Enhanced Tracking Protection inquiry.
Hello,I'm wondering whether there's a difference between having Enhanced Tracking Protection on on Strict and Custom with the settings for Custom being:
- Cookies All cross-site cookies (may cause websites to break)
- Tracking content In all windows
- Cryptominers
and
- Fingerprinters.
Réiteach roghnaithe
Brian said
Hello,I'm wondering whether there's a difference between having Enhanced Tracking Protection on on Strict and Custom with the settings for Custom being:and
- Cookies All cross-site cookies (may cause websites to break)
- Tracking content In all windows
- Cryptominers
- Fingerprinters.
It sounds like you have one difference from Strict, which is related to cookies.
Both Standard and Strict now implement Total Cookie Protection, which can cause problems on sites using multiple servers with non-matching addresses. (You can make individual site exceptions to tracking protection for banks and other affected sites, or you can use Custom to roll back Total Cookie Protection.)
On the Settings/Preferences page, the description is overly abbreviated. In Standard and Strict mode, cross-site (or "third party") cookies are isolated meaning, for example, that I have different Amazon cookies for each site that has embedded Amazon ads. Amazon shouldn't be able to link my travels across the web because I have a different Amazon identifier on each site. But cookies are still set so every time I go back to a site, Amazon can remember what it showed me before on that site. With that in mind, this would be a more accurate description:
The option "All cross-site cookies" is the new wording for "All third party cookies" which is different than isolating cookies. Instead of isolated third party cookies, you have zero third party cookies. But the benefit of the extra blocking, in my opinion, is outweighed by the additional site breakage.
With all that in mind, the second option is the equivalent of Strict:
There is a way to more directly manipulate your cookie setting (or research how the Preferences page changes things under the covers):
(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.
More info on about:config: Configuration Editor for Firefox. The moderators would like us to remind you that changes made through this back door aren't fully supported and aren't guaranteed to continue working in the future.
(2) In the search box in the page, type or paste network.cookie.cookieBehavior and pause while the list is filtered
- network.cookie.cookieBehavior is for regular windows
- network.cookie.cookieBehavior.pbmode allows you to be more restrictive for private windows if you like without affecting regular windows
The relevant values are:
- 4 => "Cross-site tracking cookies"
- 5 => "Cross-site tracking cookies, and isolate other cross-site cookies" [default]
- 3 => "Cookies from unvisited websites" (an old Safari feature that blocks third party cookies if you have not visited that site directly)
- 1 => "All cross-site cookies"
- 2 => "All cookies"
You can observe these values being set as you make changes on the Preferences page. You also can edit the value directly by double-clicking it to open an editing field and type the new value.
Read this answer in context 👍 1All Replies (5)
Hello,
Having Enhanced Tracking Protection enabled on either Strict or Custom mode can provide a significant improvement in privacy and security while browsing the web. Let's compare the two options and their settings:
Strict Mode:
Cookies: Blocks all cross-site cookies, which can help prevent websites from tracking your browsing activity. Tracking content: Blocks tracking content in all windows, preventing various tracking mechanisms from monitoring your online behavior. Cryptominers: Blocks the execution of cryptomining scripts, which can significantly reduce the strain on your computer's resources and protect against malicious mining. Fingerprinters: Blocks techniques used to uniquely identify your device, making it more difficult for websites to create a profile of your browsing habits. Custom Mode:
Cookies: By selecting "All cross-site cookies (may cause websites to break)," you can block most cross-site cookies, which helps enhance privacy while potentially impacting the functionality of certain websites. Tracking content: By choosing "In all windows," tracking content will be blocked in all browsing sessions, providing a consistent level of protection across your browsing activities. Cryptominers: This setting remains the same as in Strict mode, blocking the execution of cryptomining scripts. Fingerprinters: This setting also remains the same as in Strict mode, blocking fingerprinting techniques.
I suggest that users generally opt for Strict mode to maximize privacy and security. However, if they are willing to accept potential website compatibility issues, they can customize the settings based on their preferences and risk tolerance.
Please feel free to provide this information to the user and address any further questions or concerns they may have.
Best regards, Suram Firefox Support Volunteer
Hm,so I'm not sure,is there a difference between the stuff I mentioned there or not?
Réiteach Roghnaithe
Brian said
Hello,I'm wondering whether there's a difference between having Enhanced Tracking Protection on on Strict and Custom with the settings for Custom being:and
- Cookies All cross-site cookies (may cause websites to break)
- Tracking content In all windows
- Cryptominers
- Fingerprinters.
It sounds like you have one difference from Strict, which is related to cookies.
Both Standard and Strict now implement Total Cookie Protection, which can cause problems on sites using multiple servers with non-matching addresses. (You can make individual site exceptions to tracking protection for banks and other affected sites, or you can use Custom to roll back Total Cookie Protection.)
On the Settings/Preferences page, the description is overly abbreviated. In Standard and Strict mode, cross-site (or "third party") cookies are isolated meaning, for example, that I have different Amazon cookies for each site that has embedded Amazon ads. Amazon shouldn't be able to link my travels across the web because I have a different Amazon identifier on each site. But cookies are still set so every time I go back to a site, Amazon can remember what it showed me before on that site. With that in mind, this would be a more accurate description:
The option "All cross-site cookies" is the new wording for "All third party cookies" which is different than isolating cookies. Instead of isolated third party cookies, you have zero third party cookies. But the benefit of the extra blocking, in my opinion, is outweighed by the additional site breakage.
With all that in mind, the second option is the equivalent of Strict:
There is a way to more directly manipulate your cookie setting (or research how the Preferences page changes things under the covers):
(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.
More info on about:config: Configuration Editor for Firefox. The moderators would like us to remind you that changes made through this back door aren't fully supported and aren't guaranteed to continue working in the future.
(2) In the search box in the page, type or paste network.cookie.cookieBehavior and pause while the list is filtered
- network.cookie.cookieBehavior is for regular windows
- network.cookie.cookieBehavior.pbmode allows you to be more restrictive for private windows if you like without affecting regular windows
The relevant values are:
- 4 => "Cross-site tracking cookies"
- 5 => "Cross-site tracking cookies, and isolate other cross-site cookies" [default]
- 3 => "Cookies from unvisited websites" (an old Safari feature that blocks third party cookies if you have not visited that site directly)
- 1 => "All cross-site cookies"
- 2 => "All cookies"
You can observe these values being set as you make changes on the Preferences page. You also can edit the value directly by double-clicking it to open an editing field and type the new value.
Interesting,thank you so much for the help regarding that!!!^_^
jscher2000 - Support Volunteer said
But the benefit of the extra blocking, in my opinion, is outweighed by the additional site breakage.
By the way,it doesn't seem to break sites,I don't think I've ever seen it break sites,I think.