Mozilla has told BleepingComputer that they will be enabling the tracking feature called hyperlink auditing, or Pings, by default in Firefox. There is no timeline for when this feature will be enabled, but it will be done when their implementation is complete.
For those not familiar with hyperlink auditing, it is a HTML feature that allows web sites to track link clicks by adding the "ping=" attribute to HTML links. When these links are clicked, in addition to navigating to the linked to page, the browser will also connect to the page listed in the ping= attribute, which can then be used to record the click.
You can see an example of what a hyperlink auditing, or ping, HTML link looks like below. This would render a link to www.google.com, but would cause your browser to connect to www.bleepingcomputer.com/pong.php so that the click can be recorded.
When these links are displayed on the page, they will appear as a normal link and if a user clicks on it, there is no indication that a connection is being made to a different page as well.
Privacy risk?
Earlier this month, we covered how Google Chrome, Opera, Microsoft Edge, and Safari enabled hyperlink auditing pings by default. While some browsers currently enable you to disable this feature, all of the mentioned browsers will no longer allow users to do so in the future.
For some users, any tracking method, including hyperlink auditing, is seen a privacy risk and that they should always have the ability to disable it if they wish.
For this reason, when it was shown that Firefox and Brave do not enable this feature by default and did not appear to be doing so in the future, people praised the browser's decision.
Furthermore, a recent report has shown that hyperlink auditing pings have been used by attackers to perform DDoS attacks on web sites.
Mozilla feels it's a performance improvement
While some users feel this feature is a privacy risk, browsers developers feel that trackers are going to track, so you might as well offer a solution that provides better performance.
In a post by Apple, the WebKit developers explain that hyperlink auditing pings are a performance improvement because unlike other tracking methods, they do not block or delay the navigation to the requested site.
"Just turning off the Ping attribute or the Beacon API doesn’t solve the privacy implications of link click analytics. Instead, it creates an incentive for websites to adopt tracking techniques that hurt the user experience. In effect, the choice between supporting Ping and not is not one of privacy, rather it is a choice between a good user experience and a bad one."
After reading Apple's post, I contacted Mozilla to see if they agreed with the views expressed in the WebKit article.
Mozilla told BleepingComputer via email that they agreed with Apple's views on hyperlink auditing. Furthermore, they stated that the only reason it is not currently enabled by default in Firefox is because their implementation is not ready.
"We agree that enabling the hyperlink ping attribute that is commonly used for hyperlink auditing isn’t a question of privacy but a matter of improving the user experience by giving websites a better way to implement hyperlink auditing without the performance downsides of the other existing methods listed in the webkit.org blog post. In fact, we already support the sendBeacon API and the reason we don’t yet enable the hyperlink ping attribute is that our implementation of this feature isn’t yet complete."
When we asked if they felt that users should at least be given the ability to disable the feature if they wish, Mozilla stated that they did not believe it would have any "meaningful improvement" to a user's privacy.
"We don’t believe that offering an option to disable this feature alone will have any meaningful improvement in the user privacy, since website can (and often already do) detect the various supported mechanisms for hyperlink auditing in each browser and disabling the more user friendly mechanisms will cause them to fall back to the less user friendly ones, without actually disabling the hyperlink auditing functionality itself."
Brave states it will continue to block this feature
After Mozilla's response, we also contacted Brave Software to ask if they had any plans to enable hyperlink auditing in their browser.
"Disabling hyperlink auditing is a crucial privacy feature, and Brave has always disabled this by default," Catherine Corre, Head of Communications at Brave Software, told BleepingComputer via email. "Brave users expect this protection from our browser."
Comments
Sheuk - 4 years ago
But why do they need this function? I use both Firefox and Chrome, but in fact Firefox works well (maybe better) despite Pings disabled while Chrome enable it.
kraghavk - 4 years ago
None of the browsers need this function; but almost all public facing websites that do not get paid directly by the users (think all the social media, news, shopping sites etc.) need it for their monetization. So the argument being made here is that if the browsers do not provide a way for these sites to track user-clicks, then they will come up with their own non-standard ways of achieving it. To achieve that, they will certainly end up employing tons of unnecessary scripts or page redirects before the final content the user is seeking is made available, thereby deteriorating the user experience. So, all the browser vendors seem to now agree that it is better to provide this function as a standardized API.
While I agree with this logic (to some extent), there is always the danger of user-tracking now becoming normalized and accepted because of this. What that acceptance could eventually lead to is the real question.
forum11 - 4 years ago
"...there is always the danger of user-tracking now becoming normalized and accepted because of this. What that acceptance could eventually lead to is the real question."
Exactly. Although I think we're well into that normalization and acceptance in both the current technology and societal arenas. There are a lot of claw back movements that need to take place.
forum11 - 4 years ago
Mozilla strikes again! It's usually too good to be true when I think they are choosing the altruistic path and start receiving end-user praise.
Defaults aside, all of this should be configurable. If a user disables any number of hyperlink auditing mechanisms they should get to experience the visited site's performance sucking methods in the name of tenacious tracking efforts. If a site doesn't perform well it will hurt the site, but only if a large enough user base experiences it and either complains or simply stops visiting.
If Mozilla really cared about the user experience they could offer a built-in 'slow site analysis' or 'site performance' tool (not to be confused with their existing developer tools) to help end-users understand what elements are offenders and weight them based on the likelihood of being more tracker than valid content. This is the type of report that a user focused web browser in this age should be able to generate with a click/tap or two.
lolasdad - 4 years ago
I can't wait for someone to do, with appreciation, the work as i call it "spyware" for this to be turned off. This is not needed and is why people turn to firefox.
i am not a spy, nor doing anything i want on the internet.
NO BIG BROTHER.
if firefox wants to write a book about me, they need my permission!!!
GCG1000 - 4 years ago
Hmm, the moz://a site states that Firefox provides "Private Browsing with Tracking Protection" . So, does this mean that "Private Browsing" is a way to avoid "Hyperlink Ping Tracking By Default"? I'm trying: https://addons.mozilla.org/en-US/firefox/addon/api-killer-beacon/ , as a precaution. Moz can dump "the improved user experience" line, this is a revenue issue, at the expense of our (browser's) privacy choices
SuperSapien64 - 4 years ago
Another reason to use Ublock Origin and or Privacy Badger.
allstock - 4 years ago
Just "about config" it off. Simple as that.
Totally agree with the monetization Kraghvak mentioned.
What do you think win 10 is?
Lawrence Abrams - 4 years ago
Except in the future you will not be able to about:config it off.
Dominique1 - 4 years ago
"But it's for your own good!"
Yeah! Right! Time to flush firefox!