Firefox will allow you to access sites under multiple accounts at the same time.

Each container inside Firefox has its own set of cookies, indexedDB, localStorage and cache

^{Work on Twitter at the same time working and personal accounts. Photo: Mozilla}

It is rumored that on some sites some users write simultaneously under multiple accounts. They allegedly leave the same type of comments under different nicknames. Poker players and other online games complain that rivals play as if together, as if agreeing to bust the victim.

True or not, the experimental build of the browser Firefox Nightly has just implemented a technology that greatly simplifies simultaneous work under several accounts. Now you don’t have to start several virtual machines or open several browsers: isolation of environments is implemented directly between the tabs!

Mozilla developers yesterday unveiled a new Contextual Identities feature for the Firefox 50 Nightly browser.
')
Formally, the isolation of environments (containers) in Firefox is designed so that the user can easily separate their accounts in several areas. For example, personal, work, financial, shopping. Accordingly, opening a new tab, the user immediately selects from which container it will work.



The idea of ​​developers is that people can protect their confidential data if they work on the same sites from different containers. That is, in the history of search queries for work should not appear confidential data that are relevant to the personal life of the person.

Theoretically, such isolation of profiles increases the security of information. For example, all financial data and profiles are stored in a “bank” container. Thus, when visiting a questionable site from a personal container, financial information will not leak through a possible XSS or CSRF attack. Additional insulation here does not hurt.

Each container inside Firefox has its own set of cookies, its own indexedDB, localStorage and cache, its own history of surfing, etc. It turns out that if the site is open on the tab from the working container, then it will not be able to access the cookies from the personal container. On the other hand, different tabs from the personal container will use the same cookies, cache, and local databases.



By default, new tabs in Firefox Nightly open as usual, that is, as “common” containers. To get an isolated environment, the user must manually open a tab inside an additional container. There are several ways to create a tab in the new container, including through the menu File - New Container Tab . Now developers are thinking of adding some more ways to open a new tab inside the container, for example, by long pressing the “+” key on the keyboard.

Personal, Work, Banking, Shopping containers are currently available. Each of them is marked with its own color: blue, orange, green and pink, respectively, so as not to accidentally confuse. The corresponding color bar is placed above the tab pointer.



For simultaneous work under multiple accounts, it is also convenient to have a separate IP address (separate VPN) for each container, so that the site would not guess that multiple users belong to the same person. Perhaps in future versions of Firefox implement such a function, it would be a logical continuation of the idea of ​​containers Firefox.

Containers are, in a way, a cross between normal and private surfing modes in Firefox. As you know, in Private Mode, when you exit the browser or close a tab, all cookies, history and cache are completely erased, so that each time the work starts from scratch.

It should be borne in mind that some sites prohibit the establishment of multiple accounts. For example, this is indirectly prohibited in the “Habrahabra” rules (revised May 16, 2016).

Here is a list of what should not be done on the resource.

Create virtuals . It is always nice to talk with an intelligent person, but you should not create additional accounts for this and wind up your karma and votes for publications.

As usual, the Mozilla organization first tests any experimental technology in Firefox Nightly, and then, based on user feedback, modifies them, fixes errors, and very often brings them to a stable version of the browser.

In this case, a wide public discussion is expected, because authorization on sites with multiple accounts from one browser has been discussed for a long time: see the discussion in the 2010 Mozilla blog and the 2013 article for the IEEE Technical Committee on Security and Protection of Confidential Data, again from Mozilla representatives.

There are several problems to be solved, including determining how clearly and reliably users distinguish containers from each other, whether they are not confused. Another question is how to resolve situations when a user confused contexts and logged into an account from another container, should the “rollback” function of the database and cookies be implemented in order to correct the error? In principle, user data has already flowed away, so that such a rollback only gives a false sense of security, perhaps it does not need to be implemented.

The third question is whether the browser should prompt the user in which context, that is, in which container it is better to transfer a new tab and a specific site so that users do not have to do all the work of managing containers on their own? If the browser is supposed to help, what heuristics should be used to do this work?

Mozilla hopes for help and community tips in discussing these issues.

Your opinion about containers can now be expressed by filling out a short form .

If everything goes according to plan, Contextual Identities containers could appear in a stable version of Firefox 50, which is scheduled for release in the fall of 2016 . But the developers believe that the containers should be further tested. In the next version of Aurora / DevEdition 50, containers will not be enabled by default. In the fall of 2016 a more detailed study on volunteers on the program Test Pilot is planned.

In any case, the containers can always be turned off. Now in Firefox Nightly this is done in about:config via the privacy.userContext.enabled setting (you need to set it to false ).

Mozilla hopes that the new feature will be useful to people who have previously had to run a second browser or several virtual machines. Now they have no reason to go out of your favorite Firefox.



It should be borne in mind that the sites still have the opportunity to identify individual users who use different accounts. For this purpose, fingerprinting techniques are used, that is, a system fingerprint is compiled using a combination of several characteristics: OS version, browser user-agent, set of installed fonts, IP address and many others. Recently, sites began to use more advanced techniques to track users: Canvas fingerprinting , through the Audio API , by identifying the real IP address via WebRTC Local IP , through the Canvas-Font list of installed fonts. The best effect is the combination of all these methods. These links list sites from the most popular sites on the Internet, where the corresponding hidden fingerprinting scripts work.

So for more reliable anonymous work, it is better to go to sites through the network of anonymizers using the Tor browser . It is also advisable to use the operating system Tails , which is initially configured for safe work on the Internet. It is this Linux distribution that Edward Snowden used to use.