Information Security, Top News

Firefox makes it easy to banish push notifications

The latest version of Firefox, version 59, contains a setting designed to let users control the bane of intrusive push notification requests.

In the unlikely event Firefox users have forgotten, these are the small dialogue boxes that pop up on many websites offering users three options: “always receive notifications”, “always block notifications” or “not now”.

(In Chrome, the same request is made as “allow or “block”.)

There’s nothing wrong with these requests per se – they can be extremely useful when using webmail or social media – the problem is the sheer number that multiplied after Firefox version 44 embedded the W3C’s Push API two years ago.

The ability to control them was quietly buried in Firefox’s about:config panel at some point, but this can now be turned on by ticking the box marked “Block new requests asking to allow notifications”, accessed through Tools > Options > Permissions.

Once enabled, the only way to allow a push notification from a site is to allowlist it manually while bearing in mind the warning that “blocking notifications may break some website features.”

So much for notifications but what about the long-running struggle against intrusive in-page pop-ups?

The best example of this are marketing pop-ups that ask users whether they want to “subscribe to xyz’s newsletter”, which usually activate after users have been on a web page for a few minutes, and must be manually closed.

All browsers offer basic pop-up control, which in Firefox is enabled by ticking the box marked “block pop-up Windows” in Options > Permissions.

Unfortunately, this only controls pop ups that open automatically. Publishers game this system by waiting for the user to interact with the page, which makes it difficult for the pop-up blocking system to work out whether pop-ups were activated intentionally or not.

Or, to put it less politely, browser pop-up blocking works quite well except for all the important occasions when it doesn’t.

Mozilla hasn’t given up on finding a global solution to this problem and wants users to submit examples of these ads to help the company with pop-up blocking 2.0.

Mozilla’s Ehsan Akhgari:

Are you tired of seeing in-page popups like this? We’re experimenting with a popup blocker to dismiss them automatically, and we’re curating a dataset for it.

It’s not clear when this feature might turn up in Firefox, but when it does it’s a certainty publishers will look for new ways to get around it.

Two final security tweaks: as promised some weeks back, Firefox 59 also now plugs leaky referrers (aka cross-site tracking) in Private Browsing Mode, and from Firefox 62 onwards websites won’t be able to access the legacy APIs for proximity and ambient light unless you turn them on.


Source : Naked Security

Previous ArticleNext Article
Founder and Editor-in-Chief of 'Professional Hackers India'. Technology Evangelist, Security Analyst, Cyber Security Expert, PHP Developer and Part time hacker.

Send this to a friend