Today’s release of Total Cookie Protection is the result of experimentation and feature testing, first in ETP Strict Mode and Private Browsing windows, then in Firefox Focus earlier this year. We’re now making it a default feature for all Firefox desktop users worldwide.

  • X_Cli
    link
    fedilink
    arrow-up
    3
    ·
    3 years ago

    I don’t understand the difference with First Party Isolation. Maybe I missed a key point while reading the article. Did you get it? If so, can you explain it to me?

    • jokeyrhymeOP
      link
      fedilink
      arrow-up
      4
      ·
      3 years ago

      Okay, I could be wrong about this, but …

      My understanding is that from e.g. Facebook’s perspective, they previously would be able to see that you visited a newspaper website, and then a food delivery website, and then a furniture review website (assuming all of these websites had Facebook like/share/login buttons somewhere, and even if you never click these Facebook buttons)

      But, with Total Cookie Protection, from Facebook’s perspective, they know someone visited the newspaper website, and they know someone (maybe someone else) visited the food delivery website, and they know someone (maybe yet another person) visited the furniture review website: they can’t connect the dots

      However, the above example assumes that you aren’t logged in to Facebook

      I’m actually not sure how this would be different if you were logged in to Facebook

      Or, what if you actually did want to use the Facebook login on all of these websites? I suppose from Facebook’s perspective you have 3x different computers? And in terms of user experience, you have to log in to Facebook 3x times?

      • X_Cli
        link
        fedilink
        arrow-up
        2
        ·
        3 years ago

        Thank you for your reply. What you described looks a lot like First Party Isolation: https://www.ctrl.blog/entry/firefox-fpi.html I don’t see how this is different, save for the fact that Total Cookie Protection (TCP… never seen this acronym before lol) does less than FPI.

        • groceansong
          link
          fedilink
          arrow-up
          3
          ·
          3 years ago

          FWIW, Total Cookie Protection was previously called Dynamic First Party Isolation and it is indeed one of the FPIs.

          The name is mentioned in the Firefox Security Newsletter as follows:

          Usability and Tracking Protection: Firefox 96 also shipped improved Service Worker isolation as part of our work towards Total Cookie Protection (formerly known as Dynamic First Party Isolation).

          • X_Cli
            link
            fedilink
            arrow-up
            1
            ·
            3 years ago

            Thank you for the clarification 👍🙏