That looks neat. And if it were possible to cheaply create and delete contextual identities on the fly it would even fix an issue I had today: the difficulty of multiple separate private browsing sessions in the same browser.
Yes safari's private browsing goes a bit too far as even opening a new tab from an existing one (e.g. open a link to a new tab/window) isn't linked to the original context. Safari's private browsing also has some issues (e.g. the localStorage quota set to 0)
This is an issue for me, primarily for using Twitter. I sometimes want to use multiple Twitter accounts at once, and not via TweetDeck. What I end up doing is having one account in use on normal Firefox, one in Firefox private browsing, one in Chrome private browsing, one in Safari private browsing, etc.
Agreed. Easy creation and management of additional contextual identities, even ephemeral ones that exist only for that particular browser session, would be terrific.
In addition, I'd like the ability to fine tune which items are isolated versus shared. I think in many cases, but not all, I'd like to shift saved passwords and form data into the identity contexts and away from the shared context. Not having to manually manage credentials when using multiple distinct sessions of a single web service would be nice.
It's quite easy in firefox. Just have two firefox shortcuts, one of "firefox -P default" which you use normally (default profile) and one with "firefox --no-remote -P" which, on launch, will give you a dialogue to select or create a named profile. In addition, the "--no-remote" bit means you can run any number of firefox instances side-by-side with no issue.
I think, often it was more that one didn't want others to know about the history of those activities, which is not the same thing as not wanting them recorded.
If there had been a safe way to secretly store that history, by having seperate identitie's in Firefox, (with password protection and crypto, etc...), that would've solved that case nicely.
And if you clear that secret, protected identitie's history, we'd have had 'Private Browsing', but also a ton more.
Separate histories and identities has been a feature for a while. Firefox and Chrome (and probably others) have profiles (though I don't think Firefox had an easy way to switch).
This is different. Cookies and storage are separated, but history, bookmarks, passwords etc. are shared [1]
..."Firefox profiles" fixed it very well. Same as Chrome profiles: I have one for my work persona, one for my personal persona, another for my sysadmin persona, and 3 others for... er... nevermind. But it works great.
Besides, 11 FAQ and a long blog post: I'm not sure they narrowed down the most focussed feature that would provide the most value and be used by the most number of users.
Yeah, but afaik, switching those profiles in Firefox is (currently) really difficult. So much so that it almost feels the same as if you didn't have the capability to do it...
You can edit your shortcut or .desktop file to open "firefox -P" instead of "firefox". Each time you click it, it will ask which profile you want the new window to be in.
Had I known this earlier... I had the same reaction as the person you replied to, I hadn't thought of using profiles. I knew something called profiles existed, but I thought it was not in use anymore (at least not properly supported). I never connected the dots.
Still sounds like a pain to manage though, compared to this new feature.
Yeah it's not a great user interface, and it's definitely buried. Aside from the Developer Edition which uses a different profile by default, it seems to be ignored by Firefox devs. Probably because they don't want to support all the people who get confused by the terrible UI!
Firefox's clumsy profile support is the one thing that makes me keep switching back to chrome. I really prefer firefox sync to chrome's implementation, and some of firefox's tab organization tools are way better than chrome's. But I use many of the same webapps in my personal life as I do in my work life, and being able to run two profiles simultaneously, and start them up without having to launch firefox from the terminal every time, was difficult.
What they've implemented seems to be better than chrome's profiles, in that it's easier to create a new profile for a specific context (so I don't have to sort things into a "work" bucket and a "personal" bucket.) It will be interesting to see how the contexts interact with plugins.
I agree that Firefox profile management is not user-friendly at all. I have an advice for you though, you don't need to open Firefox from a terminal if you want to be able to choose your profile at start-up.
«all» you have to do is go to ~/.mozilla/firefox/profile.ini and change it with:
```
[General]
StartWithLastProfile=0
```
Now Firefox will open a dialogue box at start-up asking you for the profile you want to use.
-P "<profile name>" Starts with a given profile name (profile name is case sensitive).
-no-remote Enables running multiple instances of the application with different profiles; [1] used with -P
#!/bin/bash
case "$1" in
personal | work | banking | shopping)
firefox -no-remote -P "$1" ;;
*) echo "unknown arg: $1"; return 1; ;;
esac
and either rename profile directories, or the case statement labels,
and optionally associate calls to the script with icons/widgets.
[code not tested, use at own risk, ymmv, etc.]
> I have an advice for you though, you don't need to open Firefox from a terminal if you want to be able to choose your profile at start-up.
I don't know, on Mac or Windows, how (although it would be nice) to wrap your script, or any other command-line executable, as an app that takes its arguments as parameters specified on double-click.
Doesn't it also just genuinely feel more sluggish to you? Just installed Nightly to test this feature out, and then took another minute to use the developer tools to do some debugging, and the whole experience felt less smooth. Maybe only microseconds of a difference in <my action> and the <browser's response>, but noticeable nonetheless.
Do you have extensions installed? Nightly has E10s default-enabled, and there's currently still pretty bad performance problems when using certain extensions with E10s.
Basically, extension developers can "shim" their add-ons, which, as far as I understand it, tells Firefox that it has to handle things which are affected by the extension in a single-threaded way, again.
And because the world is a grim place, this doesn't just get you back to non-E10s performance, but is actually worse.
Eventually, add-on developers should properly port their extensions to E10s and then those performance problems will disappear, but at the moment they are still very frequent and when Mozilla rolls out E10s, they will also only default-enable it for users without extensions for this exact reason.
If you want to troubleshoot this, I would recommend looking at about:performance and www.arewee10syet.com.
You should probably check how performance is in a new profile[0] first, though, just to make sure that you're not trying to replace extensions when it might be caused by something else.
This seems very useful for it's intended use-case. At first glance I would like to note however that advertisers (and other parties) will probably still be able to track you across these "containers", due to not isolating HSTS-flags and similar features.
I also wonder whether a seperate banking container makes a lot of sense when doing online payments, as in my country we get redirected to our bank to do payments. This might create confusion among non tech-savy users ("but this should be in my banking-container, I'll just switch. Why does the webshop give an error upon returning now?").
Overall a really cool feature though and one that might persuade me to give Firefox a try as daily driver again.
Firefox has had those kind of profiles for a long time, they just aren't the most accessible thing in the world.
But yeah, you can access them from about:profiles or also via the command-line with "firefox -P". If you want to use it more extensively, there's also extensions available for easy switching, like for example Profilist. https://addons.mozilla.org/en-US/firefox/addon/profilist/
Wow, this is insanely cool!
I've been thinking to create add-on to be able to login to multiple Google accounts from different tabs, but they managed to create it faster!
If we can get Tor Browser's first party origin feature in as well, this will be fantastic! I would love to have the ability to type www.facebook.com and get a context that isn't linked to the rest of my tabs.
I also want ephemeral containers so I could open a tab that forgets its cookies when I'm done. Think private browsing but without forgetting my history, requiring a new window, or being limited to one context at a time.
Exactly, I also want to have private browsing but with persistent history. I'm using Self-Destructing Cookies [1] for that; you can also white-list some domains there for eg. keep me logged in. But would love to have the container as you describe for that.
Did you try the "Self destructing cookies"[1] extension for Firefox? It is close to your "forgets cookies" requirement. IIRC it has per domain settings and allows you to configure the cookies to self destruct after closing the tab, the browser or never.
I use this and am very satisfied with it. It's a very simple thing that anyone (that knows how cookies work) can fully understand within seconds and it prevents many, many sorts of tracking. A password manager is a must, of course.
Every time I use someone else's computer now, I'm horrified to see my settings from last time on random sites. You don't realize how much tracking is done until it's not the standard anymore. I even forgot to log out of places, so I've defaulted to opening private windows instead.
Anyway back in topic, SDC helps a lot but doesn't do everything OP wanted to do. I too would like to be able to open Facebook without wondering what other openings tabs might be using it, preventing SDC from removing the cookies. I'm really really excited Mozilla is doing this. SDC is a good start until it's out of nightly/beta though.
I really feel like the entire session model of the web needs reworking from the ground up. I honestly want most of the websites I use to act more like apps, with a dedicated space for that site and not spread out across N tabs or windows. And also containerized exactly like this describes.
There are some browser extensions that to do this, but they're pretty clunky overall.
In what I want I don't really see that being different. Not everything is an app, but the things that aren't are things that I don't visit every time I sit at a computer.
Mostly I see it actually working a lot like android's url-based intents, where there are things recognized as "apps" and actions directed at urls within that scope go to that 'app' to decide what to do with it, and things outside it go to a more traditional browser environment.
I prototyped this feature last year as an intern at Mozilla. I think the engineering done for containers can be exposed in a lot of cool ways to the user. I'd love for you to send in your ideas on the comment form [1]. One of the features we considered last summer was "site specific containers" [2], which would support your facebook example.
Is it possible to implement this feature via the extension API ? Exposing the low-levels, like choosing the cookie jar or intercepting calls to the local storage, would sprawl some really good privacy-enhancing extensions.
EDIT: Looks like there are already extensions doing that ! nice !
This looks really promising. The identity problem in browsers is something I tried to solve by customising the look of different Firefox instances opened with different profiles[1] (one for personal use, one for work etc). But having this functionality built in is definitely preferable.
Revenue will go down even further, that'll happen. Same as with ad blockers, except they cannot detect it this time around (at least not easily, it would be a bug if they could).
Nothing changes really, ad revenue should already have been going down for years with how many ads we see every day. Almost everyone should automatically block them out mentally by now, and I think I recently heard this is starting to happen more and more now.
It has always been relevant for me. Chrome has nowhere near as powerful customization and privacy features, and Opera has nowhere near as much support. Firefox has always been the best browser for both power users and privacy conscious people.
If you were going for something minimalistic and good for business/home usage, Chrome might be a better choice indeed. I can definitely see the advantages and I've installed it for my family back when it was substantially faster than Firefox (by now Chrome got a lot heavier and Firefox, uh, I guess they must have become a bit lighter but I don't know). I guess I should switch them back to Firefox again, but it might not be worth the learning curve.
I don't mean to tell people how they should and shouldn't use the web, but if you disagree with Facebook's off-platform data-collection practices, consider sending them a message about it and closing your account. They have no reason to change their policies unless we give them concrete evidence that it will hurt their business.
One person in a billion closing their FB account over privacy concerns probably isn't going to sway them. You'd have a better chance of making them realize that a sizable number of users care about such things by organizing a petition or a mass-closing event.
They track out even if you don't have an account. They have no reason to change their policies, because you cannot hurt their business enough as a user (you're the product, not the customer).
The only reasonable option, if one cares, is to use disconnect/ghostery/abp with the right lists, etc.
In case you are not aware: Every single web page that has a 'facebook like' button reports your surfing habits to Facebook, whether you have an account or not.
How is this even legal? By clicking to that site, i'm agreeing to allow FB to do whatever ONCE. How do I get out of the agreement if I find it doesn't suit me?
This is like saying, "By agreeing to take this person on a date one time, you're agreeing to take this person with you wherever you go from now until whenever."
When submitting, I intentionally editorialized the title from something unclear out of mozilla's blog context ("Contextual Identities on the Web") to a more explicit title that speaks by itself ("Firefox 50 nightly new feature: Contextual Identities").
- This guideline feels a wee bit sad, because editorializing can be valuable (a title might be crystal clear in context but nonsensical once pulled out of it).
- But I understand how we generally don't want it as it might lead to linkbaiting and misrepresenting the original title.
I know, but in some cases like this one, I feel it's not enough.
Had I not been subscribed to Mozilla's RSS feed, I personally would have skipped a "Contextual Identities on the Web (mozilla.org)" post on HN, because the vagueness would have made me mentally flag it as not time-worthwhile.
Contrarily, adding a few non-likbaitish words providing context (here, mentioning we're talking about a new feature in Firefox testable in Nightly, which is what my rename did), it becomes much more precise, less arbitrarily discard-able, thus interesting for certain people, including me.
But again, I understand the main reason the guidelines proscribe the practice: because it's a slippery slope to linkbait and incorrect reformulations.
Great idea that makes me glad I use Firefox (settings for maximum privacy and discard all cookies when browser shuts down; I also use Chrome for Google properties, Twitter and Facebook).
With Firefox containers I suppose I could drop my two Browser setup, but I won't, at least for now.
Wonderful. I'm looking forward to a feature to automatically create a container for every new tab, unless explicitly told to open a tab in the existing container. Example: two tabs for the same site, right click, Open Link in New Tab (same container). The browser default could be opening in the same container. An about:config switch would be ok, we'll find it.
139 comments
[ 3.1 ms ] story [ 221 ms ] threadI hope they keep going into this direction
This can be unhelpful, though, if you need to have multiple tabs open on the same site.
In addition, I'd like the ability to fine tune which items are isolated versus shared. I think in many cases, but not all, I'd like to shift saved passwords and form data into the identity contexts and away from the shared context. Not having to manually manage credentials when using multiple distinct sessions of a single web service would be nice.
It's a really simple idea that can go a long way for digital identity hygiene. Can't wait to try it out.
---
[1] Screenshot of Qubes: https://www.qubes-os.org/attachment/wiki/QubesScreenshots/r2...
I think this is the actual solution to the problem that 'private browsing' was trying to fix when it first came out.
If there had been a safe way to secretly store that history, by having seperate identitie's in Firefox, (with password protection and crypto, etc...), that would've solved that case nicely.
And if you clear that secret, protected identitie's history, we'd have had 'Private Browsing', but also a ton more.
Which we're about to get now, it seems.
This is different. Cookies and storage are separated, but history, bookmarks, passwords etc. are shared [1]
[1] https://blog.mozilla.org/tanvi/files/2016/06/containers-segr...
Besides, 11 FAQ and a long blog post: I'm not sure they narrowed down the most focussed feature that would provide the most value and be used by the most number of users.
Still sounds like a pain to manage though, compared to this new feature.
What they've implemented seems to be better than chrome's profiles, in that it's easier to create a new profile for a specific context (so I don't have to sort things into a "work" bucket and a "personal" bucket.) It will be interesting to see how the contexts interact with plugins.
«all» you have to do is go to ~/.mozilla/firefox/profile.ini and change it with:
```
[General]
StartWithLastProfile=0
```
Now Firefox will open a dialogue box at start-up asking you for the profile you want to use.
http://kb.mozillazine.org/Command_line_arguments
and either rename profile directories, or the case statement labels, and optionally associate calls to the script with icons/widgets. [code not tested, use at own risk, ymmv, etc.]However, stymaar (https://news.ycombinator.com/item?id=11916985 )'s suggestion seemed to be specifically about avoiding the command line:
> I have an advice for you though, you don't need to open Firefox from a terminal if you want to be able to choose your profile at start-up.
I don't know, on Mac or Windows, how (although it would be nice) to wrap your script, or any other command-line executable, as an app that takes its arguments as parameters specified on double-click.
Basically, extension developers can "shim" their add-ons, which, as far as I understand it, tells Firefox that it has to handle things which are affected by the extension in a single-threaded way, again. And because the world is a grim place, this doesn't just get you back to non-E10s performance, but is actually worse.
Eventually, add-on developers should properly port their extensions to E10s and then those performance problems will disappear, but at the moment they are still very frequent and when Mozilla rolls out E10s, they will also only default-enable it for users without extensions for this exact reason.
If you want to troubleshoot this, I would recommend looking at about:performance and www.arewee10syet.com. You should probably check how performance is in a new profile[0] first, though, just to make sure that you're not trying to replace extensions when it might be caused by something else.
[0]: https://support.mozilla.org/en-US/kb/profile-manager-create-...
I also wonder whether a seperate banking container makes a lot of sense when doing online payments, as in my country we get redirected to our bank to do payments. This might create confusion among non tech-savy users ("but this should be in my banking-container, I'll just switch. Why does the webshop give an error upon returning now?").
Overall a really cool feature though and one that might persuade me to give Firefox a try as daily driver again.
I also want ephemeral containers so I could open a tab that forgets its cookies when I'm done. Think private browsing but without forgetting my history, requiring a new window, or being limited to one context at a time.
[1] https://addons.mozilla.org/pl/firefox/addon/self-destructing...
[1] https://addons.mozilla.org/en-US/firefox/addon/self-destruct...
Every time I use someone else's computer now, I'm horrified to see my settings from last time on random sites. You don't realize how much tracking is done until it's not the standard anymore. I even forgot to log out of places, so I've defaulted to opening private windows instead.
Anyway back in topic, SDC helps a lot but doesn't do everything OP wanted to do. I too would like to be able to open Facebook without wondering what other openings tabs might be using it, preventing SDC from removing the cookies. I'm really really excited Mozilla is doing this. SDC is a good start until it's out of nightly/beta though.
https://addons.mozilla.org/en-US/firefox/addon/cookie-block/
There are some browser extensions that to do this, but they're pretty clunky overall.
Mostly I see it actually working a lot like android's url-based intents, where there are things recognized as "apps" and actions directed at urls within that scope go to that 'app' to decide what to do with it, and things outside it go to a more traditional browser environment.
[1] https://docs.google.com/forms/d/1oQN14TUnqj-MDErp8MKxH_v7Ytt... [2] https://wiki.mozilla.org/Security/Contextual_Identity_Projec...
EDIT: Looks like there are already extensions doing that ! nice !
Can you send a link?
On firefox, "Self destructing cookies": https://addons.mozilla.org/en-US/firefox/addon/self-destruct...
You're welcome :)
[1] https://github.com/jamesturner/firefox-profile-indicator
I think this feature would have made tabgroups much more useful.
Nothing changes really, ad revenue should already have been going down for years with how many ads we see every day. Almost everyone should automatically block them out mentally by now, and I think I recently heard this is starting to happen more and more now.
If you were going for something minimalistic and good for business/home usage, Chrome might be a better choice indeed. I can definitely see the advantages and I've installed it for my family back when it was substantially faster than Firefox (by now Chrome got a lot heavier and Firefox, uh, I guess they must have become a bit lighter but I don't know). I guess I should switch them back to Firefox again, but it might not be worth the learning curve.
"By clicking or navigating the site, you agree to allow our collection of information on and off Facebook through cookies."
I already have a separate chromium "person" set up for facebook; might give firefox another go when this gets released.
The only reasonable option, if one cares, is to use disconnect/ghostery/abp with the right lists, etc.
In case you are not aware: Every single web page that has a 'facebook like' button reports your surfing habits to Facebook, whether you have an account or not.
This is like saying, "By agreeing to take this person on a date one time, you're agreeing to take this person with you wherever you go from now until whenever."
I prefer to use different devices entirely.
When need arises to have multiple logins to the same page I simply open new private window.
When submitting, I intentionally editorialized the title from something unclear out of mozilla's blog context ("Contextual Identities on the Web") to a more explicit title that speaks by itself ("Firefox 50 nightly new feature: Contextual Identities").
Isn't this considered valuable here?
ishttps://news.ycombinator.com/newsguidelines.html
- This guideline feels a wee bit sad, because editorializing can be valuable (a title might be crystal clear in context but nonsensical once pulled out of it).
- But I understand how we generally don't want it as it might lead to linkbaiting and misrepresenting the original title.
Had I not been subscribed to Mozilla's RSS feed, I personally would have skipped a "Contextual Identities on the Web (mozilla.org)" post on HN, because the vagueness would have made me mentally flag it as not time-worthwhile.
Contrarily, adding a few non-likbaitish words providing context (here, mentioning we're talking about a new feature in Firefox testable in Nightly, which is what my rename did), it becomes much more precise, less arbitrarily discard-able, thus interesting for certain people, including me.
But again, I understand the main reason the guidelines proscribe the practice: because it's a slippery slope to linkbait and incorrect reformulations.
With Firefox containers I suppose I could drop my two Browser setup, but I won't, at least for now.