mullvad-browser icon indicating copy to clipboard operation
mullvad-browser copied to clipboard
verified publisher icon mullvad

Possibility of vertical tabs

Open Oregano1963 opened this issue 9 months ago • 9 comments

Firefox recently added the option to have vertical tabs. Would it be possible to have this feature in MB without risking fingerprinting through screen size or something similar?

Vertical tabs are a pretty popular browser feature currently and should definitely be considered.

Oregano1963 avatar Mar 22 '25 23:03 Oregano1963

MB (and Tor Browser) are based on the Firefox ESR release (currently 128) - so we won't be getting any of that (sidebar, vertical tabs) until we move to ESR140 - https://whattrainisitnow.com/calendar/ - around about mid September - we move to ESR140 in alpha when it comes out but stable has to wait until the EOL (end of life).

During the alpha phase we need to do audits (on a years worth of changes), including the effect of sidebar and vertical tabs - hence the delay. At this stage we (and by we I mean me because we haven't discussed it in depth) have issues with them, as they both (FYI @PieroV ) interfere with newwin (our new window sizing algorithm ), but maybe that can be mitigated.

Thorin-Oakenpants avatar Mar 23 '25 05:03 Thorin-Oakenpants

Newwin is a mess. I deliberately didn't want to do a bigger resize to exclude the siderbar from the initial width. However, if it isn't that big, we can evaluate it. In any case, letterboxing is the still the best way to protect from size fingerprinting.

PieroV avatar Mar 23 '25 09:03 PieroV

I put it in the Icebox, as it depends on the feature reaching Firefox ESR first.

ruihildt avatar Mar 25 '25 10:03 ruihildt

Good to know it's being considered. Was afraid it'd be impossible.

Oregano1963 avatar Mar 27 '25 20:03 Oregano1963

Image

I was talking to someone about this the other day and took this screenshot - so this is my FF which runs RFP and letterboxing (my startup size is modified to be 1600x900). I resized it to 200px exactly and it looks swish - especially when all the kinks are ironed out and it gets expand on hover working. I didn't play with it any more. Not sure if it's something I would use myself, but I get it.

The issue here is that regardless of being pixel perfect for LBing, it's going to at best split user's inner/outer windows fingerprint: where users used to always be 1400px will be 1200px or even 1000px. So instead of most users falling into 7 or 8 common newwin sizes, we could make things worse with it now becoming 15 or more = not great. We already doubled possible newwin size buckets about 2 years ago (we made the default wider by 2 steps and reduced the height by 1 step: so double)

And those without LBing are just going to a real mess because we try to control the newwin size to be pixel perfect so it's 200s x 100s, but this would just destroy that little bit of fallback protection as the sidebar could be any pixel width

I can see pros and cons: needs discussion. One thing we are doing is to split off screen and available screen protections, so these would be spared: still based on inner but stepped as fullHD, 4k, 8k (a lot of scripts don't bother with getting inner sizes), and outer isn't affected either because all it would reveal is the chrome dimensions as a constant.

tl;dr: it will likely get disabled and put on the backburner until we can deal with it: which would be years away IMO. It's not going to be high priority to do, but it is high FPing entropy so would be blocked - my 2cents prediction

Thorin-Oakenpants avatar Mar 27 '25 23:03 Thorin-Oakenpants

you

Was afraid it'd be impossible.

me

It's not going to be high priority to do, but it is high FPing entropy so would be blocked - my 2cents prediction

"blocked" is a bit strong here - most likely we will remove the UI (probably behind some existing pref as it is being rolled out, so default off but we wouldn't lock it) and users could go into about config and turn it back on - we just wouldn't recommend or endorse it: same as everything else in about:config

Thorin-Oakenpants avatar Mar 27 '25 23:03 Thorin-Oakenpants

In 15 we'll have the screen size spoofing, which might help (until fingerprinters start using inner size).

PieroV avatar Mar 31 '25 07:03 PieroV

In 15 we'll have the screen size spoofing, which might help (until fingerprinters start using inner size).

https://github.com/mullvad/mullvad-browser/issues/431#issuecomment-2759837960

One thing we are doing is to split off screen and available screen protections, so these would be spared: still based on inner but stepped as fullHD, 4k, 8k (a lot of scripts don't bother with getting inner sizes), and outer isn't affected either because all it would reveal is the chrome dimensions as a constant

Thorin-Oakenpants avatar Mar 31 '25 15:03 Thorin-Oakenpants

FYI: https://bugzilla.mozilla.org/show_bug.cgi?id=1948457

  • Window rounding fingerprinting protection no longer works with vertical tabs enabled, all windows created maximized

I haven't tested, there's also something else with skeleton and early blank window

Thorin-Oakenpants avatar Mar 31 '25 15:03 Thorin-Oakenpants

Hey :) Now ESR is being rolled out as I'm writing, do we have update if vertical tabs / lateral bar will be enabled (even if optional by twisting about:config)?

hopeugetherpes avatar Sep 16 '25 21:09 hopeugetherpes