
search telemetry (just by typing) -> disable
Meh. It's been on my iphone for about a year and I've used it maybe a dozen times. It would be nice to be able to open a link from another browser (eg. Endless) but the option isn't available. So it goes by the wayside.
Is it just me, or does the article have a giant animated GIF of the word "simple"? Shouldn't it, y'know, have a picture of the browser or something useful?
>I can't find Firefox Focus in Germany, Austria or Switzerland
>Klar by Firefox is the German-language version and only available in Germany, Austria, and Switzerland. It includes the same features as the English-language app Focus by Firefox.
But if I press the home button to exit the app because my boss is walking up to my desk and then go to show him something on my phone.. he could find some unmentionables. Closing the app could have the same action as closing the page.
A more precise comparison would be always-on incognito plus Disconnect[1]. So, it uses a dumb tracker block list like it could also be enforced by uBlock Origin, and the list that Firefox uses is the list that the Disconnect devs put together.
Then, again, it also depends on which browser's incognito mode you're talking about. Firefox's Private Browsing comes with Tracking Protection, which uses this same block list. So, privacy-wise this is actually identical to Firefox's Private Browsing mode.
The iOS version has been out for a long time, the Android version was released like a month ago or so. I'm guessing, Mozilla is just trying to promote this some more and judging by how many people here did not know of it, that seems like it was a good idea.
With this browser, yes, they are very much targetting technophobes. There's a huge number of people that would like to protect their privacy, but feel absolutely helpless at that. This is Mozilla trying to help these people. This does however not mean that Mozilla as a whole is now targetting technophobes.
Also, Focus has surprisingly been adopted by tons of power users. As a result, Mozilla is now very much working on features for non-technophobes, like tabs, and power users, like Tor support.
After nearly a decade of using Chrome I decided to give FF another shot, having initially switched over due to slowness, an insatiable thirst for memory, and the single process model. I installed on both Windows (10 Pro) and Mac OS.
Initial impressions were good; it seemed snappy, I liked the UI, and it was using less memory than Chrome with the same number of tabs open. A couple of days in things went downhill.
On Mac OS I was getting short freezes every ~10 seconds. I found similar complaints ranging over a period of nearly five years, but no clear resolution. This morning I had FF lock up multiple times while editing Jira tickets. Since FF is still a single process, the entire browser was locked up and required a hard kill, which cost me work.
So, no thanks mozilla, back to Chrome. I know this is one person with one experience, but man, this one experience was pretty off-putting. Maybe I'll try again in another decade.
You probably used version 55. If you're willing to give it another try, it might work quite differently once is on version 57, Nov 14, from what I last read: massive changes are coming, but mainly starting from that version.
Firefox is not anymore singleprocess. It will fall back to singleprocess, if you have an extension installed that's not yet compatible with multiprocess. With the aforementioned Firefox 57, they will switch over to a new extension API and this will also result in those old singleprocess extensions being thrown out, so that's why they haven't bothered trying to make this transparent to users.
I'd encourage you to give Firefox another shot. They've improved a lot in the last couple of versions. More pertinent, in my opinion, is that they're on a promising trajectory and I'd expect it to be incredible in the medium term.
According to F-Droid [1], it contains `com.google.android.gms:play-services-analytics`.
[1]: https://gitlab.com/fdroid/rfp/issues/171#note_30410376
Focus (for Android) doesn't use Google analytics directly, but it's an indirect dependency - see below.
Focus does have:
- Mozilla telemetry: enabled by default in Focus, disabled by default in Klar. This only sends data to Mozilla servers, and only concerns what features people use (i.e. do people use share, do people use custom tabs, do people clear using the bin button or the notification). This stuff is used for deciding what features to prioritise (or remove), and doesn't involve Google servers.
- Adjust SDK: an install attribution tool (aka install referrer tracking). This is only used to determine whether the app was installed as the result of a specific (google-hosted) ad campaign. Adjust depends on play-services-analytics. ( https://www.adjust.com/glossary/install-referrer/ ). This only comes into play if you install the app from the play store (which funnily enough Google own). This is the only time play-services-analytics shuld be used, i.e. on first install. This is also disabled in Klar.
(The more interesting question is: could Focus receive the INSTALL_REFERRER itself for ads attribution instead of using Adjust? That data might be meaningless without asking google to tell you where it came from, and they provided it in the first place anyway...)
The hypocrisy to advertise "tracking protection" as a key feature and then send tracking data to your own servers is hillarious.
The kind of intrusive cross-site “we want to know evetyrging you do on the internet” style tracking that focus blocks is completely different than the minimal application usage telemetry that it collects.
Focus increments a counter if you search. With no way of knowing who you are, what you searched for or any way to correlate it to other telemetry.
Pretty sure they will get your IP. If you use any other Mozilla product, chances are they know who you are. And they can correlate it with other telemetry data. Not saying they do, just that they can.
The biggest problem with this line of thinking is telemetry data _can_ be used extremely effectively to "serve you better".
Denying the ability to collect telemetry data for privacy conscious products is to deny them the ability to improve their products using data-driven approaches that have been proven to be overwhelmingly effective in practice.
This would be an extremely heavy handicap, and could very easily make a tangible difference in the prospect for any such product to gain the market share and the resulting network effects needed to become and remain competitive with products and companies that couldn't care less about your privacy.
So at the end of the day, condemning companies like Mozilla who clearly make a serious effort to collect only the most essential and non-identifiable metrics to improve their product can be quite counter-productive if your endgame is for privacy-conscious apps and companies to be as successful as their mainstream counterparts one day.
Firefox is very judicious about collecting data.
https://wiki.mozilla.org/Telemetry/FAQ
It collects things like "how slow is rendering" or "do you use feature X?". It's all anonymized, and you can verify this from the source (you can also turn it off). Folks are very careful if adding new telemetry metrics.
This isn't trackable data.
https://www.edge.org/response-detail/27195
I'm okay with telemetry, if it makes Firefox better. It's a way of 'paying' for Firefox. Your trust has to go somewhere eventually, and Mozilla doesn't seem like a bad option.
Anonymised data would make me happier though :)
IIRC it is pretty anonymized already. I don't recall the details.
Also, Mozilla's privacy policy explains what Mozilla can do with the data. Generally it's not a matter of trusting the company as much as it is believing they'll follow their own privacy policy, which IMO is a reasonable assumption for most companies (including Facebook and Google, which use your data but do tell you about it)
>This is exactly what every company tells you why they collect data. "To serve you better ..."
But sometimes it is true and sometimes it is not. The difference matters.
Collecting aggregate usage statistics does not have the same consequences as building detailed personal profiles and storing them indefinitely.
I'll add an anecdote as a counter-example (I think the details might be a bit off here, it might not be VS):
Visual Studio removed 'macro' functionality, and a bunch of developers went to the forums to complain and demand an explanation.
That explanation was as follows: None of those developers enabled "send usage feedback," so the usage statistics for macros was close to 0%. The developers sensibly thought it made sense to stop supporting that feature.
There's a tradeoff associated with extreme privacy, and perfect is the enemy of good.
Hypothetical example... but what nefarious things can one do knowing that some anonymous user happens to e.g. refresh pages a lot (or even, how can that data be sold)? OTOH it does let the developers know whether removing the refresh button would affect a lot of users. Or whether moving it elsewhere is sensible (e.g. to the toolbar if used a lot, or into a deeper menu if rarely used).
Sure, this example is contrived. But in some cases features make app development more complicated (ALSA support in desktop firefox might be a better example, but I'm not super familiar with that case). Knowing that a feature isn't used makes it easy to accurately remove crufty/complicated features without negatively impacting a lot of users. And makes it possible to justify retaining complex features that happen to be useful to many users.
Same story with crash reports (typically users have to explicitly confirm sending crash reports in many applications, no idea what kind of system Focus uses though). You need to know which issues are actually important, developers don't have infinite time (as much as we wish we did).
(I used to be sceptical too... but you're sailing blind without this kind of data, and ultimately hurting both yourself and your users.)
The data that is sent doesn't contain any relatable information, but you still have to connect to the Mozilla server to deliver it which in turn could be associated with the content you sent.
Mozilla unlikely does that right now, but they have to advertise truthfully nonetheless. Even if the reason is merely that people won't turn on that feature otherwise, there is no need for us to tolerate such hypocrisy.
Why not do privacy properly? Then the first comment in any conversation won't be well, there is that in-house telemetry.
> some anonymous user happens to e.g. refresh pages a lot
This makes me shudder. I don't want tcp/ip packets flowing from my computer to yours, telling you how often I refresh.
>what nefarious things can one do knowing that some anonymous user happens to e.g. refresh pages a lot (or even, how can that data be sold)?
Page refresh pattern data would go a long way in deanonymizing the user panopticlick style.
What is Klar? edits- from anothe comment:
"Firefox Klar is a version of Firefox Focus for Germany, Austria and Switzerland with user activity tracking disabled by default."
Yes it collects anonymous analytics by default but you can disable it in the settings. It's not a conspiracy. https://support.mozilla.org/en-US/kb/send-anonymous-usage-da...
You can't advertise as a "private browser" an get away with that PR bullshit. "Anonymous" usage data is anything but when the server receiving it can easily tell who it's coming from. Mozilla is not the user, it breaks the entire idea of privacy.
As people below have already added their comments, I just want to give my two cents. This is not PR bullshit, but the Focus team can consider asking users on first run.
This private browser, having been using it since beta on iOS, is nothing more than just a private browsing window like the one offered in Desktop version (I am not here to debate the technical implementation since I do not know).
Telemetry does not break privacy. Privacy is a contract between the user and the product creator. In this case, Mozilla offers opt-out and does its best effort to document. User has the right to opt out or even choose not to use the software.
To me, this is a positive user feedback, but not some PR bullshit (frustration I get it). When someone says your session is private under TLS, well, your IP and user-agent are almost guaranteed captured in server logs, but you can choose to believe/not believe the service provider promises in the respective ToS.
Part of the problem is when Mozilla gives data to Google, there is no way of knowing what Google does with it.
If you want to trust Mozilla AND Google AND trust that no gag orders have been issued to the above companies by the NSA, CIA, FBI et al, fine. That's the way 99% of apps work. They all have privacy policies, and people generally trust them.
The whole point of explicitly "private" or "anonymous" software is that there are a bunch of users that do NOT trust the above.
Calling your software "private browsing software" and then having Google-anything embedded in it is like serving vegetables cooked in chicken broth and calling your dish "vegetarian". Although 90% of the population will gladly eat your chicken broth, it's disingenuous to sell it to actual vegetarians.
As mentioned elsewhere in this thread, the Google SDK is only used to record whether the app was installed by way of an ad campaign Mozilla is running on Google. All other telemetry data goes directly to Mozilla servers, and contains things like "feature X was used"—not browsing data.
Since it's all free software, you can check what events are actually sent here: https://github.com/mozilla-mobile/focus-android/blob/master/...
That is not actually what I said. The only component we use for campaign tracking is Adjust which has nothing to do with google services. Adjust has gone through a very tough vetting process.
Better to quote you directly:
> - Adjust SDK: an install attribution tool (aka install referrer tracking). This is only used to determine whether the app was installed as the result of a specific (google-hosted) ad campaign. Adjust depends on play-services-analytics. ( https://www.adjust.com/glossary/install-referrer/ ).
play-services-analytics is what I meant by "the Google SDK" in question; sorry if that was unclear!
Mozilla does not give data to Google. Why do you think that? Can you be more concrete?
You include an untrusted, proprietary binary from Google. Not directly, but as a recursive dependency: com.google.android.gms:play-services-analytics
So, yes, you give data to Google. The Google analytics dependency you include could literally be malware, and you could not test, or know. And you never know if it doesn’t just decide to steal your data and transmit it all, be it by Google’s decision or because an NSL was issued to demand Google do that.
So, yes, as soon as you include this dependency, the entire browser has to be considered compromised, and you might as well just use Google Chrome.
> So, yes, you give data to Google.
I'd like to see some actual evidence that we can act upon rather than a strong unsubstantiated opinion. If we really leak anything than I will stand corrected and the team will fix that promptly.
That's pretty simple. Don't use proprietary software.
That's the simple question you can act upon.
No proprietary software, and don't even think about doing any tracking until you have explicit opt-in.
Because that library is there does not mean that we are giving data to Google. It does not even mean that it is active or that it is sending anything.
This is a very strange conclusion that you present. I feel you are just twisting and turning to come to an unfavourable outcome here.
Even Google has decent data collection policies. They will not randomly make an application collect data without the developer opting in. We did not opt in. We are not including any sort of google analytics api key to enable anything.
In any case I have filed https://github.com/mozilla-mobile/focus-android/issues/1174
> Even Google has decent data collection policies.
I’m not sure if you’re trying to intentionally ignore the issue here.
You are asking people to trust Google. If people trusted Google, they’d use Google Chrome in the first place. Your entire userbase is people that don’t trust Google, at all.
If you use Google proprietary software in Firefox, and tell people to just trust Google, you just entirely destroyed every value Firefox ever had, and your own job.
The whole purpose of Firefox is that I don’t have to trust Google. That I don’t even have any kind of interaction with Google. That I can exist without having to use Google’s technology.
If you use Google Analytics in Firefox’ Addon menu, or in Firefox Focus, and say "but Google doesn’t technically track people because we have a contract with them", then I can just as well use Chrome. If I trusted Google to keep their word, I’d use Chrome.
Chrome runs far faster, looks better, is easier usable, has better addon support, works with more websites because everyone only supports Chrome anymore, it actually supports 10 bit video, oh, and it even does hardware video decoding on Linux.
The entire reason anyone still uses Firefox is because they don’t trust Google. If you ask people to trust Google, you’re literally telling them to just use Google Chrome.
That is the elephant in the room that everyone at mozilla tries to ignore by putting Google Analytics into the addon menu of Firefox (and, as result, also in the Tor browser), and by importing a Google Analytics library into Firefox Focus. This destroys the one single value that Firefox has in the current world: It’s not Google.
I don't think they're ignoring the issue, I think you're pushing an issue that they've already explained in parts of their statement that you chose not to quote.
> st3fan: Because that library is there does not mean that we are giving data to Google. It does not even mean that it is active or that it is sending anything.
Having gone through the comment chain in other places it seems like your entire position in the debate between you and st3fan is based on ignoring what he's actually saying in general. In response to their request for evidence your responded
>That's pretty simple. Don't use proprietary software.
which sidesteps the query entirely and does nothing to lend credibility to your original position.
I don't expect to change your mind and frankly I don't have a reason to, but if your goal is to have productive or persuasive conversations then you may want to evaluate your current communication strategy.
It is disappointing that it seems the Mozilla representative on this thread does not appreciate that Google cannot be trusted on this. Anyone who has been a Chrome user for a period of time, and tried to use its privacy settings to stay private, will have noticed that they do not observe their own policies. Their entire business is based on monitoring people to improve targeting of advertising. I am technical (former CTO) and have put a lot of time into carefully tweaking settings for privacy, and there is no question that Google "cheat" on this.
I thought Firefox Focus was a great step forward in privacy, but I am dismayed to see it includes Google code, that it uses a third party analytics library, and that the developers do not see either of those as a big problem.
Well, the browsing is private. The way you obtain and use the browser isn't necessarily. It's an important distinction, though it's certainly still enough to be a dealbreaker for some.
You can also download the APK directly from the github repo or fdroid if you don’t want to use the play store.
very good analogy. thanks :)
>Telemetry does not break privacy. [...] User has the right to [...] choose not to use the software. So, every software is the pinnacle of privacy, right? After all, you don't have to use them... Idiot.
If you don't trust Mozilla, you shouldn't use their browser at all regardless of what packages it imports.
I think you're being a little silly though.
I don't have to trust them if the code is open source and it doesn't send any data back to them or anyone else unless I explicitly allow it. I will try this browser and I will turn off telemetry, just like I do with Firefox. What makes me angry is why call it a "private browser" and not take it all the way? You can accomplish everything this browser does with Firefox except you have to configure it, why leave this one last thing enabled by default? I know no one at Mozilla really thinks "you can trust us" is a valid claim in the privacy game so something else is up, probably not a conspiracy, but at the very least, the wrong people are making some calls.
you can say that about Google, but never of a open source project.
people have minimal ownership of code and time they contributed. they should not allow people to screw the project over without being vocal.
its like someone invading your home, breaking everything, and people just telling you "if you don't like it just move elsewhere".
Absolutely correct jasonkostempski. YouTube search any martech data analytics talk to prove the "anonymous" is anything but. That anonymous I'd is ran through 15 data streams and linked back to your primary id. That's the only way the figured out the multi device single user analytics.
Reading that link it says nothing about disabling Google analytics, which is what the parent post implies is at play here. It is not clear that is the case, but if it is, the disable button does nothing to help you.
Firefox's about:config does not seem to work on FF Focus either.
Focus does not use Google Analytics. I dont understand how people came to that conclusion. Focus does not talk to any Google services at all.
There is no Google Analytics in Focus. Check the source code please to verify this.
Focus uses Adjust, Adjust uses com.google.android.gms:play-services-analytics.
Ergo, Focus uses com.google.android.gms:play-services-analytics.
Ergo, Focus talks to certain Google Services.
If you recursively import a proprietary binary, it still ends up in the resulting apk. I’ve checked the APK, the Google Analytics libary ends up in it, and it is not in any way sandboxed from the rest of the browser.
It may end up in the APK but that does not mean it is actually used. This is the unfortunate side effect of pulling in dependencies with dependencies.
I can assure you that Adjust does not talk to google analytics behind our backs. It may have that option, but we did not configure it to use that functionality. What would it talk to, we did not configure an API key.
I will find out if we can remove this dependency to avoid confusion.
Filed https://github.com/mozilla-mobile/focus-android/issues/1174
(And for completeness, Adjust source code at https://github.com/adjust/android_sdk)
I'm relatively uninformed here, but Google often requires Android app developers to bundle Google Play Services for various features like Chromecast[1]. It is possible that the Mozilla folks needed Google Play Services for some feature.
[1]: https://developers.google.com/cast/docs/android_sender_setup
I'm a developer, and I've worked with this before, but the library included here has only the purpose of analytics, and is not required for anything else.
Google has recently been moving GCM over to FCM, since the Firebase acquisition, and FCM has a hard dependency on the analytics library for some reason (even if you're not availing of the service - perhaps as a veiled upsell attempt).
It seems very likely that Firefox would be making use of GCM/FCM - I think most major apps do - so this could be it.
Incidentally, this same topics is one of the main controversies around the development of the Signal chat client - it uses GCM, which a good few prospective users object to on similar grounds.
Unfortunately, unless you've rooted your phone, GCM/FCM is the only battery-efficient way to provide push to Android phones.
> Unfortunately, unless you've rooted your phone, GCM/FCM is the only battery-efficient way to provide push to Android phones.
But, and this is the interesting part, the userspace library of FCM can be easily reversed and cloned (the information required for that is here https://gist.github.com/justjanne/153bd4886f92be0ee57fb40842...), and the system-side part of FCM has been cloned in an open way (see the µG project).
I was aware of the µG project (it requires root to install though), but I'm not sure I see the point/relevance of cloning the userspace library outside of using it with µG. If you don't have µG, your cloned userspace library is still sending everything through Google's servers right?
Note: I should possibly have been clearer above by saying "is the only battery-efficient way to provide push to Android phones without root"
Focus and Klar do not use GCM.
IIRC, Signal now falls back to not using GCM if it isn't available on the phone, so users concerned with that which don't have Google Play Services on their phone can still use Signal. Of course of it is available Signal will use GCM, for the battery savings.
Maybe, but Mozilla has a quite a record for using firefox for surveillance and spying purpose, the early versions of firefox had a proprietary modules just for this purpose and the recent version have 'telemetry'.
AFAIK f-droid always had a warning about firefox containing and promoting non free in addition of tracking users
from https://f-droid.org/wiki/page/org.mozilla.firefox :
This app has the NonFreeAdd Antifeature. This app has the Tracking Antifeature. This app has the UpstreamNonFree Antifeature.
It is not surveillance or spying ffs!!!! It is telemetry, which is anonymized data for the purpose of statistics and crash analysis.
remember, you can check the source code. You can build your own version. Telemetry helps people. Telemetry helps Mozilla deliver better firefox. STOP SPREADING FUD.
Im sure ad companies claim much the same thing, tracking is just telemetry for statistical anonymized bulk purposes, that is really just benefiting the user!
The point is you cant have it both ways, both decrying tracking of users and then actively enaging in it, and agressively defending it when it comes to light.
Except for the part where you completely ignored their point that you and anyone else with security concerns can conduct their own audit of the code and verify whether or not the telemetry functionality is performing in the manner described.
show me where i can audit the google play store analytics code, or what is running on their servers.
Focus and Klar do not use the Google Play Store Analytics. Mozilla has their own Telemetry service. This documentation is a good start: https://github.com/mozilla-mobile/focus-android/wiki/Telemet...
You have to understand how extremely strict Mozilla is with using third-party services for things like crash reporting and telemetry. It is extremely difficult to find services that meet our very high standard for privacy.
Yet this thread is about how the firefox APKs contain google analytics code....
My guess is that it is a dependency of the Adjust SDK that Focus uses. See https://github.com/adjust/android_sdk/blob/master/README.md
Wait... Focus doesn't use Google Analytics because they don't meet your very high standards for privacy. But it does use Adjust, which means Adjust does meet your very high standards, even though it uses Google Analytics?
This is a misunderstanding. Adjust does not use google analytics. You are connecting unrelated things. The existence of a library, which actually is not a google analytics library, does not mean at all this app talks to google servers.
AFAIK Focus and Adjust make no connections to google. Check the source?
But Adjust only comes into play when the app is installed by clicking on a Google ad campaign. So at that point, Google already knows you've clicked on the ad and installed the app (because that's how they bill Mozilla).
I don’t think Adjust is for Google ad campaigns actually. It is used for links we put in our emails or in Firefox desktop. Or for ads that we buy on Facebook. I don’t think there is any connection to google.
Focus is an open source project with no secrets. It is easy to verify your claims by looking at the code.
The telemetry is documented in detail at https://github.com/mozilla-mobile/focus-android/wiki/Telemet...
We also include Adjust in Focus (not in Klar) for attribution tracking - to understand where the install came from. (This is useful if you are spending money on campaigns and you would like to understand what campaigns are the most effective)
If you have questions or suggestions, check the https://github.com/mozilla-mobile/focus-android/blob/master/... for ways to reach the team.
Mozilla can solve this problem the right way by doing what debian does when it wants to collect statistics: Ask users if they want to donate their information to Mozilla on first run or during the installer.
Recording users' behavior by default with informing the user clearly and giving him the option to opt-out is abhorrent, regardless of the benignity of the reason behind it.
Disclosure: I use firefox, but periodically strip all relevant hidden add-ons and disable all information sending possible.
> Mozilla can solve this problem the right way by doing what debian does when it wants to collect statistics: Ask users if they want to donate their information to Mozilla on first run or during the installer.
> Recording users' behavior by default with informing the user clearly and giving him the option to opt-out is abhorrent, regardless of the benignity of the reason behind it.
(Even as a Firefox/Mozilla fan,) I completely agree that this behavior is what Mozilla should follow everywhere. I always choose to enable telemetry for Firefox because I want to help Mozilla and trust it. But defaults need to be sensible and protective of the user, first and foremost. If most people choose to turn it off on first run when asked for, then the actions to be taken would be educating users (in simple language) on the scope of data collection and improving the reputation of the organization/company behind it.
I dunno. The stats are really super useful for insight into how REAL PEOPLE (not self-selected do-gooders) use the software, and also how new things (like Stylo!) interact with the many unique hardware, driver, software environments people run Firefox on.
Then let's record video and audio from everyone who has installed Firefox to understand even better how the real users use the browser. Let's also record all the sites they visit and all the keys they press on a virtual keyboard.
Is this FUD or serious? Because they are certainly claiming to be the opposite of that these days.
Mozilla have used various telemetry tools over time to assist with product development. It's possible they're trying to covertly track users but unlikely. It should certainly be known and public but does not necessarily equate to spying.
Intent makes absolutely no difference. If an application is sending any information, anywhere that is not controlled by the user, and only the user, even if the user can clearly see all of it, it is, by definition, not private. No matter what Mozilla says, anonymity cannot be guaranteed. If they want feedback, they should ask for permission after a crash is detected locally. It should offer the options "No"; "No, never ask again"; and "Yes, ask again for future errors". It should explicitly not offer "Yes, always send" and "Always send" sure as hell should not be the default in a "private browser". The only way you can truly trust someone is when you don't have to.
> It's possible they're trying to covertly track users but unlikely.
No, it's not possible.
Mozilla employees and community members are very talented and capable people, but they are not capable for keeping a nefarious secret :) hehe
This is simply history.
The proprietary module (now long removed) is among the reasons the iceweasel project was born (not the debian one but the GNU one that has been renamed icecat when debian took over the iceweasel name).
It is a known fact that for years 90% or more of mozilla money came from google in exchange for making its search engine the default including tracking through an additional parameter in the URL.
There is waterfox a project to build a firefox version free of the mozilla tracking and crap: https://www.waterfoxproject.org/
For the android version, the f-droid page does not exist anymore since firefox has been removed from f-droid, but there the wiki archive I linked earlier: https://f-droid.org/wiki/page/org.mozilla.firefoxThere used to be a collection of privacy patches to remove all the tracking, leaking and privacy issues but I can't find it through web search, it seems to have been replaced by https://github.com/williex/firefox-privacy
Mozilla insist it is health report, analytics and telemetry which is marketing words for tracking and spying.
Iceweasel was born out of trademark issues not telemetry.
https://en.m.wikipedia.org/wiki/GNU_IceCat#history
> The proprietary module (now long removed) is among the reasons the iceweasel project was born (not the debian one but the GNU one that has been renamed icecat when debian took over the iceweasel name).
Do you have a reference for this? The Wiki page, and the project application, seem just to refer to a desire to avoid non-free plug-ins:
> ALL GNUzilla Programs will basically BE Mozilla Source Builds, with the major exception being the implementation of NO proprietary softwares, including plug-ins, according and adhereing to the GPL.
(http://savannah.gnu.org/task/?4529). That's certainly not inconsistent with what you said, but it seems a stretch to deduce what you said without some other reference.
They just recently had a PR disaster because Firefox included Google Analytics in the Addon menu.
https://news.ycombinator.com/item?id=14753546
I don’t think that was a “pr disaster” - vocal minority is loud but not that loud.
You can disable it in the settings, and you can install Firefox Klar (the exact same code, but made for more privacy-consious countries) from FDroid[1] which has everything disabled by default.
[1]: https://f-droid.org/packages/org.mozilla.klar/
This is odd because https://f-droid.org/wiki/page/org.mozilla.klar is already part of F-Droid and appears exactly the same .. but with a different name.
> " Firefox Klar is a version of Firefox Focus for Germany, Austria and Switzerland with user activity tracking disabled by default." [1]
> "For clients that have "send anonymous usage data" enabled Focus sends a "core" ping and an "event" ping to Mozilla's telemetry service. Sending telemetry can be disabled in the app's settings. Builds of "Focus for Android" have telemetry enabled by default ("opt-out") while builds of "Klar for Android" have telemetry disabled by default." [2]
[1]: https://f-droid.org/packages/org.mozilla.klar/
[2]: https://github.com/mozilla-mobile/focus-android/wiki/Telemet...
What's special about Germany, Austria and Switzerland that they don't get the user activity tracking?
I don't know but assume its a similar issue as with Google Analytics. In Germany, you are not allowed to use default configured Google Analytics. User IPs are PII for our data protection laws (it is possible for someone on earth to know who is probably behind that IP like telcos). As a consequence, we need to disable IP tracking:
https://developers.google.com/analytics/devguides/collection...
Really strict data privacy laws with a regulatory environment that doesn't play games and heavily leans towards consumer rights. In Germany at least, you're also required to obtain double opt-in and record extensive documentation of the entire opt-in process just for email marketing. If you overstep your bounds and draw the attention of regulators in Germany, it has all the comfort of the Eye of Sauron staring at you[2].
[1] https://blogs.oracle.com/marketingcloud/email-marketing-clar...
[2] Lord of the Rings reference. Most apt description I can think of for the dread that comes at the mere thought of pissing off German regulators in this area.
Enforced strict privacy laws.
Could be related to having a history of having to deal with mass surveillance, see stasi.
Laws that make this kind of tracking without explicit opt-in a crime. As it should be everywhere.
Their governments care about privacy.
Looks to me like that app patches out the Gecko webview.
Gecko/Webview is a compile-time switch and both the F-Droid and Play Store builds use Webview. The iOS version is Webview-only or Apple wouldn't allow it on the App store.
I think you meant WebKit for the iOS version?
Oh, it uses Webkit? Huh
Required for iOS or Apple won't allow it on the store.
Why hasn't the EU charged Apple for abusing the monopoly position? Didn't they do that to Microsoft, or has Apple sweetened them up in some other way?
Technically, Apple does not have a monopoly, unless you want to argue they are the monopolist of the market for iOS devices. They don't even have a majority market share of smartphones in most jurisdictions. That being said, I still believe it is an abuse of market position, and I'm not sure how we can fight it.
In most parts of the EU Apple has a marketshare around or below 15%. That’s about the same that Windows Phone 7 had at its peak.
So, think about how much of a monopoly position Windows Phone 7 had, and try to imagine Apple had that. You can probably imagine why Apple is not in any shape to abuse their position.
I think I'm only surprised to see this comment and not that Firefox bundled analytics into their app. What's controversial about anonymized usage statistics in 2017?
Well, about the very same moment you see "Browse like no one's watching / Automatically block online tracking while you browse" app starts to silently send some data to app.adjust.com and incoming.telemetry.mozilla.org.
If that's not controversial, that's at least ironic.
(Just to clarify: this particular behavior was observed on a version from a Play Store, not FDroid. And this was about 1.5 months ago or so. But I doubt things had fundamentally changed since then.)
Checkout the histograms: https://telemetry.mozilla.org/ Do other vendors let you see their metric dashboards?
And if you feel statistics of time to FIRST_PAINT invades your privacy you can disable telemetry reporting.
You can also see what your browser collects in about:telemetry, but don't equate performance measurements with surveillance -- that's FUD.
Gosh. It's not about what's being sent, and why.
It's about a certain promise^W marketing statement and behavior that at least partially contradicts it.
Honestly, if you're browsing through your ISP or carrier's data service, you're not anonymous and people are watching. That point of view is the only way to operate.
Ah. I see your point. I failed to consider the context of this application in particular.
Just because everyone is doing it does not mean it is ethical and ok. There is nothing anonymized about sending info about my browsing behaviour to one of the world's biggest corporations that monitors vast amounts of the internet. Mozilla should be doing the good thing, not feed a data kraken.
Windows 10 peed in the pool when it redefined "telemetry" to include core dumps, documents, keystrokes, and even remote terminal access for MS engineers.
Now, people are rightfully suspicious of any software that phones home at all.
MS did take it to the next level, but for me any application which phones home without users consent is in the wrong. This is one of the major reasons I don't use Chrome. Anywhere.
Remote access for MS engineers? Can you explain please?
I'm not sure from your comment whether you're just being pedantic in pointing out that while regrettable this isn't surprising (in which case your comment is not very constructive), or whether you actually think it's OK for Firefox to do this.
Since you've used the term "anonymised" quite pointedly, I'm guessing the latter. I do find it surprising that anyone would assume data Google is collecting on your usage is somehow anonymous.
More along the lines of: I now fully expect the cost of entrance for free applications to be data the developers collect of my usage. It's naive to assume otherwise.
EDIT: grammar
That's the case for some, but (1) most applications that lean that way are likely to be closed source as there is a certain sense of apparent moral high ground that comes with open sourcing and (2) more importantly Mozilla sells themselves on respecting privacy, first and foremost.
> I now fully expect the cost of entrance for free applications to be data the developers collect of my usage.
Apparently this is also true of applications & services you pay for these days too. Includes ISPs, cell companies, cable apps where you input your customer code, paid subscriptions to online news... the list is endless.
Are you from Google or the NSA?
Man people have really lowered their standards with privacy these days.
Historically, even though GA was part of GMS, it did not require GMS to operate. You might be OK without GMS ... but things may have changed since the addition of firebase.
How bad is that?
Depends on your views about privacy, tracking, google and mozilla. Also your degree of tolerance.
To me privacy is of vital importance, tracking is to be avoided at all cost, so this is as bad as it can be. But I'm now used to mozilla engaging in tracking, giving away my privacy to google for money and firefox developers punishing users and distros who disabled their included spying tool.
How are they punishing users who disabled their included spying (if any) tool ?
We found Stallman, here he is
not sure this is related but I notice by default analytics are sent to firefox in the options. On IOS it says "send anonymous usage data to firefox"
Same option on Android - I'm curious if this is related as well, or if there are separate Google analytics being sent.
Historically, even though GA was part of GMS, it did not require GMS to operate. You might be OK without GMS. I'm not sure now that there has been transitioning over to firebase.
Have been using this a while, it's really nice as the default browser to open links in. Having the floating button to clear everything is neat and I like the UI desing. It's also really fast.
I'd like to see better support for getting SSL/TLS info - why can't I tap on the padlock and get the certificate info (EV, OV, DV?), cipher suite, HSTS etc?
You should request that feature! https://github.com/mozilla-mobile/focus-ios (ios/android)
Yeah that would be cool. Do you know of any iOS apps that currently support this?
I installed Firefox Focus for iOS simply for its content blocker. I still prefer using mobile safari, but augmented with three content blockers:
- Firefox Focus, which blocks all sorts of stuff
- 1Blocker, which blocks all sorts of stuff
- Unobstruct, which blocks Medium's "dickbar" popups.
Made me laugh to see that Gruber's term is catching on
Same. Used dickbar in conversation recently to almost pure silence. Very apt.
to see or not to see https://twitter.com/search?q=%23dickbar
that is the question
Does this work in embedded browser? More often than not I don't open links within Twitter/Reddit mobile app bc I can't stand some intrusive ads.
If that app uses a Safari View Controller.
FYI the most recent version of the Reddit app for iOS (3.5) has an option to open all links in an external browser. Apparently the safari view controller is in the works as well.
It also supports "Chrome" Custom Tabs on Android.
I just looked up Unobstruct, and surprisingly the author's article about it is on Medium: https://medium.com/@tgaul/introducing-unobstruct-230e4e95cf5...
Well, I guess if I sold sunscreen I'd do it at the beach.
This is useful to use as your default browser. It has a quick way to open the same link in another browser, so you can use it as a sort of quarantine to vet unknown links before exposing your main browser and all its juicy user data to a new website.
If only it were possible to set a default browser on iOS.
Wasn't there a huge anti-trust lawsuit against Microsoft for preventing other browsers on their platform? How does Apple get away with it when MS couldn't?
Probably a mix of Apple not having a monopoly in the mobile space and other browsers till being allowed on the app store.
Allowing other browsers to be installed didn't stop Microsoft from losing an anti-trust suit.
I am not up to date. I didn't realize they allow other browsers now. When I was building iOS apps Apple had specific wording which prevented apps in the app store which duplicated functionality already available in iOS. That meant things like the AdBlock Firefox build could not be published in the App Store.
It was, in great part, their legal team and strategy that pushed me away from Apple.
Apple still doesn't allow true browsers in the app store. Not because they disallow duplicate system applications (plenty of calculator apps out there). The problem is that Apple does not allow any developer to use a browser engine other than built-in Safari. Apple also doesn't allow virtual machines/on the fly compilation of code, making any alternate, fast enough Javascript engine practically impossible.
"Browsers" on iOS, such as Firefox Focus and Chrome, just repurpose the built-in Safari engine with some modifications (bookmark sync, extra content blocking, etc.)
I think the simplest answer is that no one has sued them for it yet.
or just install Firefox with noScript. (until we get umatrix to work on fennec)
remove the rule that allows script from the original domain. done. now all sites will be quarantine, until you white list them.
How is this news ? I installed it weeks ago on my IPhone. I don't understand why Mozilla just announced it now. Maybe it's a new version.
On the browser itself, I launched it, navigate on a URI, closed it, relaunched it, type the firsts characters of my previous URI and it auto completed it. From my history I guess.
So it's not like incognito mode on other browsers. (Haven't retested again)
> news?
They launched the android version not too long ago. This is probably just a push to get the word out to people who may not have heard. Fair enough in my opinion.
> From my history I guess
I don't think it's from your history. It seems like many common websites are preset to autocomplete; stackoverflow.com for example. Because it doesn't save history this seems like a nice way to reduce friction for users. I could be wrong though.
>> From my history I guess
> I don't think it's from your history. It seems like many common websites are preset to autocomplete; stackoverflow.com for example. Because it doesn't save history this seems like a nice way to reduce friction for users. I could be wrong though.
In my experience, your statement is correct. Firefox Focus does not store history. It does have a long list of sites that it autocompletes. Whenever I visit HN, I actually type news.ycombinator.com into the address bar since Focus does not have bookmarking. But I don't mind that, and consider that as a feature.
Well maybe my memory tricks me. But it was a very specific URL so I don't know. I was giving it a try to specifically test that.
I've just tested it again and indeed it haven't occurred again.
A good thing so :)
No in-app bookmarks, but you can use "add to home screen" to get a shortcut.
Is that on android and/or ios?
Definitely yes on Android. I don't know for iOS.
Maybe that's a feature of your launcher? I can't see it in any of firefox focus' menus, the share list or long-press on a link options.
Weird! It's on the only menu in Focus for me, the same level as "settings." I wouldn't have thought a launcher could do that. I use Nova Launcher.
I've been using it since months now. Focus started as ad blocker and now it has a private browser too since a few months.
Focus does not seem to erase your history in a way you may expect. Try this on Android:
- Erase your history.
- Go to HN, click any link you haven't clicked before.
- Wait for it to load.
- Erase your history. Make sure you see the notification "Your browsing history has been erased".
- Go to HN again, and see the link you've just clicked still highlighted as 'visited'.
It's likely that's because it currently uses the built-in Android WebView (which may store its own pseudo-history). That is a problem, but I believe their plans to replace WebView with Gecko will likely solve this problem. https://github.com/mozilla-mobile/focus-android/issues/13
That's concerning, I tested further and found that if you quit the app from task switcher it clears the visited highlight.
I'll check if there's an issue filed for this tomorrow.
I wish open source projects publish the compiled .apk file not just the source code.
If I want to install this on my Fire HD I either have to download the .apk from some dodgy mirror site or install Google Play with some workaround on the Fire HD. Cause Firefox Focus is not available in the Amazon App Store. I mean yeah I can do both in the end, not a big deal, but I just want the .apk nothing else.
https://github.com/mozilla-mobile/focus-android/releases
In case anyone else didn't click through, AaronMT's succinct post is a link to the github release page for the Android version.
It includes apk download links in addition to source code links and Google play store links.
The thing GP was complaining Mozilla weren't doing.
Uh thanks... My fault!
You should be able to download such APKs from F-Droid or its fancier "frontend" - https://fossdroid.com/a/firefox-klar.html
At least there is Yalp Store now [1]. But I agree it would be nice if more oss projects would provide the apk directly (or even better prepare the project for easy F-Droid inclusion).
[1] https://f-droid.org/packages/com.github.yeriomin.yalpstore/
You should absolutely install Google Play store on the Fire HD. It's not difficult.
That drags in all the other google services and "telemetry" and gives google root on his phone, which he may not want
It's on Fdroid
Same issue for every Chinese user... just pray its on Fdroid or get shady apps from the Xiaomi store
It is on FDroid[1], and they provide official builds[2]. I really wish people would actually check stuff like this (that takes a few minutes) before spreading FUD.
As an aside, I only use FDroid on my devices to install APKs (the only exception being Signal which now provides bare APKs[3]).
[1]: https://f-droid.org/packages/org.mozilla.klar/ [2]: https://github.com/mozilla-mobile/focus-android/releases [3]: https://signal.org/android/apk/
I did check. And it's not at all clear from FDroid that Klar and Focus are the same thing (and reading the other comments here.. it sounds like maybe there is some difference?)
I almost only use FDroid, but it can be sometimes of a pain. Like not even having Firefox and VLC is kinda bananas
apkmirror.com is not dodgy. It is also the only apk website I'd trust.
Can you offer more information about why you trust it?
Sure. Sorry for the late response! It is basically maintained by a reputable source (android police) and they also seem to take security seriously. If they cannot verify the origin of an APK for sure, they rather reject it.
http://www.androidpolice.com/2014/11/19/meet-apk-mirror/
https://www.apkmirror.com/faq/#What_measures_do_you_take_to_...
Agreed. Perhaps send them a note.
So, if I understand this correctly... It's a regular browser, but like you're always in private mode + it's got a built-in ad blocker?
If I want to check Hacker News let's say 5 times throughout the day and feel like leaving a comment, I have to login again, without autocomplete..?
Maybe I'm missing something.
The purpose is to be used for quick browsing, like Google Searches, without worrying with trackers and someone getting your history.
You can always use incognito mode, but this is more convenient.
It is also really fast and lightweight, which is a plus for most mobile devices.
It is not meant to replace your main browser (probably).
Also, as rcthompson said in another comment:
> This is useful to use as your default browser. It has a quick way to open the same link in another browser, so you can use it as a sort of quarantine to vet unknown links before exposing your main browser and all its juicy user data to a new website.
I see.
Honestly, most of the time when I use Google Searches is because I want to look for something, and I love when Google personalizes results so that if I type "Amiga" it knows it's the computer and I don't want to learn Spanish. Most importantly, I end up visiting lots of websites that I might want to comment on, visit later on/not lose if my phone dies, share with my girlfriend, etc.
I personally don't see any advantage with incognito mode unless you want to hide porn from your spouse, so I guess I'm not the target for a browser created to be incognito-mode-only, and if I was I would probably use Tor, because they might not be share my info, but my IP is there for everyone to see along with the websites I visit.
I want to see the same internet as everyone else. The more my experience is customized to me, the more disconnected I am from people who aren't like me, and the more our views will diverge over time. Ultimately it leads to bad outcomes; Trump, or possibly eventually civil war. So I am against too much automatic hidden customisation.
You might think that's hyperbole. I don't. I'm deadly serious; I think something worse than Trump is coming down the tracks because of an increasingly divided polis, and it's divided because of atomisation of world perspective. Filter bubbles driven by hidden preferences are directly responsible for shielding people from unpleasant perspectives, on both sides.
Everyone else is getting a customized internet view. Using Google through a private browser ensures you see an internet seen by nobody else.
An internet seen by other private browsers.
> I personally don't see any advantage with incognito mode unless you want to hide porn from your spouse,...
This is a very naïve view of what incognito/private browsing mode is for. Tor (not Torbrowser) is very different from incognito/private browsing. Even for your own use, it's another layer of defense to reduce the storage of information on the device about whatever you've been up to. Certainly porn is not the only topic that can polarize people and have them assume things about you. We live in a world where even tiny things can be taken out of context, manipulated and used against us either by the people close to us, or the places we work for, or even the government. You may share a device with someone or allow someone to borrow it. You may have your device stolen while having minimal or no passcode or other protection (like encryption of data stored). There are many layers to look at to be secure enough.
The way I see it, you're putting yourself more at risk if you do not distinguish what requires private/incognito mode (it could even be Facebook), how often you should clear things up (like browsing history, caches) on your device/computer, etc.
> This is a very naïve view of what incognito/private browsing mode is for.
Maybe I didn't word it correctly, I meant that all it's good for is to hide porn from your spouse.
If you think incognito mode protects you in any way, than it's you who is naive.
If anyone really wanted to track you, they can use your IP and see every single page you've visited. Even the size of your window is enough to track you.
Tor is the only tool I know that you can use if you don't want to be tracked.
> We live in a world where even tiny things can be taken out of context, manipulated and used against us either by the people close to us, or the places we work for, or even the government.
Sure, but I think that we shouldn't be paranoid about it (please don't hack my account to prove a point :-)). What is the actual risk that your government will track your browser and use a tiny thing against you? I wear seatbelts because the risk of an accident is high, I don't wear a helmet to protect my head in case a small meteorite hits me.
I don't think any government or anyone has the right to spy on anyone else, and organizations should work to prevent that, but I think a lot of it is hype. We live in a world where people post pictures on Facebook of themselves drunk, doing drugs and showing off things they stole, all while leaving harsh, racist, hateful comments.
I would be worried more about ourselves leaving ever-lasting indications we're idiots on social media, more than about governments spying on us to get evidence to frame us.
I'd quit while you're ahead there niko. Your comments demonstrate a lack of understanding of the space which is totally OK. It is not OK to act in a retaliatory manner when you are not the master of a domain and are specifically called out on it. Humility is the most important skill a software developer can learn.
Thanks to leaks and other revelations we don't need to be paranoid because we have enough information to understand to what extend the overreach goes. We can be reasonably anxious and mistrustful of State run programs.
This is what Google stores for you based on your agreed privacy terms: https://myactivity.google.com/myactivity
You don't have a privacy agreement with secret spy programs. Yeah maybe they are just going after the terrorists but maybe they are sharing all data across agencies. Maybe those agencies are using that data in unsavory ways to further their own agendas. A documented example is the DEA using https://en.wikipedia.org/wiki/Parallel_construction to make drug arrests based on data collected illegally.
My main problem is this leaky information/power. I generally trust the folks in the intelligence community to keep each other in check, but, by design there is no transparency for secret programs. There's an opaque group of people getting all the data and the funding. It is the weakest link and we can't inspect it to see how healthy it is. To me it is terrifying to think about the power in those tools and what the right wrong-person could accomplish with the information they have.
Firefox Focus just makes cookies and history ephemeral instead of durable. It looks like it blocks 3rd party scripts by default as well. Blocking 3rd party scripts with uMatrix has been better than using an ad blocker for me. Constantly having to adjust the permissions in uMatrix gives you a real idea of how much crap is tracking you all the time.
Install uMatrix, don't transport literal tons of cocaine across international borders, and you will probably be OK.
Don't be worried about leaving idiotic posts on social media. It apparently doesn't matter for high profile careers.
I might agree with the rest, but this:
> It is not OK to act in a retaliatory manner when you are not the master of a domain and are specifically called out on it.
Who did I retaliate against? And who called me out on what, exactly?
I'm saying that Firefox Focus is a little toy if you really care about privacy, and to use Tor if you want be safe from spying.
I visit https://myactivity.google.com/myactivity every once in a while, but so far Google has used that information to make my life A LOT easier.
The retaliatory comment I referenced was
>If you think incognito mode protects you in any way, than it's you who is naive.
newscracker called you out specifically in the parent post with
> This is a very naïve view of what incognito/private browsing mode is for.
I see.
> If you think incognito mode protects you in any way, than it's you who is naive.
> If anyone really wanted to track you, they can use your IP and see every single page you've visited. Even the size of your window is enough to track you.
> Tor is the only tool I know that you can use if you don't want to be tracked.
Sorry, it seems like you didn't read my post fully or get it. I described that incognito/private browsing mode is one layer of defense, not the only layer. I also provided examples of your device being borrowed by someone else or it being stolen. In those cases, whether you used Tor (not Torbrowser, which I explicitly excluded even in my previous comment) doesn't matter. Whatever your browser has stored on the device - including browsing history, cache, cookies - is available to them to use or sell to others.
Also, I didn't mention the government as the sole hostile entity in my comment. One's own employer may use information in your browser cache on an employer provided device to fire the person or even file a criminal lawsuit against the person. Some malicious program a person downloaded may scrape all information from your caches and send that to insurers or other "data brokers" who in turn would classify you as too high a risk to support. There are far too many possibilities here that I cannot list every single one of them.
As for those who post pictures on social media about being drunk, posting racist messages, etc., that's really bad in many ways, but such protections and more should also start with each of us individually. It's in that space that I see using icognito/private browsing mode as one more helpful layer. Tor is another layer. Encrypting one's devices' storage is another. And so on.
Not everyone enjoys the filter bubble, but I tend to agree with you that always on incognito mode is annoying and does not protect your privacy except from your spouse.
If you want to protect your privacy at least use tor.
Exactly.
I don't see how private browsing can protect you in any way, while your IP is in the clear along with all HTTP requests you make.
But it's been pointed out in the top comment that the browser itself includes a tracking and reporting antifeature. So much for not worrying about tracking.
Depends on what it's tracking. There's a huge difference between "On average Focus was started 30 times a day by any single user" (which can inform resource allocation decisions for that project) and "bigbugbag was reading hacker news for 4 hours on Tuesday" (uhm. no.)
They should be more transparent and upfront what they're collecting and why though.
> They should be more transparent and upfront what they're collecting and why though.
... on their flagship browser. On their super-private, pinky-swear no tracking we-hate-ads-but-sure-do-love-you tiny browser, there should be... no tracking.
I disagree with you. This should apply to their flagship browser too. Have you read the marketing crap they push about desktop firefox ?
The 100% fresh, free-range, ethical browser
More privacy
Firefox doesn’t sell access to your personal information like other companies. From privacy tools to tracking protection, you’re in charge of who sees what.
More freedom
Following the pack isn’t our style. As part of the non-profit Mozilla, Firefox leads the fight to protect your online rights and champion an Internet that benefits everyone — not just a few.
Then you click the privacy policy and you're welcomed with:
Things you should know
Firefox automatically connects to us and our service providers to provide updates, security, Snippets, Firefox Health Report, and other features.
They also have a very loose definition of personal information: 'For us, "personal information" means information which identifies you, like your name or email address.' In times when we know a handful of cross-referenced metadata is enough to identify someone with a high level of success this is unacceptable from some entity who claims to champion privacy, online rights and user freedom. It only shows that either there are highly incompetent people in charge at mozilla or that they treat their users as too dumb to notice.
IMHO there should no tracking by default on firefox desktop and opt-in for those who want to. Actually I'd even go further and say that no browser should include tracking and should block all trackers, analytics, commercial advertising and other PR words for surveillance, spying and profiling.
With relatively few efforts this was something one could almost achieve, at least get closer to, through extensions in firefox. Mozilla put an end to it by dropping their extension engine.
It also depends on who it is sharing the data with, here it may be shared with google.
It also depends on what the data is used for, let's take an absurdity : 'send drones to kill all users that started Focus 30 times a day on average'
A closer to reality example is "our data shows less than 1% users have alsa only system, our implementation is sort of broken in fringe case and requires an overhaul that we don't want to do so instead of fixing it let's just drop it altogether, less than 1% of users is not enough to matter".
>Maybe I'm missing something.
The features you explained are exactly what I was looking for in a mobile browser. In fact, i wish they launch Focus for Desktops operating systems too.
I think you're looking for the Tor Browser.
If you don't log in into websites, I don't see why you would leave yourself exposed and very easily hacked with Firefox or private browsing if there's Tor.
Private browsing is NOT secure. It's just a shortcut to avoid clearing your history manually. ANYONE can see who you are, and what sites you visit with easy-to-use tools that are available online for free.
> Private browsing is NOT secure.
Security is not an absolute. The best you can do is talk about whether something addresses a particular threat model.
There are different tradeoffs to Tor. A big downside is that unencrypted traffic is now easier for intermediaries to read and even change, because of how exit nodes work.
> In fact, i wish they launch Focus for Desktops operating systems too.
Yes, I was just thinking the same thing. I can almost imagine a world where software believes me about what kind of experience I want, "full site" on mobile or "mobile site" on the desktop, rather than browser sniffing followed by awkward clicking around to correct its misapprehensions.
There are already minimalist desktop browsers if you want one. For example, http://surf.suckless.org/
You didn't read the article, that's why you're "missing something".
Your assumptions are correct.
Mh.
It's amazing how far apart I got from every single one of Mozilla's visions, from using Firefox as my main browser 8 years ago.
I love the fact that—as an example—as I travel Google shows me tools that I'll be interested in, like a currency converter, translate + word of the day in the local language, etc. etc.
I would absolutely hate having my main browser constantly forget who I am. I feel almost blessed every time I visit a website that I can log in with one click (or I'm already logged in), and when I sign up or buy stuff I can autofill my name, email, address, and credit card without having to start from scratch.
I'm not ready to give up extreme convenience and lots of time for the ideal of safeguarding my privacy with Google or Apple.
I absolutely could not agree less. Every time Google shows me some sort of "magic" that I know involves their massive compendium of personal data, I'm reminded of how much I been detest that they've stolen that information from me. No matter how much I opt out, say no, and turn things off, they continue to extract wealth from my need for basic modern services. I can't tell you much much I appreciate Mozilla understanding that and releasing products that feel usable without being exploitive.
> Every time Google shows me some sort of "magic" that I know involves their massive compendium of personal data, I'm reminded of how much I been detest that they've stolen that information from me.
So just use something else! Oh, wait, you want to check your official university e-mail? That's provided by Google now. Oh, wait, you wanted to check city transit information? That's provided by Google now.
(I'd probably use Google for the latter anyway, but it'd be nice to be able to pretend that I had a choice.)
> So just use something else! Oh, wait, you want to check your official university e-mail? That's provided by Google now. Oh, wait, you wanted to check city transit information? That's provided by Google now.
Google's own policies prevent it from doing data mining on GSuite accounts, like official email provided by Google in universities or companies or businesses. I'm sure other providers have similar policies as well. Unless you don't trust Google even a bit, your comparison on the email provider point is useless. I prefer separating things out and examining them instead of combining everything into one single worrisome name.
Every single thing you describe can be done without giving Google all your personal data. Log in with one click, autofill, etc is all browser-local. And currency converter, translations, word of the day, etc can all be done as browser extensions.
> Log in with one click, autofill, etc is all browser-local.
Yes, but if I sign up from my cell phone, I'd like to have that info on my desktop browser automatically and on other computers, so no.
> And currency converter, translations, word of the day, etc can all be done as browser extensions.
Sure, but what a pain. I wouldn't go through the pain of searching, installing, configuring, and then removing an extension for each one of of those things. I just don't care about any of them that much, it was just nice having them there automatically.
> Yes, but if I sign up from my cell phone, I'd like to have that info on my desktop browser automatically and on other computers, so no.
I'm pretty sure Safari will sync that info using iCloud, and I think Firefox has its own sync mechanism that can be used for this.
Or you could use any one of the numerous password managers (I use 1Password).
> Sure, but what a pain. I wouldn't go through the pain of searching, installing, configuring, and then removing an extension for each one of of those things.
If you actually care about having any of those, it's really not hard to search for and install extensions. You seem to be overplaying the difficulty involved here, especially for something of such relative low utility.
I actually love this browser (been using it for a month or two), but it seems like your usage is just different.
I prefer to stay anonymous, but use the "real" FF occasionally for stuff I need to be logged in for. Browsing links friends send me, or checking something with a quick google search is something that I'd rather stay anonymous for, so I prefer having it available.
I cannot agree more, it seems mozilla is out of touch with their users and advocates, don't listen to feedback and just do whatever will lose them the most marketshare and alienates their supporter so their flagship firefox will become irrelevant in the least time possible.
It looks like they're scrambling to try to stay afloat and miss and miss again.
On iOS, it also ships a comprehensive Safari content blocker which will work in Safari and embedded WebKit views.
Nitpick: not just any UIWebView, but only the Safari view controller.
Since I started using Firefox Focus for one-off searches, I'm surprised at how infrequently I really need to be logged into any websites to complete my task. Nice that Focus simply clears all those trackers and search history when I close it.
I'm wondering why this is not a simple setting on firefox. Are they trying to collect data on how many people have interest in privacy or something ? (another comment pointed that Firefox focus tracks users and reports to mozilla)
That was my initial reaction too, but I think it makes sense.
Everyone has use for both full-featured browsing where you can stay logged in to frequent sites, retain history/bookmarks and such, as well as private browsing where you don't want any history kept. On the desktop the way the UI is currently setup, full-featured is the default and private is an extra step you have to take, and as such private is typically only used for special occasions.
Focus reverses this dynamic by making private browsing easier, faster, and more streamlined than full-featured browsing, so people will start making private browser the default for most quick web tasks, and just go to the slower the full-featured browser when they need it.
Having two different launcher icons for these two modes is more convenient for the user, and AFAIK it isn't possible for a single app to install multiple icons in iOS[1]. Besides, not everyone wants to use Firefox as their main mobile browser. So a separate app makes sense.
[1] https://stackoverflow.com/questions/10048541/multiple-icons-...
It's not difficult. I have all my browsers set to clear cache, cookies, and history on exit, no 3rd party cookies, no password saving.
This would have been perfect for iPad 2's and 3's on which Safari and the normal Firefox keep crashing under the weight of the current bloated web.
But alas, the "simple and lightweight" Firefox Focus actually requires a heavyweight 64-bit processor:
> Why aren't older Apple products supported? Safari Content Blockers (which include Firefox Focus) are only available on devices with an A7 processor (64-bit) or later. Only 64-bit processors can handle the extra load of content blocking, which insures optimal performance. For example, since the iPad 3 has an A5 processor, Firefox Focus is incompatible.[1]
Come on, iPad 2's and 3's are less than 5 years old. There has to be some way to keep the iPad 2 or 3 alive if all you want to do browse the web.
[1] https://support.mozilla.org/en-US/kb/focus
This is an Apple restriction, not a Firefox restriction. Focus is a Safari webview, so Mozilla is limited by what features Apple allows them to use.
They might have been able to get by without the 64bit requirement if it just blocked content in the webview, but it also blocks trackers in Safari.
In terms of lightweight iOS browsers, I like iCab Mobile[1]. It's compatible with iOS 7 and up, which should include an updated iPad 2/3. It also natively supports Adblock lists(including EasyList by default).
[1]https://itunes.apple.com/us/app/icab-mobile-web-browser/id30...
The claims don't sound like they are based if fact so much as they probably ran into a build issues and they couldn't justify committing the resources to enable supporting older platforms which made up X number of devices.
You could always try to build it yourself.
> For example, if you need to jump on the internet to look up Muddy Waters’ real name
Best idea ever. That's the most common use case people have and one that's drastically underserved by current browsers.
If people can't get their browser to quickly open a link to simple stuff, it means the web is failing. If the web is failing they'll quickly jump over to sending images over WhatsApp or fall into the trap of using the Facebook app for all their needs that could be otherwise served by the web.
Am I missing something, or can someone explain what they're referring to?
> Am I missing something
I think you're taking the example a bit too literally. You know exactly what they're talking about. It's become almost impossible to use a phone browser for anything quick. They are slow to begin with, and with all the ads and other crap it's just not even worth it half the time.
I once read that for this reason, many people send screenshots instead of links - so others don't have to reproduce the right sequence of closing ads, etc to show the content the user is interested in sharing.
Sure, but then you're depending on Google search. And hoping that the information they bring to the top is actually correct. When you actually have to peruse the search list and click on a site, that's when the trouble begins.
When I'm asked to look something up on my LG G2 budget phone, I usually just say "Can't, sorry" or "Sure, give me a few minutes".
That's easy, Firefox could just download a copy of The Internet on installation and run an indexer over it, so that you could look up any information you need. How foolish of them!
Wikipedia's banner ads have grown effectively into full-page interstitials. And then after I blocked the first one, there was a second one embedded in the article.
Firefox Focus is great. It's amazing how much better web readability and performance gets when you block most of the adtech garbage.
What exactly is great about firefox focus ? What does it have over installing ublock origins in any other browser ?
Not OP but I find the ad-blocking not to be great, and I'd love to have a JS blocker built in. Focus is nice to have as a "default to privacy mode" option, but I definitely end up missing my addons.
Read the article.
how do you install ublock on android chrome?
I love Focus. I wrote about it here[1], albeit poorly, but it just made me so happy to be able to use my phone again for web browsing. Sometimes I open Chrome and the tab that loads was something I was testing weeks prior... it's taken that big of a backseat to Firefox Focus.
[1]: https://epatr.com/blog/2017/firefox-focus/
There is also the Brave browser, which I believe covers the same ground : https://play.google.com/store/apps/details?id=com.brave.brow...
Brave goes further, it's https by default and even includes fingerprint blocking. It's been my default browser for while now and it's a joy to know I'm not feeding the beast.
Nice try Brave boy
I have been using this for a while on one of my phones (OnePlus 5, newest version of OxygenOS) and am fairly satisfied with its overall performance. It works seamlessly for casual browsing - i.e. opening pages from Reddit or similar. I however cannot help but feel as if the standard version with appropriate extensions (i.e. Disconnect, uBlock Origin and thus forth) remains a better alternative than Focus in solving the very issues Focus seeks to accommodate. I do very much love how closing the browser erases everything though. It is worth mentioning that the ability to install extensions is exclusive to Android for now, so Firefox Focus has become my go-to-browser for my iOS devices. If you have Android the above is worth considering though!
Hasn't it been available for a while now?
Yes, it has.
Portable Apps Man!!!
Also, why the blog post then? I've had this app on my phone for many months now.
I think it's in conjunction with the 1.1 release which adds a few things.
I love Focus and now use it for almost all of my mobile googling. One thing that would be nice is a share extension, so that when I'm in Safari and see a link I want to open I can share it to Firefox Focus. Right now I have to "share" it to [copy], open Focus, and paste it in. Not a huge hassle, but would be nice to streamline.
Is there a good share to clipboard app? I tried the only one I found once and it tried to open google drive when I tried to use it. I'm not giving Google all the things I copypaste. Now I share to some notepad app and then copy from there.
> Is there a good share to clipboard app?
There's the clipboard...
Share extension eh ... :-)
Looks awesome and fast. Exactly what’s needed and expected from Mozilla. Thank you!
Can we have something similar for desktop as well?
You could, until mozilla decided to drop support for extensions that made this possible that is.
Alternatively there is waterfox + ublock origins.
Waterfox is firefox without the mozilla crap:
Adding a bunch of legacy extensions to your Firefox is going to do the opposite of making it a fast, lightweight browser.
GNU IceCat does many of the same things. And you can get it on FDroid as IceCatMobile.
I guess not, because it might have several features that could potentially make some websites not work. I don't know if it's entirely w3c proof or not.
I think this browser is rather smartphone oriented, and might "clean up" some pages to make them lighter. I don't know.
Why can Firefox build a browser with 16mb and yet every other app on my phone is 80+mb?
Because Firefox Focus isn't itself a browser, but rather a wrapper around Android and iOS's built in browsers. That is why the underlying engine in blink/webkit and not gecko.
I am probably drastically simplifying things but the primary components of the app are just a content blocker and a preferences page.
I would guess that's only true on IOS, because apps are forced to use the operating system's webview?
It's currently also true on Android, because Gecko doesn't yet provide a WebView style embeddable component, so Firefox Focus uses the default Android WebView instead.
There's a bug tracking work to migrate to Gecko though: https://github.com/mozilla-mobile/focus-android/issues/13 (see also the linked https://bugzilla.mozilla.org/show_bug.cgi?id=1322573)
It is also the case on Android. It's nice, because many people will want to install it alongside a full-blown browser. And it makes browser startup quite a bit quicker, making it very much effective at this one-off search use-case.
And it happens to block the vast majority of ads, so Mozilla isn't exactly making friends with webpage owners by supplying this. Had they used Gecko for this, then the percentage of people on Gecko with ads blocked would have risen and that might have resulted in webpage owners spending less time to ensure that their webpage isn't broken on Gecko, therefore effectively dragging down the situation for actual Firefox.
It isn't a priority. Most people are fine with 80mb so it is better to optimize elsewhere.
Considering how may people still have 8GB/16GB phones, I doubt it. On iOS sometimes you have to delete apps, especially ones that build up large caches like Facebook.
wow those people are lucky and high on consumerism, my phone had 2GB.
> wow those people are lucky and high on consumerism, my phone had 2GB.
How? Lollipop, the first Google hit for "Android OS size on phone" (https://android.stackexchange.com/questions/118896/how-much-...), seems to be about 5 GB. (Maybe you don't run Android, or maybe a very old version?)
What usually happens with these phones is they have something like 8GB or even 16GB, but they are poorly paritioned. It could be something like 5-6GB for /system (the OS) and they somehow only leave 2GB for the /data partition.
I've seen a phone like this running Lollipop. The best part is when it decides to auto-update all the built-in (Google) apps, collectively consuming a total of 1-1.5GB of /data, at which point Google Play refuses to let you install any apps because you do not have enough free space available.
> What usually happens with these phones is they have something like 8GB or even 16GB, but they are poorly paritioned. It could be something like 5-6GB for /system (the OS) and they somehow only leave 2GB for the /data partition.
Oh, so you read bigbugbag's comment (https://news.ycombinator.com/item?id=15049992)
> > wow those people are lucky and high on consumerism, my phone had 2GB.
as saying that it's 2 GB after the system installation? That seems to make it a strange response to itg's comment (https://news.ycombinator.com/item?id=15049947)
> > > Considering how may people still have 8GB/16GB phones, I doubt it. On iOS sometimes you have to delete apps, especially ones that build up large caches like Facebook.
which is clearly referring to the pre-OS available space.
Could be a variety of reasons, bad design, cross-platform design, ad-supported and tracking you, siphoning your data, lots of graphical element, etc.
facebook apps are good examples of this.
I've been using it as my default browser for Android for a while and I like it. The only thing I don't love is the notification saying the browser is open, it triggers my "OCD" . I understand why it's there but I wish there was some way around it.
> The only thing I don't love is the notification saying the browser is open, it triggers my "OCD" .
Why not just turn off notifications for Firefox Focus? At least on Samsung-skinned Marshmallow, that seems to do the trick.
(Grumble grumble, but it still reminds me that I'm running in power-saving mode, which is a vital notification that only applies whenever the phone's on. Thanks, Samsung!)
I've been loving focus. Fastest mobile browser I've used. Appreciate the privacy features also.
I set it to my default browser and keep chrome handy on the side.
Hmm. Just visited a few of the pages I normally visit on my phone in Firefox for Android, and immediately got several pop-ups and banners that don't normally get through.
So I'd say its adblocking is still less effective than regular Firefox for Android + uBlock Origin add-on.
It does feel quite speedy, though. Could possibly be what I start using in the future to read HN articles.
The headline in this submission fails to deliver the primary message of the actual op, which is that Firefox focus is a lightweight mobile browser. That it blocks third-party tracking by default is secondary
Just an FYI, by default it phones home to Mozilla.
Yeah that was kind of my point, this isn't intended to be a "private browser" and the headline misleads
There's also the duckduckgo app, which seems similar to this, although not sure how they differ.
https://duckduckgo.com/app
On Android, Focus appears to use the Gecko renderer. My guess is that the DDG app uses the system webview.
It uses Android WebView componenent (in 1.2.1, I am not sure about future releases.)
You can install the Gecko version if you compile the code yourself for now. Although I believe they will probably switch to Servo instead of Gecko once it is ready.
Also check out Brave. I found Brave and I really like it.
https://www.brave.com/
Does Focus have a "HTTPS everywhere" feature? I didn't see mention of it on the site, so I'm guessing not. That is one thing that I'm sorely missing on iOS.
Edit: It seems not: https://github.com/mozilla-mobile/focus-ios/issues/155
My favorite feature is that it blocks ads in safari. I'm surprised more people and Mozilla aren't mentioning it more.
I like this app a lot -- very fast and convenient.
Could this someday integrate Tor, making it sort of an amnesiac Tor Browser for mobile?
It is already planned to be implemented into the Ebony milestone, which itself is planned to be released on October 12 of this year.
This is the relevant issue on their GitHub repo: https://github.com/mozilla-mobile/focus-android/issues/66
edit: Please note that this is for the Android version only.
Wonder if they could embed the Tor proxy into the apk, that way it would be completely transparent -- no need to download Orbot whatsoever. This might also work for iOS
I like and use Orbot, but requiring it isn't the greatest UX.
I have really come to appreciate this browser even though I have been using it for just about a month. It is fast and clean. Clicking links from email and knowing they will open in effectively a private browser instance is a great feeling. I missed the multi-tab feature for a little bit but have now adjusted.
People were displeased at first, but you and this article made me try. I like the limited feeling very much; also the interface and theme is slick. Kudos firefox.
ps: it's a potential modern dillo.
Did it use to support multiple tabs?
No, it doesn't -- I think the GP is stating that they were used to multiple tabs in a browser before they switched to Focus.
That is correct. I use Firefox as my normal mobile browser and opening new tabs for links was what I was familiar with. I haven't missed this too much with Firefox Focus (I actually use Firefox Klar from F-Droid, which is the German variant of Focus without GA libraries) and have come to love its speed and cleanliness. EDIT: clarifying my complicated and confusing initial sentence.
I wouldn't consider tabs 'every beta bell and whistle' :-/
If you can live without tabs, try it, it's great.
Focus was initially intended for users who are concerned about privacy, but in no way short of helpless in actually trying to get it. The type of user that has trouble finding or even understanding Private Browsing in Firefox. (Focus does not actually protect privacy more than Firefox's Private Browsing mode either.)
Launching a separate app on the other hand is a familiar concept and does also explain quite nicely that browsing history won't be saved, as it's normal that data does not get shared between apps, whereas Private Browsing is a separate concept that needs understanding.
And this in effect had implications on the design. Not having tabs was a deliberate design choice, because this type of casual user does generally not understand those either.
That it would get so much adoption in the tech world was very much unexpected.
So, tabs are being worked on, Tor integration is coming, this sort of stuff. Tabs might take a little while still, though: https://github.com/mozilla-mobile/focus-android/issues/960
Thanks for the background information, I am looking forward to Focus 3.0 now :-)
I've been using this on Android for weeks. It's super fast, blocks a lot of annoying ads (think jumpy mobile overlays). No bookmarks or tabs, so if you're looking at a recipe for a dish you're making, there's always a chance it gets wiped. Just use Chrome for that. Highly recommend.
I have tried to set normal Firefox (55) for Android browser to open links by default in private mode but unfortunately I don't know how.
Why "browser.privatebrowsing.autostart" set to "true" does not work on Android version?
PS: I know I can clear everything (cookies, history, etc.) on exit.
Just set Firefox Focus as the default, and if you want to keep the link open, use Menu -> Open with Firefox. That way you can vet links with privacy on by default.
I've been using this on and off for a few months since it came out. It's very smooth and enjoyable to use for looking things up quickly. But Samsung Internet Browser's[0] content blockers (AdBlock Fast, Disconnect) is also smooth and does a better job of blocking ads than Focus. Neither are as good as uBlock Origin, of course, but then you must use the "real" Firefox on Android which is not very smooth and feels very foreign on Android.
[0] https://play.google.com/store/apps/details?id=com.sec.androi...
First of all I want to say this is fantastic. A 2.5MB Android browser that's blazing fast and beautiful.
However it seems to default to HTTP not HTTPS. That's a deal breaker.
It's 2.5 MB because it's a thin UI on Chrome Web View, not that there's anything wrong with that.
Using Firefox on iOS is kind of frustrating - I can have either tabs or ad blocking, but not both. I want Firefox and Firefox Focus to merge on iOS.
Sign up for the beta at https://www.mozilla.org/en-US/firefox/channel/ios/ - Firefox will get the same blocks lists as Focus pretty soon.
Awesome, signed up - Thanks!
Even if apps which don't include analytics package release via Google play store would be subject to collection of device identification metrics. Which could be prevented using module such as Xprivacy as shown here - https://imgur.com/a/AuARo
Been using it for past couple of months. Its really good. Easy to use, pro-privacy and light weight. Thanks to Mozilla.
All of the language seems to indicate that Focus only blocks "trackers." Does it also block ads?
Imagine what the landscape would be like if FF had gone ahead with its adblocking efforts 5(?) years ago.
It would probably be dead. Why would webpage owners support it, if it blocks their revenue?
As an alternative, you can install the regular Firefox (for android at least) and install the uBlock extension. If you don't like the telemetry, like myselves, you just
doneMeh. It's been on my iphone for about a year and I've used it maybe a dozen times. It would be nice to be able to open a link from another browser (eg. Endless) but the option isn't available. So it goes by the wayside.
I think you will like our next build :)
Is there a reason why 'Bing' cannot be set as the default search engine?
No idea. I’ll file an issue and look into it.
Filed as https://github.com/mozilla-mobile/focus-ios/issues/334 for iOS
Have you seen Ericom Shield - http://www.ericom.com/solutions/secure-browsing/
Is it just me, or does the article have a giant animated GIF of the word "simple"? Shouldn't it, y'know, have a picture of the browser or something useful?
Wow I didn't notice that the first time. Talk about ad blindness.
What's the difference between this and Firefox Klar?
It's what comes up on FDroid and sounds identical.. though FDroid strangely doesn't host Firefox (Vanilla)..
>I can't find Firefox Focus in Germany, Austria or Switzerland
>Klar by Firefox is the German-language version and only available in Germany, Austria, and Switzerland. It includes the same features as the English-language app Focus by Firefox.
https://support.mozilla.org/en-US/kb/difference-between-fire...
Firefox Klar is the same program, just the one Mozilla intends for Germany (another company there has a trademark for Focus).
Regular Firefox is on F-Droid as "Fennec" -- I believe the justification in both cases is to avoid stepping on Mozilla trademarks.
This needs the ability to destroy pages when leaving the app. That way I can't accidentally leave my porn in a tab and have someone find it later
Pressing "Erase browsing history" in the Android persistent notification bar seems to do this.
Firefox Focus has no tabs and no history. Just close the active window and it's gone.
But if I press the home button to exit the app because my boss is walking up to my desk and then go to show him something on my phone.. he could find some unmentionables. Closing the app could have the same action as closing the page.
You have to hit the Erase button.
I like it. Really turns everything on its head. You're logged out. You can't post or comment. Lurking will be good for me.
Does/will it support the getUserMedia requirements for WebRTC on iOS (since it's coming to iOS 11)?
This is one of the few free ways to get adblocking on safari on ios. It's great!
Oh, I don't believe they missed the opportunity to name it Firefocus.
That's a terrible name
Major bummer ... not compatible with iOS 9 on older devices.
So is this like an always-on incognito plus privacy badger?
Yeah, essentially.
A more precise comparison would be always-on incognito plus Disconnect[1]. So, it uses a dumb tracker block list like it could also be enforced by uBlock Origin, and the list that Firefox uses is the list that the Disconnect devs put together.
Then, again, it also depends on which browser's incognito mode you're talking about. Firefox's Private Browsing comes with Tracking Protection, which uses this same block list. So, privacy-wise this is actually identical to Firefox's Private Browsing mode.
[1]: https://addons.mozilla.org/en-US/firefox/addon/disconnect/
Been using this for a while on iOS. Very convenient!
No tabs? Unusable. Great product otherwise.
I use it to watch porn.
New? How come I've been using it for years?
Aren't you mistaken for Firefox? This is Firefox Focus, a completely different product.
Although I'm not sure when the first iOS version was released.
The iOS version has been out since 2015:
https://www.theverge.com/2015/12/8/9870860/mozilla-focus-ad-...
The iOS version has been out for a long time, the Android version was released like a month ago or so. I'm guessing, Mozilla is just trying to promote this some more and judging by how many people here did not know of it, that seems like it was a good idea.
It seems OP is just now discovering this. I have been using it for a while too.
Panthers vs Titans Live Stream Free http://www.douglas-budget.com/calendar/event_ff8768ac-8509-1...
It looks like someone is copying certain Brave browser :). Not a bad thing at all, copy from the best.
FWIW I tried it on my phone and it works fairly well. Glad we have one more option.
Mozilla is targeting technophobes now?
This whole privacy meme is getting out of hand. I struggle to relate with this community nowadays...
With this browser, yes, they are very much targetting technophobes. There's a huge number of people that would like to protect their privacy, but feel absolutely helpless at that. This is Mozilla trying to help these people. This does however not mean that Mozilla as a whole is now targetting technophobes.
Also, Focus has surprisingly been adopted by tons of power users. As a result, Mozilla is now very much working on features for non-technophobes, like tabs, and power users, like Tor support.
After nearly a decade of using Chrome I decided to give FF another shot, having initially switched over due to slowness, an insatiable thirst for memory, and the single process model. I installed on both Windows (10 Pro) and Mac OS.
Initial impressions were good; it seemed snappy, I liked the UI, and it was using less memory than Chrome with the same number of tabs open. A couple of days in things went downhill.
On Mac OS I was getting short freezes every ~10 seconds. I found similar complaints ranging over a period of nearly five years, but no clear resolution. This morning I had FF lock up multiple times while editing Jira tickets. Since FF is still a single process, the entire browser was locked up and required a hard kill, which cost me work.
So, no thanks mozilla, back to Chrome. I know this is one person with one experience, but man, this one experience was pretty off-putting. Maybe I'll try again in another decade.
You probably used version 55. If you're willing to give it another try, it might work quite differently once is on version 57, Nov 14, from what I last read: massive changes are coming, but mainly starting from that version.
I did, I'll give it a try
Firefox is not anymore singleprocess. It will fall back to singleprocess, if you have an extension installed that's not yet compatible with multiprocess. With the aforementioned Firefox 57, they will switch over to a new extension API and this will also result in those old singleprocess extensions being thrown out, so that's why they haven't bothered trying to make this transparent to users.
Also, they are switching out the UI with Firefox 57, so I hope you like this one, too: http://design.firefox.com/people/shorlander/
> Since FF is still a single process
Multiprocess has been gradually rolled out since last year. Check about:support, you might have some ancient addon installed that isn't compatible.
I'd encourage you to give Firefox another shot. They've improved a lot in the last couple of versions. More pertinent, in my opinion, is that they're on a promising trajectory and I'd expect it to be incredible in the medium term.
My hand up is that this _was_ me giving FF another shot... and it failed miserably. Not sure how many more shots I have in me.
This is not relevant to the subject of the article.
Yeah you're right, I suppose I saw an opportunity to rant on a recent experience