FF eliminated "ask me every time"

General discussion about web technology.
Post Reply
User avatar
glnz
Posts: 18
Joined: Sat Sep 04, 2010 12:43 pm

FF eliminated "ask me every time"

Post by glnz » Sun Feb 21, 2016 2:01 pm

Giorgio - Mozilla has eliminated "ask me every time" in FF 44. And Mozilla didn't tell anyone.

I don't understand this. "Ask me every time" and NoScript are the No. 1, 2, 3, ... 100 top reasons for using FF.

Can you create an "ask me every time" add-on?

Can you call your buddies at Mozilla and ask them if they've gone out of their minds?

Giorgio - HELP !!!
Mozilla/5.0 (Windows NT 5.1; rv:44.0) Gecko/20100101 Firefox/44.0

barbaz
Senior Member
Posts: 9147
Joined: Sat Aug 03, 2013 5:45 pm

Re: FF eliminated "ask me every time" - Giorgio, HELP!

Post by barbaz » Sun Feb 21, 2016 5:09 pm

I was just going to move this to Web Tech since it's not related to NoScript, and leave it at that, but after seeing how you tried to spammed your message at mozillaZine I'm seriously considering binning this. The mention of Giorgio from the topic title is removed, he is too busy to handle this.
(link to the only mozillaZine post they didn't split/lock: http://forums.mozillazine.org/viewtopic.php?f=7&t=2987945&p=14517605#p14517605)

Downgrading Firefox is an option here. (Correct me if I'm wrong, but it seems to me that this "Ask me every time" cookies feature is more important to you than publicly known vulnerabilities...)
You can also switch to Firefox ESR 38 and stick with that forever.


I don't know why you're make such a big deal of this anyway. More than 99% of the Web works completely fine with 3rd-party cookies switched off... and the one time I've seen a "Ask [cookies] every time" option at work, there were so many different cookies that the browser had to be force-quit after more than 5 minutes of asking/selecting what to do about cookies (and even at that it wasn't done asking!). Removing this option from Firefox only makes sense.
*Always* check the changelogs BEFORE updating that important software!
-

User avatar
glnz
Posts: 18
Joined: Sat Sep 04, 2010 12:43 pm

Re: FF eliminated "ask me every time"

Post by glnz » Mon Feb 22, 2016 2:06 am

barbaz - if you feel so negatively, then many of us who used "ask me every time" continuously are sunk.

It worked for ALL incoming cookies, not just third-party cookies. It let us see, in real time, what was coming in and whether to Allow or Deny, temporarily or permanently, immediately. Over short periods of time it let all of us build good lists of Allow or Deny, so our favorite websites worked beautifully and without being hit with unwanted cookies.

Your negative experience is NOT shared.

"Ask me every time" was our very good introduction to browser security, and NoScript was the next step.

How can you, of all people, be so oblivious to this? I thought you might reach out to your favorite folks at Mozilla and ask them what is going on.
Mozilla/5.0 (Windows NT 5.1; rv:44.0) Gecko/20100101 Firefox/44.0

barbaz
Senior Member
Posts: 9147
Joined: Sat Aug 03, 2013 5:45 pm

Re: FF eliminated "ask me every time"

Post by barbaz » Mon Feb 22, 2016 2:27 am

What is there to gain with this other than a false sense of control?
Allowing/denying individual cookies does not have any effect on security.
As for privacy, you don't gain anything that you wouldn't get with, say, outright blocking 3rd-party cookies. And, if your browser makes a request to a server, note that right there you're already sending so much identifying information that cookies are largely insignificant. If they want to track you, they'll still track you regardless of whether you choose to allow or deny cookies.

If you want REAL control, use an ad blocker and configure it to be a tracking-blocker. Adblock Plus is an example of a configurable ad blocker. Just outright block the sites/URLs that you don't want setting cookies.
Finer-grained control than that achieves nothing worthwhile.

glnz wrote:Your negative experience is NOT shared.

Maybe not by you, but that doesn't mean not at all. This stuff is a footgun even for power users.

glnz wrote:How can you, of all people, be so oblivious to this?

And a self-proclaimed "total noob" who still connects Windows XP to the Internet, is less oblivious how exactly? Image

glnz wrote:I thought you might reach out to your favorite folks at Mozilla and ask them what is going on.

As if I not only think Mozilla makes sane decisions in general, but that I also have some special affiliation with Mozilla despite some of the comments I've been known to make :roll:

Let's face it, there are plenty of times where Mozilla doesn't care about input from anyone other than some core group of people.
*Always* check the changelogs BEFORE updating that important software!
-

User avatar
Thrawn
Senior Member
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:

Re: FF eliminated "ask me every time"

Post by Thrawn » Mon Feb 22, 2016 4:11 am

@glnz: I personally am a big fan of Self-Destructing Cookies. You might want to take a look. It's the most practical way that I know of to keep an almost-empty cookie jar.

It gives you a new and more aggressive cookie policy: delete as soon as you close the associated tab(s). You can override it for specific sites via the built-in cookie settings; any site that is specifically set to block/allow/session will be ignored by SDC. And it can automatically block third-party tracking cookies, too.
Last edited by barbaz on Mon Feb 22, 2016 4:16 am, edited 1 time in total.
Reason: fix typo :)
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:44.0) Gecko/20100101 Firefox/44.0

User avatar
glnz
Posts: 18
Joined: Sat Sep 04, 2010 12:43 pm

Re: FF eliminated "ask me every time"

Post by glnz » Mon Feb 22, 2016 1:01 pm

barbaz - just for the record:

1) I use NoScript, AdBlock Plus, Disconnect, Better Privacy and HTTPS Everywhere on all my FF browsers. "Ask me every time" was another -- but very important -- tool, and very easy to use.
2) My XP machine still has my email, and I've been keeping it updated with the POS Embedded hack and additional tips from the great folks at MSFN. I do not do any banking or similar on it. (I'm typing now on a Win 7 Pro 64-bit machine. That machine also dual-boots Win 10 and I'm thinking I should move everything from the XP to the 10 instead of to the 7.)

As to "ask me every time", please see the technically relevant comment at http://www.ghacks.net/2016/02/05/firefox-44ask-me-everytime-cookie-option-removed/#comment-3819357

Giorgio and you are five-star -- make that ten-star -- heroes for all FF users. You two can get Mozilla to reconsider. I wish you would try.
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0

User avatar
Giorgio Maone
Site Admin
Posts: 8697
Joined: Wed Mar 18, 2009 11:22 pm
Location: Palermo - Italy
Contact:

Re: FF eliminated "ask me every time"

Post by Giorgio Maone » Mon Feb 22, 2016 2:31 pm

glnz wrote:Giorgio and you are five-star -- make that ten-star -- heroes for all FF users. You two can get Mozilla to reconsider. I wish you would try.

Thank you for your kind words, but as barbaz said I've got unfortunately much bigger fishes to fry, very busy making the new WebExtensions API, which is meant to replace current add-on development technologies, powerful enough to support NoScript, FlashGot and "advanced" add-ons in general.
In the meanwhile, is there really no other add-on among all these which can replace the lost functionality, or even improve upon it?
Mozilla/5.0 (Windows NT 10.0; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0

barbaz
Senior Member
Posts: 9147
Joined: Sat Aug 03, 2013 5:45 pm

Re: FF eliminated "ask me every time"

Post by barbaz » Mon Feb 22, 2016 5:55 pm

glnz wrote:1) I use NoScript, AdBlock Plus, Disconnect, Better Privacy and HTTPS Everywhere on all my FF browsers.

Nice Image That combination will keep you safe.
offtopic: I think Disconnect can be redundant with ABP & Better Privacy. It's also known for causing weird issues and conflicts.

glnz wrote:"Ask me every time" was another -- but very important -- tool, and very easy to use.

You still haven't really explained why it's important to you. I'm only seeing vague thinking and misconceptions.

glnz wrote:2) My XP machine still has my email, and I've been keeping it updated with the POS Embedded hack and additional tips from the great folks at MSFN. I do not do any banking or similar on it. (I'm typing now on a Win 7 Pro 64-bit machine. That machine also dual-boots Win 10 and I'm thinking I should move everything from the XP to the 10 instead of to the 7.)

Oh, I didn't realize that there were MSFN patches for XP. (I'm not a Windows user.)
I would suggest you don't put anything on Windows 10 for which you need any privacy of any sort. Windows 10 is likely the most secure Windows OS atm, but unless you use the Enterprise version, it's forced trackingware. (And remember to not share bandwidth for Windows 10 updates.)

glnz wrote:As to "ask me every time", please see the technically relevant comment at http://www.ghacks.net/2016/02/05/firefox-44ask-me-everytime-cookie-option-removed/#comment-3819357

Interesting that sites are able to wormk-around "Ask every time" cookies options. Notice what the article says Mozilla suggested to do? ;)

Let's put it this way: You're the monarch of a castle, would you rather have your guards guarding the castle entrance, or in your throne room constantly asking you whether you want to let people (or groups of people) in? You're choosing the latter, yet not realizing 1) if no one is there to guard the entrance, some people will just walk in unsolicited, and 2) if people make it inside your throne room they can get to you in some way regardless of the guards.

Giorgio Maone wrote:
glnz wrote:Giorgio and you are five-star -- make that ten-star -- heroes for all FF users.

Thank you for your kind words,

+1 :)
*Always* check the changelogs BEFORE updating that important software!
-

Post Reply