Mozilla is testing a new feature in pre-release versions of its Firefox browser that enable users to employ multiple personas or identities in different contexts at the same time. The feature, known as Containers, is designed to help users separate their various personal, work, and other online activities.
The new feature is currently in the Nightly build of Firefox 50, and it gives users the ability to open separate tabs in multiple different contexts. Containers are an attempt to address one of the more difficult problems in online identity: sectioning off different aspects of a user’s online activities. Many people use the same computer and browser for work and personal activities, and keeping those identities and information separate is notoriously difficult. Companies have tries various approaches over time, including Microsoft’s online ID card concept.
Mozilla’s new effort is not an entirely new construction. The concept of different online identities for different activities has been around for many years, but implementing it in a way that’s easy for people to use has proven to be quite difficult. Mozilla’s interpretation of the idea involves separate Containers for each different context in which the user is browsing.
“With Containers, we attempt to improve privacy while still minimizing breakage.”
“Each context has a fully segregated cookie jar, meaning that the cookies, indexeddb, localStorage, and cache that sites have access to in the Work Container are completely different than they are in the Personal Container. That means that the user can login to their work twitter account on twitter.com in their Work Container and also login to their personal twitter on twitter.com in their Personal Container,” Tanvi Vyas, a security engineer at Mozilla, said in a blog post introducing the feature.
“The user can use both mail accounts in side-by-side tabs simultaneously. The user won’t need to use multiple browsers, an account switcher, or constantly log in and out to switch between accounts on the same domain.”
To users, the change won’t have a major effect on normal browsing behavior. They can browse in their own default context and when they want to switch Containers, simply go to the File menu and select the option to open a new Container tab. The Containers feature will segregate any data that a site has the ability to read or write. When a user loads two separate sites in separate containers, the data from those sites are kept separate and neither site can read the other’s data.
“Assume the user then opens a Shopping Container and opens the History menu option to look for a recently visited site. example.com will still appear in the user’s history, even though they did not visit example.com in the Shopping Container. This is because the site doesn’t have access to the user’s locally stored History. We only segregate data that a site has access to, not data that the user has access to. The Containers feature was designed for a single user who has the need to portray themselves to the web in different ways depending on the context in which they are operating,” Vyas said.
Right now, the Containers feature is only on the Nightly Firefox build and Mozilla is using it as a way to collect users’ feedback. The company also is planning a Test Pilot release of it in a few months. However, Vyas said that there are no plans for Containers to be included in Firefox 50 when it moves to the next stage, which is the Aurora/Developer edition. While the Containers feature offers users an extra layer of privacy and security, Vyas warns that it is not a cure-all and comes with some limitations.
“The first is that all requests by your browser still have the same IP address, user agent, OS, etc. Hence, fingerprinting is still a concern. Containers are meant to help you separate your identities and reduce naive tracking by things like cookies. But more sophisticated trackers can still use your fingerprint to identify your device,” Vyas said.
“The Containers feature is not meant to replace the Tor Browser, which tries to minimize your fingerprint as much as possible, sometimes at the expense of site functionality. With Containers, we attempt to improve privacy while still minimizing breakage.”