Skip Navigation
Firefox @lemmy.world
DeadNinja @lemmy.world

ELI5 for Firefox : Difference between sandbox / site isolation / total cookie protection / first party isolation / multi account container

Basically what the title says. As far as tech knowledge goes, I am probably a 3.5 or 4 out of 10. Hence the ELI5 request.

I am a Firefox browser user, both in my Android phone as well as Windows device - for the same reason as many others ditched Chrome and chose FF (degoogle and all).

Recently I came to know about Fission being offered in FF nightly. It is said that site isolation with fission is far from ready, and this is probably one of the areas where chromium beats it. I read somewhere that FF fission uses multiple processes to separate sites, but they are not really "isolated processes".

All these is surely not making me less confused about how exactly sandboxing/fission/FPI/TCP differ as far as Firefox is considered, so thought of asking this here.

Posting this in the ELI5 community might've been more "correct", but my question being specifically around Firefox, I thought the chances of getting a better answer is higher here.

Apologies if not, and thanks in advance.

3 comments
    • Sandbox a general computer security term for a limited area that untrusted code can operate in. Essentially, think of an unruly kid -- it's allowed to play in its sandbox and could make a big mess there, but it shouldn't be able to mess up the rest of your house if it's only allowed to play in the sandbox.
    • Site Isolation According to this post from 2021 on Mozilla's blog, "Site Isolation" is the term they picked for loading different websites in different OS processes. As an ELI5... maybe think of it like moving from sites being in the computer equivalent of neighboring apartments to being in different buildings? IRL, you're supposed to have a certain amount of privacy and security in your apartment but there's limits because of the physical construction... A half decade or so ago, people figured out that you can do the equivalent of sticking your ear against the wall to try to hear what people were saying in the apartment next door; it's more challenging to do that if you're in the digital equivalent of a different building...
    • Total Cookie Protection Metaphorically speaking, websites can tape a name tag ("cookie") to your jacket without you noticing. That includes not just the direct operator of the site (who use cookies like that to keep you logged in) but also other people like advertisers on the site. In the old way of handling cookies, whoever stuck that name tag on your jacket can read it, so advertisers could figure out the equivalent of "Oh that's Bob -- he just went to Walmart, and then the bank, and now he's at a swap meet looking at used manga." if they were advertising on all those sites. "Total Cookie Protection" as Mozilla calls it is basically changing your jacket for each place you visit. Bob has a jacket for Walmart, a jacket for the bank, and a jacket for the swap meet. The advertiser can tell if Bob's been to those places before -- the metaphorical name tags are still on each one -- but doesn't know it's the same Bob who was just at the bank since he changed his jacket.
    • First Party Isolation seems to be an older name for a similar idea brought back into Firefox from Tor Browser. "Total Cookie Protection" seems to be Mozilla's marketing of it when they enabled it by default, as far as I understand it? (There may be other features of it that I don't understand though.)
    • Multi Account Container Going back to my name tag and jacket metaphor again, this is a feature that lets you have essentially multiple jackets for the same place that you can choose between. You can have your work clothes and your personal clothes and pick which is appropriate for the situation, metaphorically speaking. Particularly useful if you have multiple webmail/social media/whatever accounts from the same provider and want to stay logged in to all of them.