Note: I believe "un-fork" in this context means the Tor browser being able to use the latest version of Firefox (instead of an old fork), by Mozilla merging-in some of the privacy enhancements made in the Tor Browser, for ordinary clearnet use (likely as default-off options).
It does not mean making Firefox into the Tor Browser.
It's a great way to make the efforts of both teams available to both groups of users. I'm very glad this effort is happening!
Tor browser uses the latest version of Firefox that they can verify their patches on. The developers need to verify the correctness of all patches and that there are no new ones needed.
"Un-fork" in this context means "upstream", or get the patches that Tor browser uses into mainstream Firefox.
The developers of Tor Browser will still always need to check that Firefox isn't doing anything improper and that privacy is maintained – but upstreaming the patches will make it a lot easier.
"Mozilla leadership has already decided to help Tor move toward being able to build off a Release Firefox rather than an ESR--it's safer for our users. I don't know if we'll get to the point where they can just ship a re-packaged bundle with some pref flips and add-ons, but the more of their patches we incorporate into mozilla-central the easier it will be for them to apply their remaining patches each release." (https://bugzilla.mozilla.org/show_bug.cgi?id=1173199#c16)
It's worrying to me that they imply ESR is less secure; isn't the whole point that it gets security fixes applied to it? Less churn should make it more secure.
> Maintenance of each ESR, through point releases, is limited to high-risk/high-impact security vulnerabilities and in rare cases may also include off-schedule releases that address live security vulnerabilities. Backports of any functional enhancements and/or stability fixes are not in scope.
Damn; I assumed since it was shipped in Debian Stable it had all the same guarantees as the rest of the distro, but I guess the browser codebases tend to be such security disasters that they can't necessarily keep up.
Projects release new versions of software not just for new features, but (one would hope) constant improvements to the underlying architecture.
Firefox in particular has been evolving quickly, with many of under-the-hood improvements that may not fix "high-risk" security issues, but constantly improve security directly or indirectly (e10s?). You can't expect maintainers of an ESR to backport all those things.
There's always a risk in adopting the latest version of a program, but there's also a risk with keeping the old, less actively maintained version. I get burned all the time with Debian Stable, running into bugs fixed in the latest version but not backported. (nonetheless, I do prefer Debian Stable to most other solutions)
A project I'm involved in even has an automatic "toxic code" warning for PRs on known functions/classes that need to be refactored, and where monkey-patching will likely cause other security issues one way or another.
This is really nothing to do with Tor specifically, but it's a good fit for a question that I think is curious about optional payment systems.
If your browser counted how much resources you've consumed in browsing and asked you to retroactively & optionally "pay your bill," could this generate the cash to keep the service running?
This isn't altogether uncommon in free software, and is sometimes referred to as 'beggarware'.
I've been guilted into donating by some of these, but if it's too annoying it can have the opposite effect and cause you to drop the software.
One that comes to mind is a download site that tracked your download count and put a rainbow-colored '(maybe you should donate)' link next to it. Not very detrimental to the UX, but gets the message across.
What is meant here IS NOT that every Firefox user would be browsing using Tor.
The idea is that the Tor Browser would be standard Firefox with certain strong privacy settings enabled. i.e., the Tor project wouldn't have to patch Firefox source and recompile because their patches would already be in Firefox, just run-time disabled. They wouldn't have to maintain their own set of patches that could be broken by Firefox development. For Tor, stock Firefox would be launched with those (strong privacy) settings enabled.
Tor might have to rework their patches to live in Firefox in this way, but it would simplify their work because Firefox development wouldn't cause upstream breakage of the Tor browser.
Why couldn't Firefox use Tor in the "private mode"? Wouldn't that be the ultimate private mode? It would also greatly help the Tor community, as it would "mainstream Tor" so it wouldn't have as much stigma as it does today.
Because that's not safe. Exit nodes can trivially screw around with plain HTTP (both snoop on and rewrite), and it also puts them in a MitM position for new HTTPS bugs. That's a risk you take when using Tor, and it's not a tradeoff you can reasonably convey to existing Firefox users who are used to Private mode meaning a certain thing.
Also, the Tor network probably doesn't have enough exit node capacity to handle the volume it would get.
> Exit nodes can trivially screw around with plain HTTP (both snoop on and rewrite), and it also puts them in a MitM position for new HTTPS bugs.
This is no different from your ISP or the guy next to you on the coffee shop wireless.
If you don't want people to snoop and rewrite your HTTP connection, don't use HTTP. And the solution to broken HTTPS is to fix HTTPS. Tor doesn't decrease your security in either of these cases.
> That's a risk you take when using Tor, and it's not a tradeoff you can reasonably convey to existing Firefox users who are used to Private mode meaning a certain thing.
1. It's not a tradeoff. Tor does not decrease your security in either case. There are cases where Tor doesn't provide privacy protections, but there's not a case I know of where using Tor provides fewer protections than not using Tor.
2. It's impossible to convey to non-technical users that private browsing doesn't provide privacy from their ISP, governments, etc. I don't understand how you can claim that providing fewer privacy protections is less confusing to the non-technical user.
> Also, the Tor network probably doesn't have enough exit node capacity to handle the volume it would get.
These are bogus arguments that sound reasonable in the absence of a relevant comparison but are all flimsy and uninformed upon inspection.
For example, by what definition would this not be 'safe'? Do you mean in comparison to Firefox's defaults, which enable profoundly privacy-invasive tracking, hide the contents of the cookie management dialog box, and enable the delivery of malvertising at will by visiting "safe" websites - just to name a few?
MitM positions exist on the internet for all users today, both for HTTP and in the situation of "new HTTPS bugs". So you point out risks taken when using the internet in general, and the Tor Browser Bundle already mitigates many of those risks via NoScript and various patches. I've used Tor Browser Bundle daily for all purposes - including online banking and shopping - for several years with zero problems. Malicious exits exist and get flagged out of the network rapidly. Essentially all remaining risk is trivially defeated by toggling the 'block all unencrypted requests' pref in HTTPSEverywhere, which is part of the Tor Browser Bundle and could be built into an implementation in Firefox with a warning for HTTP traffic.
And you're probably thinking of 2009-era Tor network experience. For me, Tor network performance routinely boils down to ~200ms additional latency with ~1.5-2MB/s download speeds. The difference between that and an average broadband connection is barely noticeable.
I recommend using the Tor network and the Tor Browser Bundle before criticizing this idea.
Speed for starters (Tor is an order of magnitude slower) and many things, like advanced JavaScript (websockets for example), flash and Java, simply can't traverse it reliably. Also it's not what people expect. Many people expect private mode to make it so their active session's browsing doesn't effect their browsing history or they tracked history, not to anonymize them entirely.
This claim is frequently made but I think I can objectively say (it's not the Tor fan speaking) that it's wrong. Can you back this up with numbers?
Like, real world user's numbers. That means WiFi or 3g, or at best a 100mbps wire to an old WRT54G; not a professional, cabled desktop setup with FTTH or 802.11ac that many of us might use (as professionals or hobbyists). Depending on some luck in the Tor circuit, it should be as good as a good public wifi hotspot. Or in a bad case it might be as bad as an overloaded and far away public hotspot, but circuits rotate now and then anyway.
I'd be genuinely interested to see some user testing in this area, especially if the users know the privacy difference it makes and can toggle it at will.
To be fair I am basically on a trunk line via my university.
I mean you are right though, a domestic WiFi connection is likely to be in the 200 ms range, so another 200 ms on-top of that might not be as big of a deal, but I would suspect it would still end up being closer to 500 ms to get a response. Google made a point where anything over 200 ms feels slow to users. Tor is definitely going to push everything over that.
> a domestic WiFi connection is likely to be in the 200 ms range
My wifi connection gives me ~18ms roundtrip to Google, and about 8ms extra to work, and ~50ms roundtrip from my moms house in Norway where I am currently, via her wifi, to my home server in the UK (and ~18ms roundtrip to Google from here too).
These are nothing special for developed countries - just regular consumer connections. When I've been on business fibre subscriptions we've consistently gotten better results.
EDIT: I initially wrote "maybe 5 years ago", without thinking. Some additional observations: While ~200ms roundtrips to a site was a thing going back long enough, first hop latencies even on dialup was rarely even 100ms. I know: I ran an ISP, and had to deal with irate customer if latency from them to their nearest games servers got to that kind of level, even in the mid 90's.
SSH connection roundtrips start becoming painful in the ~120ms roundtrip range, and it's been a decade plus since that's been a problem other than when managing a slow system on the US west coast or Asia for me (connecting from Europe). Beijing or New Zealand has been in the 200ms+ range for me. If anything closer is in that range, it's a sign something is wrong.
I'm a tor fan (I run a relay) and installed it on my phone, it was objectively much much slower and things like url redirects (from emails etc) wouldn't load, I ended up having to turn it off so often that I effectively abandoned it.
I would like to move to a tor only setup, my biggest issue is that it's just too slow.
Granted I am in Australia so most of my requests were literally going to the other side of the world and then back again to complete.
You're making assumptions on what users use private mode for. I primarily use it for testing login/using alternate accounts without having my cookies set for development work, which means I would not want to be using Tor. Other users may just not want certain pages logged in their browser history.
This would be a miracle for privacy advocates. However, I'm worried that Mozilla could become irrelevant in the meantime. I say this as a die-hard Firefox user (I even refuse to use any of the forks that remove the branding).
Mozilla needs to be making moves that keep them relevant. This move is great for some privacy-minded folks who don't know that the Tor Browser Bundle exists, but unfortunately... most people don't care about their privacy online.
Does Mozilla even have a path they can take that keeps Firefox from dying a slow death? I say this because I love what they do - they're the only major browser developer that is interested in protecting their users instead of their profits. They need to start acting like the situation is getting dire.
> They need to start acting like the situation is getting dire.
We might start by start offering free mandatory history lessons everytime anyone uncritically evangelizes for Chrome or create anything that "works best in IE^h^hChrome".
Or continue to remind those poor souls that their browser still doesn't support real extensions after all these years ;-)
> their browser still doesn't support real extensions after all these years
I'm confused. What is a "real extension"? Given the rich extension library for chrome I'm not sure of the difference.
Rather than remind the poor souls, it may be time to acknowledge and accept the fact that "real extensions" aren't an actual benefit of Firefox over Chrome? If it is a reference to IE. I think the only reason IE has market share now is the fact that it is the default on Windows.
Honestly, the biggest thing that hurts Mozilla's market share right now is the pre-loading of Chrome on Android devices. Mozilla should hope that the EU takes some kind of action against Google over this, so at least Google shouldn't consider it a "hostile action" when a random OEM wants to put Firefox on its devices rather than Chrome.
I would say the same applies to iOS, but to a smaller degree. Also, I'm not sure if Microsoft still respects the browser option thing in Europe with Windows 10 anymore.
That said, the pre-loading of Chrome may be the biggest problem right now, but Firefox's reputation has also degraded in many users' eyes, so they need to keep doing stuff that truly sets them apart compared to Chrome, and it's also not easy for Chrome to replicate because it would be counter to Google's incentives (like the privacy stuff).
> Honestly, the biggest thing that hurts Mozilla's market share right now is the pre-loading of Chrome on Android devices. Mozilla should hope that the EU takes some kind of action against Google over this, so at least Google shouldn't consider it a "hostile action" when a random OEM wants to put Firefox on its devices rather than Chrome.
Why? What has Google done monopolistically here? They don't stop OEMs from shipping other browsers, as far as I'm aware, even as the default. Samsung, noticeably, ship Samsung Internet (still Chromium-based) as the default browser on their devices.
The fact that OEMs basically always decide not to ship other browsers isn't something that's Google's fault.
> Also, I'm not sure if Microsoft still respects the browser option thing in Europe with Windows 10 anymore.
They don't. The five year term of the EC and Microsoft agreement ended at the end of 2014, and they've had no obligation to ever since. The website itself has been gone since mid-2015.
There are lots of great web browsers now, which is a huge improvement on the state of the world when Firefox 1.0 was released.
All major browsers today do share a huge problem - the web browser needs to be fast (performance and responsiveness are a Really Big Deal to people), and it also needs to be secure (people getting ransomware via the browser is Not OK with them). Privacy is a more nebulous topic, I agree.
One place where Mozilla has invested that can make a real difference there is with Rust and Servo.
A lot of the investments in Firefox that Mozilla makes are intended to help the web as a whole. Trying to standardize and expand on cross-browser extensions with WebExtensions is an example of this.
Coming back to the topic, while I agree that most people don't care about privacy online but there are some who do and Tor users almost certainly do. Bringing Tor's security and privacy improvements to Firefox is good for everyone, and some improvements help both performance/responsiveness and security (the recently-released and ongoing work from Mozilla on multiprocess and sandboxing is an example of this.)
We see that % share is going down for Firefox, but is there any indication that total number of users is dropping for Firefox? I suspect that as more people have been getting on the internet, the absolute number of FF users is actually going up. It stands to reason that Firefox isn't dieing at all.
I broke my Chrome instance and decided to give Firefox a try, and I must say it has A LOT of usability problems compared to Google's. I'd say Mozilla has a lot to work on to avoid losing users, if they aren't already.
Granted, this is non-default config. When blocking third-party cookies, Chrome shows a little icon which you can click to whitelist blocked cookies. There is no such Firefox option that I've found yet.
It's also a lot easier to toggle javascript for individual sites in Chrome without extensions.
Back in the day the idea of Firefox was to provide a simple browser that is easily extended. So I'd say that it's by design that you can't do those things easily without extensions. I use NoScript and Cookie Monster to selectively block scripts and cokkies and it works really well.
Now you've forced me to make at at least two more decisions: to open up addons.mozilla to find a cookie-management extension, and to open up addons.mozilla to find a javascript-permissions-management extension.
At each of these interactions, I would be confronted with the worst possible next-actionable-step: a large, seemingly unbounded number of options. Picking any of them then requires an additional interaction to confirm, possibly whilst (realistically speaking) disregarding scary-looking security warnings about what the extension will be able to do with my first-born child.
Of course, IRL, users respond as you'd expect when given such immediate negative feedback. They will make it through at most one forced-decision interaction. By the time they hit #2, the user's goal will become "install Chrome", not "figure out which extension to install next".
It's really important to recognize here that the extension search/installation/configuration user flow is more-or-less indistinguishable from actively punishing the user for using firefox. Oh, so you want to use firefox, and actually do something? Kindly direct this barrage of STOP NO DONT feedback to your decision-making apparatus until it comes around to it's senses and installs something, anything else.
What a great summary of extension installation process! I wonder why they never streamlined it and made at least a list of featured (curated / reviewed for security) extensions.
That said, I still prefer Firefox to anything produced by MS, sorry, I mean Google... :)
I can't live without Cookie Monster[1]. It's always at my bottom layer of privacy protection (installed earliest.) I wish one of the other things that I use that also regulates cookies would steal its UI (or FF itself), because once every year or two some interaction problem comes up between it and something else, though not nearly enough for me to give it up. Firefox seems to have adopted the Gnomeish philosophy to intentionally make it more difficult to selectively disable parts of the web as a way of guiding user behavior, so I don't see it happening.
1 - crashes, approximately bimonthly. Chrome just doesn't crash for me any more.
2 - very high cpu usage if ff runs long enough. Eventually it will creep up towards consuming 50%+ of a cpu
3 - similar problems with memory usage. Chrome is a pig, but if you close windows, the system gets memory back. FF just doesn't seem to return memory to the system w/o a full restart.
4 - intermittent freezes when loading new tabs. The entire app becomes unresponsive, long enough to notice / feel jerky.
fwiw, I leave chrome up for weeks on end and don't have these issues. osx 10.9
1. Know the problem but for me it is infrequent enough and the bandaid (restore last session) is good enough that I don't care.
2. Painful for me as well until I I blocked js in google search and search results. (I often have quite a number of tab trees open and the roots are often google search results and they eat CPU if not restrained. I don't know if this is intentional on googles part but it leadt it shows poor attention to QA.)
Just recently learned about about:performance and it is really nice.
The burning of CPU cycles whilst idling on Google's result page is the most infuriating bug in Firefox but doesn't seem to have been accorded any priority. It has persisted for at least three years.
Well, you could always just use startpage.com (uses Google) or duckduckgo.com. It's not like Google is still ages ahead of the competition as it once was. I am not sure where the bug comes from but it would be much easier for Google to fix it, given that their JS is heavily obfuscated. But then again, that's not really in their interest, is it?
I also get window rendering issues in FF on Windows 10 after waking my laptop from sleep. The browser can still be used but the frame goes totally white. Very weird.
I get rendering issues after waking the notebook from sleep in Win7 as well. Also I get rendering issues in a Remote Desktop session.
If the PC is running for days Firefox crashes automatically after some days.
Firefox crashes (whole browser) more often than other browsers. It's annoying that the multi process implementation that so many years to implement and will still break plugin compatibility.
Good news is that this should be fixed with Electrolysis, which is currently being rolled out and will make it to your local Firefox installation somewhen in the next few months.
Most notably, for me, I'm stuck using Yahoo as the default search engine. I can change the default to Google, but the preference resets when the window closes.
Edit: It appears only browser instances launched with Selenium are affected. Instances launched the usual way default to Google as expected.
Are you clicking "Change Search Settings" in the search drop-down, and changing the "Default Search Engine" in the preferences (about:preferences#search) ?
To change the default search engine you can click the magnifying glass and then click Change Search Settings from there you can set the default search engine.
I know how to change the default search engine, but the settings don't persist from session to session (at least not when the browser is launched from Selenium).
Perhaps Selenium doesn't use an existing profile when it loads because that could subtly change its behavior every time it is run (for example, which links are visited).
I haven't tried it recently (as in the past month), but I like to fire up the browser, press Ctrl+L, type an address and press Enter in a few seconds. That seems to take forever on Firefox compared to Chrome.
AFAIK Chrome starts up a background process after your computer has booted up, which then helps it start faster. So, if you just told your OS to start up Firefox on boot and then didn't close it afterwards, that should have pretty much the same effect.
I agree, though, that having an option for this in Firefox would be good.
> most people don't care about
> their privacy online
Apple are betting they will do, and I think that's prescient. Only need a few more Ashley Madisons to see a sea change in this area, and a browser that's been ahead of the curve for a long time has a lot to gain.
> > most people don't care about their privacy online
> Apple are betting they will do
No they're not. iCloud is still not end-to-end encrypted; iMessage users still trust Apple to verify identity; macOS and iOS users still cannot verify the source of the OSes they run.
Apple may be betting that people care about online-privacy snake oil.
> Apple may be betting that people care about online-privacy snake oil.
You can't blame people for not fully understanding how their data is protected. Even the average geek gets confused pretty quickly (I know I do).
People also chose their battles. Between facial recognition, revenge porn, online harassment, IMSI catchers, video surveillance, police overreach, and many other issues, they may not think of end-to-end encryption as a priority, but people do care about their privacy.
As techs, we have to do our part in explaining these things correctly, and also making sure we push forward legislation that helps protect people. This isn't something that will self-regulate.
I'm not sure Ashley Madison is the best example. When that leak happened, a lot of the public's reaction was along the lines of "they were doing something wrong, so they deserved it."
It would be more accurate to say "a lot of the public reaction" rather than "a lot of the public's reaction." A lot of the private reaction was completely freaking out and considering the web completely unsafe.
No, Apple isn't betting average users care about privacy. They're thinking average users will not mind it, and they can reach a new audience this way.
The people who want open platforms will want usability like everyone else, but they're willing to sacrifice that if they get an open platform. Open platforms can be studied, understood and verified to be secure. Now that Apple products are apparently also safe and private (they're making a big point of it), the remaining reason is fairly abstract and purely ideological. The hackers and professionals no longer have a justifiable reason for their friends not to get an Apple device, and they themselves might think twice too.
It's another step in the erosion of our values that I'm afraid is taking place. Is it really bad or just the next step in what humanity values and cares about? I'm not sure, but I'm also not sure we can tell until it's too late and power over many devices (and thereby people's lives) is in the hands of a very few, so I'm on the "let's not go that path" side.
I think the clear path is launching a new browser (eg Firefox NT) based on Servo engine (coded in Rust) with an HTML UI and an compatibility layer to support legacy plugins from Firefox era (at least the simpler newer API). With great multi process support and rendering done on the GPU.
It would be really cool if Tor became like an open web standard that every browser supported. We would be able to freely host services with incredibly strong privacy guarantees and then work them into existing web infrastructure so that normal users can benefit from strong privacy without having any special knowledge.
Doing the same thing with Bitcoin wallets would also be a good idea, though I'd want for there to be a much better security model before that's considered ... otherwise every new browser zero-day will be the equivalent of being able to mass hack bank accounts.
I agree with this. "Tor Browser Mode" should become the default "Private browsing mode" on Firefox. It seems to me that a lot of uneducated users seem to have the idea that Incognito/Private mode does, somehow, give them more anonymity in a way other than locally.
The extra streaming traffic would probably cripple Tor exit nodes in the short run if Mozilla didn't run worldwide fast exits on their own, but it'd be a start in a good direction, IMO.
I'm sure someone will come along and tell me that "this isn't what Tor is useful for," but as far as I am concerned Tor has a PR problem. If everyone uses Tor as part of Firefox Private Browsing, a lot, lot more normal people become Tor users, not "extremists" or "dissidents" or "criminals", the headless horsemen of the anonymity apocalypse.
> if Mozilla didn't run worldwide fast exits on their own
If a huge portion of tor traffic is going through exit nodes owned by one organization and presumably deployed on a uniform consistent infrastructure, this becomes a prime target for hackers, state-sponsored or otherwise.
Tor itself is already a prime target for hackers. There are plenty of malicious exit nodes as is; as for nation-states, the cost of entry into polluting the Tor network with your own circuits to probabilistically deanonymize users is low enough as is that you'd be stupid not to do it. By the same logic, torservers.net shouldn't exist, or ipredator's massive exit.
Tor has a fair amount of relay bandwidth; Mozilla running exit nodes adds strength to where the bigger bottleneck is. There isn't a lot of personal risk in running middles or guards to the common techie; an exit node with abusive traffic can get your house raided in the United States [1] and Germany makes you responsible for traffic on your IP [2].
They have the legal and personnel resources to be able to deal with abuse complaints from bad actors, and should, for the sake of the network they support.
> It seems to me that a lot of uneducated users seem to have the idea that Incognito/Private mode does, somehow, give them more anonymity in a way other than locally.
Well, there is this "tracking protection" thing that they added in FF42 but I don't know how it works (and frankly I don't care because I'm using a tracking blocker anyway).
> It would be really cool if Tor became like an open web standard that every browser supported.
Isn't it already? My understanding is that nothing is stopping you from using the Tor service as a proxy for all your traffic. They just offer the Browser Bundle to make it dead simple for users. You could download their so-called "expert bundle" and use that to route any traffic you want.
I think parent means natively supporting tor as a protocol in the browser. Eg another "incognito mode", and native support for the onion tld. It would indeed be cool.
That's what I thought. The closest you can get to viewing onion URLs outside of Tor is a website like Tor2web[0]. The downside of these solutions is that you don't get the benefit of onion routing.
The only problem with that is limited levels of trust - e.g. if you have Tor support baked into your browser, you have to trust that the magic "Tor on" button isn't compromised.
This isn't a problem that just using Tor in an existing browser install is supposed to solve/be any better at, but it suddenly becomes an incredible target for any state actors/other large-scale entities who know they're going to want to suppress communication shortly.
True, but for casual users, simply being able to natively and transparently access .onion sites would be cool even if it didn't have the privacy of the Tor Browser Bundle.
No, backfitting a stock browser isn't going to give you high-level security. An Uber-Incognito mode, however, would be a real plus.
Far more useful: making Tor so available and ubiquitous that site operators and infrastructure providers have to address Tor usability issues. Yes, I'm looking at you specifically, Cloudflare and Craigslist.
On the site ops side, this is going to play major havok with methods typically used for mitigating site abuse (and other problems), specifically IP-based tracking. If I find a specific issue and can note that a single address or block of addresses which likely represents a single user or user-class is problematic, I can take action. If "the Internet" becomes a Tor-undifferentiated request cloud, as we've been diagramming it on zero-content slidedecks for 20 years, then that really useful tool will end its useful life (or more likely: be less useful in more cases).
But that's a hell of a good reason for coming up with other ways of establishing and enforcing good user behavior through ad-hoc, anonymous, systems-based reputation systems.
I think using Tor as it is intended to be used requires some change in user's browsing habits as well. So pulling in all the Tor specific settings into firefox won't be much help if the user then goes and signs into facebook and gmail.
They're not talking about giving Firefox a "tor mode". The Tor browser uses Firefox under the hood with a few add-on and flipped default settings. Currently, it uses a fork of Firefox with slight modifications (like the ability to disable mathml). They intend to make it so that this fork is unnecessary. The Tor browser will probably continue to be something you need to install to use.
I think some people read the title (Mozilla: “Our primary goal is to un-fork the Tor Browser”) and assumed Mozilla wants to incorporate all the Tor Browser's features. A closer look at the link should make it clear that the changes being discussed are more specific.
I've interpreted the title that way, too, but partly because it might actually make sense.
Consider this. Firefox peaked a while ago; since then, Chrome ate every other browser's lunch, and the only browser that had user share declining faster than Firefox was IE (but even so, IE still has more users). Google has the brand recognition on their side, and on top of that, they have actually made a browser that "just works" for 99% of people out there, the way Firefox never quite did.
Since contesting Chrome's market share is rather pointless, Firefox needs a niche of its own now. Integrating Tor in a seamless way would be a great opportunity to create one.
eh, the final pieces are kind of all being worked on
multiprocessing to stop freezing issues and increase response speed
a permissioned API for extensions, easier and saner full themes system (faster/easier development time for updates, and a wider range of extensions/themes as a result)
and switching critical components to a safer language)
which imo are more important for users than doing something an existing firefox fork does (like, if there was demand for firefox with seamless tor, then they would get the firefox with seamless tor today, because it already exists)
I think it'd be a pretty darn powerful addition to Private Browsing, though. Perhaps "Off the Grid" mode or some additional third level of privacy that comes with a warning about never logging into services, etc, if you truly don't want to be tracked.
This is not about integrating Tor into Firefox, rather it is about incorporating switches into Firefox for the security/privacy improvements that have been made in Tor Browser.
You can think of Tor Browser as a better Firefox that just happens to include built-in support for the Tor network. Tor Browser is security-hardened and makes numerous changes to improve privacy, such as reducing fingerprinting opportunities and attempting to isolate browser state by URL bar domain. The Design and Implementation of the Tor Browser doc [1] is an excellent read on the approach taken.
Since it is trivial to configure Tor Browser to run on the "normal internet" (not on the Tor network), there may not be much reason to run Firefox instead of Tor Browser. There is one possible reason: not all security fixes may be backported to Firefox Extended Support Releases (ESR). According to the ESR FAQ [2], only "high-risk/high-impact security vulnerabilities" will be backported to ESRs. So clearly some security vulnerabilties that are not considered by Mozilla to be high-risk/high-impact may be left unfixed in ESRs. Additionally, it seems likely that not all bugs that are security vulnerabilities will be correctly identified as such. Many exploitable bugs that can lead to code execution are often published as only stability or denial of service bugs by project maintainers - so-called "Denial of Reality" vulnerabilities [3]. I think this is what Daniel Veditz is alluding to when he says "Mozilla leadership has already decided to help Tor move toward being able to build off a Release Firefox rather than an ESR--it's safer for our users."
So in that sense, it is great news that Mozilla is working to make it easier for Tor Browser to be based on top of Release Firefox instead of an ESR. Even if all Tor Browser patches make it in to Firefox, I imagine it will be a good deal of work to get out-of-the-box Firefox to behave like Tor Browser. And given that every six weeks, Firefox may have new features that present new attack surface, or enables new fingerprinting opportunities, it still seems like a safer bet to have Tor Browser devs vet each release, rather than constantly try to stay on top of what switches need to be flipped.
Personally I will continue to trust Tor Project to ship a browser that is configured for strong security and privacy out-of-the-box.
Anyone able to provide commentary on who's who in the comment linked to. Seems like if this was an official effort one of the two parties would have posted an announcement.
agreed. this is the biggest news a privacy advocate could ever want. How do Google and Microsoft compete? They've pretty much set on a path of VPN'ing everyone over Tor by default.
Perhaps it's too much to ask if they'd do the same for i2pbrowser?
I wouldn't even need to use nation state in this context. If there's an actual human in the dark net, someone is monitoring something there, for example, the price of an exploit.
I mean, I think it's a cool idea, but I kind of hope not. Firefox is the only browser that seems to consistently be able to play video at my work, because of aggressive firewalls. If they enable tor by default, it's pretty much guaranteed that it'll be uninstalled from all company machines.
You're misunderstanding, the intention is to integrate any privacy-related change made by the Tor Browser, but in a configurable way via `about:config` under the `privacy.*` namespace.
Firefox should allow you to disable any privacy-concerning feature out-of-the-box, it shouldn't be needed to maintain a separate fork to achieve better privacy.
This is not to bring Tor into Firefox. Tor has been using an older, forked version of Firefox. This would go back to using the mainline version of Firefox.
It does not mean making Firefox into the Tor Browser.
It's a great way to make the efforts of both teams available to both groups of users. I'm very glad this effort is happening!