Functionality
Once installed and enabled, Lightbeam records all tracking cookies saved on the user's computer through the Firefox browser by the various sites that the user visits. [3] It differentiates between "behavioural" tracking cookies (those which record specific actions on a site) and other tracking cookies. [4] [5] At any time during a browsing session the user can open a separate tab, using the "Show Lightbeam" option of Tools, to display a graph of sites visited and cookies placed. This will show when a given cookie is used by multiple sites, thus enabling those sites to track the user from site to site. Lightbeam will also allow the user to see which advertisers or other third parties are connected to which cookies, and thus can develop information about the user's browsing from site to site. [4] [5]
Mozilla emphasizes that it displays its data in real time. [3] [5]
According to Mozilla, all data collected by Lightbeam is stored locally, and is not shared with anyone, unless the user intentionally exports the data and shares it manually. [4] [5] Future versions may include provisions to reject or delete tracking cookies as well as monitoring them. [4]
Reactions
Writing for ExtremeTech , Sebastian Anthony found the tracking connections revealed by Collusion to be "quite astonishing". [8] He went on to say that: "Now, you can either use Collusion to shock and appall yourself, or you can use it to show friends and family just how rampant behavioral tracking is. Once your mother sees that no less than five companies track her behavior when she visits MSNBC.com, and six when she visits FoxNews.com, she might be a little more cautious." [8]
"Ms Smith" finds the results of Collusion to be "jaw dropping". [5]
Stephen C. Webster, writing for The Raw Story wrote of the information provided by Collusion: "While it doesn’t sound all that creepy, just wait until you see your own graph. A brief test-run by Raw Story revealed that after clicking a number of popular websites — like Comedy Central, Netflix, Hulu, the Conan O’Brien show, Amazon, The New York Times and others — more than three dozen organizations were tracking our movements across multiple websites." [9]
A web browser is an application for accessing websites. When a user requests a web page from a particular website, the browser retrieves its files from a web server and then displays the page on the user's screen. Browsers are used on a range of devices, including desktops, laptops, tablets, and smartphones. In 2020, an estimated 4.9 billion people have used a browser. The most used browser is Google Chrome, with a 65% global market share on all devices, followed by Safari with 18%.
Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements current and anticipated web standards. In November 2017, Firefox began incorporating new technology under the code name "Quantum" to promote parallelism and a more intuitive user interface. Firefox is available for Windows 7 or later versions, macOS, and Linux. Its unofficial ports are available for various Unix and Unix-like operating systems, including FreeBSD, OpenBSD, NetBSD, illumos, and Solaris Unix. It is also available for Android and iOS. However, as with all other iOS web browsers, the iOS version uses the WebKit layout engine instead of Gecko due to platform requirements. An optimized version is also available on the Amazon Fire TV as one of the two main browsers available with Amazon's Silk Browser.
Internet privacy involves the right or mandate of personal privacy concerning the storage, re-purposing, provision to third parties, and display of information pertaining to oneself via the Internet. Internet privacy is a subset of data privacy. Privacy concerns have been articulated from the beginnings of large-scale computer sharing and especially relate to mass surveillance enabled by the emergence of computer technologies.
Add-on is the Mozilla term for software modules that can be added to the Firefox web browser and related applications. Mozilla hosts them on its official add-on website.
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic and also the mobile app traffic & events, currently as a platform inside the Google Marketing Platform brand. Google launched the service in November 2005 after acquiring Urchin.
NoScript is a free and open-source extension for Firefox- and Chromium-based web browsers, written and maintained by Giorgio Maone, an Italian software developer and member of the Mozilla Security Group.
HTTP cookies are small blocks of data created by a web server while a user is browsing a website and placed on the user's computer or other device by the user's web browser. Cookies are placed on the device used to access a website, and more than one cookie may be placed on a user's device during a session.
A local shared object (LSO), commonly called a Flash cookie, is a piece of data that websites that use Adobe Flash may store on a user's computer. Local shared objects have been used by all versions of Flash Player since version 6.
WOT Services is the developer of MyWOT, an online reputation and Internet safety service which shows indicators of trust about existing websites. The confidence level is based both on user ratings and on third-party malware, phishing, scam and spam blacklists. The service also provides crowdsourced reviews, about to what extent websites are trustworthy, and respect user privacy, vendor reliability and child safety.
Mozilla Firefox 4 is a version of the Firefox web browser, released on March 22, 2011. The first beta was made available on July 6, 2010; Release Candidate 2 was released on March 18, 2011. It was codenamed Tumucumaque, and was Firefox's last large release cycle. The Mozilla team planned smaller and quicker releases following other browser vendors. The primary goals for this version included improvements in performance, standards support, and user interface.
Private browsing is a privacy feature in some web browsers. When operating in such a mode, the browser creates a temporary session that is isolated from the browser's main session and user data. Browsing history is not saved, and local data associated with the session, such as Cookies, Web cache, are cleared when the session is closed. These modes are designed primarily to prevent data and history associated with a particular browsing session from persisting on the device, or being discovered by another user of the same device.
Clickjacking is a malicious technique of tricking a user into clicking on something different from what the user perceives, thus potentially revealing confidential information or allowing others to take control of their computer while clicking on seemingly innocuous objects, including web pages.
Web Slices are a web feed technology based on the hAtom Microformat that allows users to subscribe to portions of a web page. Microsoft developed the Web Slice format, and published a specification under their Open Specification Promise. The specification is not published by any independent standards body. Introduced in Internet Explorer 8 Beta 1, Web Slices can be previewed in a fly-out window. As of 2012,, Internet Explorer 8 and 9 were the only browsers to support Web Slices natively, although Mozilla Firefox had support via an add-on called webchunks.
Web tracking is the practice by which operators of websites and third parties collect, store and share information about visitors’ activities on the World Wide Web. Analysis of a user's behaviour may be used to provide content that enables the operator to infer their preferences and may be of interest to various parties, such as advertisers. Web tracking can be part of visitor management.
Firesheep was an extension for the Firefox web browser that used a packet sniffer to intercept unencrypted session cookies from websites such as Facebook and Twitter. The plugin eavesdropped on Wi-Fi communications, listening for session cookies. When it detected a session cookie, the tool used this cookie to obtain the identity belonging to that session. The collected identities (victims) are displayed in a side bar in Firefox. By clicking on a victim's name, the victim's session is taken over by the attacker.
Do Not Track (DNT) is a formerly official HTTP header field, designed to allow internet users to opt-out of tracking by websites—which includes the collection of data regarding a user's activity across multiple distinct contexts, and the retention, use, or sharing of data derived from that activity outside the context in which it occurred.
Content Security Policy (CSP) is a computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context. It is a Candidate Recommendation of the W3C working group on Web Application Security, widely supported by modern web browsers. CSP provides a standard method for website owners to declare approved origins of content that browsers should be allowed to load on that website—covered types are JavaScript, CSS, HTML frames, web workers, fonts, images, embeddable objects such as Java applets, ActiveX, audio and video files, and other HTML5 features.
Firefox was created by Dave Hyatt and Blake Ross as an experimental branch of the Mozilla browser, first released as Firefox 1.0 on November 9, 2004. Starting with version 5.0, a rapid release cycle was put into effect, resulting in a new major version release every six weeks. This was gradually accelerated further in late 2019, so that new major releases occur on four-week cycles starting in 2020.
Browser security is the application of Internet security to web browsers in order to protect networked data and computer systems from breaches of privacy or malware. Security exploits of browsers often use JavaScript, sometimes with cross-site scripting (XSS) with a secondary payload using Adobe Flash. Security exploits can also take advantage of vulnerabilities that are commonly exploited in all browsers.
Gary Kovacs is a San Francisco Bay Area technologist. He was the chief executive officer of AVG Technologies. Kovacs has worked for Mozilla Corporation, Adobe, SAP, and IBM, and led Zi Corporation, a mobile text messaging company.
