Firefox VPN (Private Network) – Why It’s NOT The Most SecureMozilla is now offering a browser-based proxy which they are calling Firefox Private Network. Despite the name, this browser proxy is not a VPN (virtual private network). Unlike Firefox Private Network, a true VPN will offer complete encryption for all traffic on your operating system. While Firefox Private Network only works within the browser, it still offers more security than no proxy.
For basic users who don’t mind the limitations of a browser proxy, this Firefox VPN extension may not be a bad idea. More serious users, however, may want to consider other options offering more security and online anonymity. Here are some of the drawbacks I found when testing and researching Firefox Private Network:
- Browser-only encryption: Only traffic through the Firefox browser is getting encrypted. All traffic outside of your Firefox browser remains exposed.
- Cloudflare: All traffic is being routed through Cloudflare, which has partnered with Mozilla to offer this service.
- US jurisdiction: Being based in the US, Cloudflare, Mozilla, and your data are all subject to US laws and data requests. This makes Cloudflare a target for US authorities demanding access to data, along with gag orders forbidding disclosure – like we’ve seen before with Lavabit and Riseup.
- Data collection (logs): When your traffic passes through Cloudflare servers, Cloudflare will be logging your IP address and the sites you visit. Mozilla is also recording technical, interaction, and registration data.
- No location selection: Unlike other browser-based proxies, Firefox Private Network (VPN) does not offer any location selection.
What is a Firefox VPN and how does it work?A Firefox VPN can mean different things to different people:
- Many people are calling Firefox Private Network a “VPN” – but it’s not really a VPN and we’ll explain why below.
- Others are simply looking to use a VPN with Firefox – or what some call a “Firefox VPN”. There are different options for doing this that we’ll discuss later.
What is Firefox Private Network?Firefox Private Network is a browser-based proxy that was officially launched in September 2019. Here are some key points from Mozilla’s announcement:
- Firefox Private Network is currently in beta (testing)
- It is only available for people in the United States. (But you can easily spoof a US IP address by connecting to a VPN server in the US.)
- Mobile versions of Firefox do not support this feature – just desktop Firefox.
Firefox Private Network and CloudflareThe organization behind Firefox Private Network is Mozilla. Here at Net Todays we’re fans of Mozilla, which is increasingly offering products and services for privacy-conscious users. Firefox is currently our top recommendation in the secure browser guide. (See also the Firefox privacy guide for custom tweaks and setup options.) To offer Firefox Private Network, Mozilla has teamed up with Cloudflare, one of the world’s largest CDN operators. The partnership with Cloudflare has both pros and cons. On a positive note, Cloudflare has a massive network of servers that can offer great performance for Firefox users who activate the Private Network feature. There are also some drawbacks with using Cloudflare.
US jurisdictionThe United States has proven to be a very bad jurisdiction for privacy-focused servers. Examples of this can be seen with:
- Lavabit being forced to hand over encryption keys to give US authorities complete access to user data. Rather than comply, Lavabit was forced to shut down.
- Riseup, a VPN and email service based in Seattle, also received legal demands for access to customer data, as well as gag orders preventing any kind of disclosure.
Technical data. Firefox sends Mozilla data about your device, operating system, version, and a unique identifier that Mozilla connects to your Firefox Account. Interaction data. Mozilla receives data about when you install Firefox Private Network, when you use the service, and engagement with our surveys and Firefox. Registration data. This service requires a Firefox Account, which sends Mozilla your email address, locale, and IP address. Learn more about Firefox Account data practices.There is more information about Mozilla telemetry data collection here. While I understand this product is geared more toward a general audience that may be less privacy-conscious, I do not like how Cloudflare is logging usage data (the sites you visit).
Firefox Private Network testingFirefox Private Network is very easy to start using, but you need to be on a desktop version of Firefox with a US source IP address for access. This brings up a confirmation window discussing permissions and the data collection: At this point, to actually use Firefox Private Network, you’ll need to create an account with Firefox. To create a Firefox account, you’ll need to provide a valid email address, confirm your email, and create a password. This will be linked up to your “unique identifier” that we covered earlier. Once you do this, you can sign in through the browser extension and start using it. To activate the “Firefox VPN” you simply need to toggle the switch and you should be connected in a few seconds to a nearby Cloudflare server. As you can see above, there is no ability to select the proxy location you’ll be using. It’s only On or Off.
Is the Firefox VPN fast?In running some basic tests, I found Firefox Private Network to be fast. But this is not surprising given that:
- It’s a lightweight proxy extension using HTTPS encryption.
- It’s running on Cloudflare infrastructure, a large global CDN network with high-bandwidth capacity.
VPN for Firefox: different optionsAside from Firefox’s VPN browser extension project, there are some other options available.
1. Free proxy extensions (generally not recommended)In the “free” category we see dozens of free VPN extensions that proxy traffic through the browser. However, these dubious free services are often data collection tools in disguise. The risks and dangers are the same as using free VPN services. There are many malicious free browser extensions, so this category should probably be avoided.
2. Paid Firefox VPN proxy extensionsAnother Firefox secure proxy extension I’ve tested (and liked) is the one from VPN.ac (a paid VPN service based in Romania). The VPN.ac browser extension also uses the same HTTPS (proxy) encryption as before, but it gives you access to a large selection of servers around the world. There are other good VPN services that offer proxy browser extensions. NordVPN is one such option (based in Panama). Note: VPN.ac and NordVPN offer standard VPN clients for your operating system, in addition to browser proxy extensions.
3. VPN client running on your operating systemLastly, you can always run a VPN client (app) on your operating system. This will route all traffic through the VPN server, including everything in Firefox (and any other browser/app). Given our discussion of Cloudflare’s extensive logging policy, there are a handful of no logs VPN services that have been verified either through audits or other external events. Unlike with Cloudflare, none of the VPNs recommended on Net Todays collect usage data (the websites you visit). And lastly, good VPNs are also not free (if something is free, you may just be the product).
Who should use Firefox Private Network?In their official announcement, Mozilla highlighted three “key features” of Firefox Private Network:
- Protection when in public WiFi access points
- Internet Protocol (IP) addresses are hidden so it’s harder to track you
- Toggle the switch on at any time.
- Those who do not want their browsing activity being collected and logged by Cloudflare.
- Anyone wanting a VPN in a safe privacy jurisdiction (outside of the 5/9/14 Eyes countries).
- Users who want the ability to select which location they route their traffic through.
- Anyone who wants traffic on their entire operating system encrypted (rather than just through Firefox browser).