fbpx
The Stack Archive

Firefox’s Containers help to fence off your private life

Fri 17 Jun 2016

Editorial I’m currently engaged in a couple of support threads on social sites, including Facebook, in an attempt to find out why contacts and information in the work and social spheres of my life are mysteriously bleeding into each other. Facebook has recently provided ‘friend recommendations’ to me of a large number of people who I have only ever interacted with in a completely different context, and at different large networking sites – and who I have never contacted or even searched for on Facebook.

The recommendations are uncannily accurate – there’s not a bad guess in there. The only problem is that I did not give this information to Facebook.

It’s a privacy issue also for those people who turned up in the recommendations list, since even the small panels in which they appeared provided me with more information about them than they had volunteered to me before.

The problem is tracking, of course – supercookies, canvas fingerprinting and other techniques which are able to accomplish what cross-domain policy was designed, at the internet’s most fundamental level, to impede from happening. It occurred to me about 15 years ago that multiple cookie/data profiles was one of the most important ‘missing features’ in the web browser market, since it would allow a user to develop private, social and working profiles for voracious data miners to at least separately exploit, and avoid this kind of ‘bleed’.

Over the last ten years all major browsers have implemented private browsing mode, which neither uses existing cookies nor saves any cookies beyond the private session; but, finally, one of them is beginning to bake in this rather more robust and sustainable functionality that I wanted all those years ago.

Mozilla Firefox is introducing a Containers feature that allows users to maintain separate ‘Contextual Identities’ in four categories – personal, work, banking and shopping – four separate user profiles designed to prevent cross-over. Hopefully future implementations will allow for customisable extra profiles as well. And hopefully the other major browsers will join Mozilla in claiming this vital functionality back from the plugin and add-on sphere.

The lowest bidder

When he saw our recent story about Singapore’s government unhooking from the internet next year, a friend of mine who is a sci-fi fan said ‘Galactica’. The early 2000s reboot of the classic U.S. TV show depicted a society so ravaged by IP-based invasions that all networks had been abolished as potentially disastrous points of vulnerability. It’s a fanciful notion that seems to be gaining currency in the real world.

We’ve said before at The Stack that Singapore is positioning itself as a technological hot-bed for projects which may eventually interest the west, but which have privacy implications that would be much harder to trial there – and the government network shutdown is an interesting case-in-point.

The reason something as apparently Luddite as unplugging civil infrastructure needs a vanguard trial is economic: both the U.S. and the UK have adopted a ‘cloud first’ policy in the years since the collapse of 2008, largely spurred on by the prospect of cost savings. But the price of abandoning bespoke data centres (and a more-than-chequered history of custom-built government IT projects) is exposure. It may be too high a price in a period of extraordinarily frequent data breach scandals, and a climate where WikiLeaks, Anonymous and other hacking consortia are so determined to set information free, and so good at it.

And, of course, I’m referring to breaches not subject to the OSA or other national injunctions. The ones that we know about are adequately chilling.

Apart from the way that general network exposure puts government data at higher statistical risk of breach, the competitive provisioning and determination to set multiple private-sector providers against each other for budgetary reasons arguably leaves large-scale government cloud networks with many, many more potential points of failure than its more cloistered pre-cloud arrangements.

It’s a configuration best summed up in the classic quote from astronaut John Glenn, regarding his feelings at launch: “I felt exactly how you would feel if you were getting ready to launch and knew you were sitting on top of two million parts – all built by the lowest bidder on a government contract.”

Tags:

Editorial security
Send us a correction about this article Send us a news tip