Mozilla Experiments with Adding a Paid VPN to Firefox
Mozilla has announced plans to begin an experiment offering a built-in VPN feature in Firefox. The experiment started on Monday, October 22, and will only affect a small number of users of the English-language version of Firefox 62 in the United States. Randomly selected participants will have a system add-on installed, allowing them to connect to websites through an encrypted VPN.
Access to the VPN will be available exclusively as a paid service (about $10 per month), and Mozilla plans to use this revenue as one of its monetization sources.
How the VPN Service Works
The service will be provided through the commercial VPN provider ProtonVPN. Mozilla chose ProtonVPN because it offers a high level of connection security: traffic is encrypted with AES-256, key exchange is based on 2048-bit RSA keys and HMAC, authentication uses SHA-256, and there is protection against attacks based on data stream correlation. ProtonVPN does not keep logs or store user information, and its main goal is to enhance security and privacy on the web.
Mixed Reactions to ProtonVPN
ProtonVPN has received mixed reviews. On one hand, it is proprietary software, and last month a vulnerability was discovered in the Windows client that allowed users to elevate their privileges to administrator. This vulnerability was caused by improper interaction between the non-privileged GUI client and the system service. On the other hand, ProtonVPN is developed alongside the well-regarded ProtonMail service, which was founded by former CERN employees to counteract online data surveillance. The company’s servers are located only in Switzerland, Iceland, and Sweden—countries with strict privacy laws that prevent intelligence agencies from accessing user information.
Update: The official announcement of the Mozilla and ProtonVPN partnership has been published.