Mozilla recently launched Firefox 22 in beta mode. One of the most controversial features that was supposed to be built into the browser was a default third-party cookie blocking software. This feature was aimed at preventing cross-website tracking of browser users with cookies not originating from the websites that users visit. This feature will still be available in the next Firefox released, but will be turned off by default. The next Firefox release is expected to arrive in June.
What is a cookie?
A cookie is a piece of data that is sent from a website and is stored in a user’s web browser as they look through a website. When the user visits the same website in the future, the data that is stored in a cookie can be retrieved by the website to notify the website of the user’s previous activity. This is how websites are able to monitor which of their visitors are returning versus which ones are unique. Cookies were originally created to be a mechanism for websites to remember the state of the website or activity that the user took in the past like logging in or clicking on certain buttons. Many cookies have short lifespans, some of them can exist permanently unless a user opts to have them deleted. Websites can use cookie data to gather analytical information about a user as a way to target specific ads based on their identity or web visit history.
Why the delay?
Mozilla CTO Brendan Eich said that the reason for the delay is because there are still issues that need to be resolved in the way that the feature avoids both “false positives” and “false negatives.” One of the false positives is that websites that use CDNs can be negatively affected. Eich gave this situation as an example: say that you visit a website called foo.com, which embeds cookie-setting content from a website that is called foocdn.com. Firefox sets cookies from foo.com because you visited the website, but it blocks the cookies from foocdn.com because you never visited foocdn.com even though the websites belong to the same company. The false negative: just because you visit a website once, it does not mean that you are okay with that website tracking you all over the Internet on unrelated websites. This situation includes a chance that you clicked on an ad by accident or a website that you trust directly setting third-party cookies that you do not want.