Security Experts:

Connect with us

Hi, what are you looking for?



Firefox Cracks Down on Supercookies to Improve User Privacy

Mozilla this week announced further improvements to user privacy in Firefox, through the isolation of network connections and caches, thus essentially cracking down on supercookies.

Mozilla this week announced further improvements to user privacy in Firefox, through the isolation of network connections and caches, thus essentially cracking down on supercookies.

Used instead of ordinary cookies, supercookies collect information about users’ Internet browsing habits, are difficult to detect and block, and are often abused to follow users around the web. Trackers may store supercookies in Flash storage, ETags, and HSTS flags, to make them difficult to remove.

For years, browser makers have been looking for ways to improve user privacy, and Mozilla now says it has found a solution to ensure that users won’t be easily tracked cross-site: isolation.

Specifically, Firefox 85 is arriving with an updated network architecture, where network connections and caches are isolated to the website being visited.

“Trackers can abuse caches to create supercookies and can use connection identifiers to track users. But by isolating caches and network connections to the website they were created on, we make them useless for cross-site tracking,” Mozilla says.

[ RELATED: Google Details Chrome Cookie Replacement Plan ]

Firefox 85, Mozilla argues, should make cache-based supercookies largely useless, as it aims to prevent trackers from using these supercookies across websites.

Firefox relies on cache to reduce overhead, sharing some internal resources between websites, such as images, and reusing a single network connection for the loading of resources that come from the same party, even if they are embedded on multiple websites.

Trackers abuse these shared resources to create supercookies, through identifiers encoded in cached images, which are then retrieved on all websites on which the same images are embedded.

“To prevent this possibility, Firefox 85 uses a different image cache for every website a user visits. That means we still load cached images when a user revisits the same site, but we don’t share those caches across sites,” Mozilla says.

[ PREVIOUSLY: Mozilla Boosts Security in Firefox With HTTPS-Only ]

To prevent trackers from abusing caches to create supercookies, Firefox 85 isolates a range of caches by the top-level site: Alt-Svc cache, DNS cache, font cache, favicon cache, HSTS cache, HTTP Authentication cache, HTTP cache, image cache, OCSP cache, style sheet cache, and TLS certificate cache.

Furthermore, the browser aims to prevent connection-based tracking through partitioning preconnect, prefetch, pooled, and speculative connections, along with TLS session identifiers.

“This partitioning applies to all third-party resources embedded on a website, regardless of whether Firefox considers that resource to have loaded from a tracking domain,” Mozilla explains, adding that the changes will have a very low impact on page load time.

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Protection

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.