Firefox 67 to Introduce Script Blocker for Cryptomining and Fingerprinting

Mozilla developers are considering adding code to Firefox 67 that will block JavaScript inserts used for cryptocurrency mining, as well as counteract user tracking through browser fingerprinting techniques. Currently, a prototype interface for managing these blocking features is under discussion. For example, several new options are proposed to be added to the settings menu to enable these new blocking modes.

Manual Activation via about:config

For manual activation, the following settings are available in about:config:

• privacy.trackingprotection.cryptomining.enabled
• privacy.trackingprotection.fingerprinting.enabled

You will be able to check the blocking status for the current site through the “(i)” menu, which will also provide access to more detailed information about which specific code was blocked.

How the Blocking Works

The blocking will be implemented using additional categories in the Disconnect.me blocklist, which includes hosts known to use miners and fingerprinting code. Cryptocurrency mining code is typically injected into websites as a result of hacks or is used on questionable sites as a monetization method, leading to a significant increase in CPU load on the user’s system.

What Is Browser Fingerprinting?

Browser fingerprinting refers to storing identifiers in areas not intended for persistent data storage (“supercookies”), as well as generating identifiers based on indirect data such as:

• Screen resolution
• List of supported MIME types
• Specific parameters in headers (HTTP/2 and HTTPS)
• Analysis of installed plugins and fonts
• Availability of certain Web APIs
• Graphics card-specific rendering features using WebGL and Canvas
• CSS manipulations
• Analysis of mouse and keyboard behavior