Yesterday, Mozilla announced the return of the Firefox Test Pilot program for beta testing its upcoming products. One of them is the Firefox Private Network VPN service (or a proxy, to be exact) in the form of a browser extension, which you can also test before it goes public.
It’s not the first time that Mozilla is dealing with the cybersecurity field. In 2018, they partnered with Proton VPN, offering to buy the service directly from your browser screen.
It’s also not the first company to add an extension to its browser. Opera VPN has been a built-in feature since 2016, but its Chinese ownership, extensive logging, and poor server coverage didn’t help to gain users’ trust.
A focus on privacy
Ironically, while VPNs are often used to circumvent geo-blocking, Firefox Private Network beta extension is currently available to desktop users in the US only. This means that if you’re from another location, you’ll need a VPN to test the one from Mozilla.
On the other hand, Firefox Private Network is not focusing on removing geo-blocks. This service is more about privacy, just like the majority of Test Pilot projects. Therefore Mozilla aims at securing and encrypting public wifi connections and hiding your IP address from websites and ad trackers first and foremost.
Firefox Private Network privacy policy
A full-fledged VPN service or not, it requires servers. For this matter, Mozilla partnered Cloudfare, an American web infrastructure, and website security company. Subsequently, this raises a question about the logging policies of this trusted partner.
Cloudfare Privacy Notice
Here’s what we found in Cloudfare’s Privacy Notice:
- Cloudflare only observes a limited amount of data about the HTTP/HTTPS requests that are sent to the Cloudflare proxy
- Cloudflare will observe your IP address, destination IP address, source port, destination port, timestamp and a token provided by Mozilla that indicates that you are a Firefox Private Network user
- If you connect using an unencrypted HTTP protocol, Cloudfare will not log this data
- Cloudflare may not use any of the data it processes except to improve the performance of the service and to assist in debugging
- All data is saved for 24 hours
Apart from the 24-hour storage time, all seems more or less OK. However, further reading shows that a lot depends on Mozilla policies as well:
- Cloudflare will not sell, license, sublicense, or grant any rights to your data to any other person or entity without Mozilla’s explicit written permission
Firefox Private Network Privacy Notice
What we’ve read on Cloudfare’s website made us look into Mozilla’s legal wordings as well. Here’s what they’ll be collecting:
- Data about your device, operating system, version, and a unique identifier that Mozilla connects to your Firefox Account
- Data about when you install Firefox Private Network when you use the service, and engagement with our surveys and Firefox
- This service requires a Firefox Account, which sends Mozilla your email address, locale, and IP address
To sum up, you’ll be giving away quite a lot to Mozilla and Cloudfare to use the Private Network. But what you’ll get in return is still to be seen. One thing is sure – if it will be paid, it has to be darn good.
Firefox Private Network features
As of now, Mozilla hasn’t given us much about the possible benefits of using Firefox Private Network. Here are all three key features:
- Protection when in public wifi access points. You never know who may be connected to the same wifi network – some of them might be trying to monitor your web traffic for sensitive information, such as passwords or credit card numbers.
- Hiding your real IP address. This helps against advertising networks and other third parties tracking your browsing history.
- Toggling the ON/OFF switch at any time. Last but not least, this feature gives you the power of choosing when to shield yourself and when to live dangerously.
How Firefox Private Network works
Being a simple browser extension, Firefox Private Network is easy to download and install. The only extra step is signing in with your Firefox account.
After that, you’ll see a new icon on the right side of your address bar, showing whether the extension is on, off, or requires your attention due to a connection or login issue.
What’s more, you can set your Firefox account to sync add-ons to have Private Network available on any desktop that you use.
The limits of proxy servers
Just like the rest of proxy servers, Firefox Private Network is susceptible to the same woes. First and foremost, it protects only your browser traffic, which in itself has some exceptions. Your browser uses different protocols to communicate with the websites you’re visiting, but a proxy will protect only the TCP (Transmission Control Protocol) part. This means that some activities, such as your video conferences on Google Hangouts or Facebook Messenger won’t be encrypted.
Naturally, a browser extension won’t be able to protect any traffic that goes through other apps, such as torrenting clients. That’s only possible with a VPN that encrypts all your network traffic. You can learn more about the difference between the proxies and the VPNs.
While Firefox Private Network is not a full-fledged VPN service but a browser extension, that doesn’t mean Mozilla is planning to stop there. The renewed Test Pilot program is different from its predecessor as it allows testers to feel out the products and services that may be outside the Firefox browser. So while a browser extension usually comes after the VPN, who’s to say it can’t be vice versa?
When Firefox Private Network will be launched
Mozilla didn’t give a precise date when Firefox Private Network will be publicly available. But based on the information on their website, it will be at least a few months before the closed beta testing finishes. Optimistically, we may see a public beta before the New Year.
Is Mozilla Firefox Private Network free?
Firefox Private Network is free for the moment, and there were no specific talks about pricing. But Mozilla didn’t say that the service will be free forever either. Also, there wouldn’t be much point in restricting closed beta to users in the US only if there were no plans to offer a product targeted to this market in a nearby future.
Chances are they will charge for a premium version, but it shouldn’t be a significant sum if they’re really not into helping their users avoid geo-blocking and other internet restrictions.
