| ▲ | Mozilla to launch free built-in VPN in upcoming Firefox 149(cyberinsider.com) |
| 122 points by adrianwaj 6 hours ago | 68 comments |
| |
|
| ▲ | userbinator 5 hours ago | parent | next [-] |
| As a Firefox user: if I want a VPN I'll use an actual VPN. Focus on making a great browser, and not all this distraction. Also, "free": "If you're not paying for it, you're the product being sold" |
| |
| ▲ | nl 3 hours ago | parent | next [-] | | > "If you're not paying for it, you're the product being sold" This is such a un-nuanced take. In this case Firefox's route-to-market is the product. It's a distribution channel where some people who receive the free version will upgrade. Free tiers for products where some will pay to upgrade seems like a reasonable compromise, but it does depend on how the deal is structured. If Mullvad pays Firefox for the free users then Firefox's incentives are aligned with its users. If Mullvad pays per conversion then it's a different story. | | |
| ▲ | Springtime 2 hours ago | parent | next [-] | | I doubt Mullvad would be doing this if they weren't getting compensated given they've always said (even right now[1]) they don't offer a free tier since they don't believe it makes sense. The other aspect is I expect it would stain the IP pool further. VPN IPs often end up on various blacklists due to abuse and introducing a wave of free users would only make it worse for paying customers. [1] https://mullvad.net/en/pricing > Why no free plan? "Free" services nearly always come at some cost, whether that be the time you spend watching an intro ad, the collection of your data, or by limiting the functionality of the service. We don't operate that way – at all. | |
| ▲ | darkwater an hour ago | parent | prev [-] | | "Firefox’s free VPN won’t be using Mullvad’s infra though; it’s hosted on Mozilla servers around the world (if beta testing of the feature done in late 2025 tracks)." From OMG Ubuntu |
| |
| ▲ | piperswe 5 hours ago | parent | prev | next [-] | | Mozilla only makes the integration between the browser and the VPN, not the VPN network itself - Mozilla VPN is white label Mullvad. | | | |
| ▲ | aurareturn 2 hours ago | parent | prev | next [-] | | Also, "free": "If you're not paying for it, you're the product being sold"
HN is "free" too. :) | | | |
| ▲ | sunaookami 34 minutes ago | parent | prev | next [-] | | Do you live in 2010? Whether you pay for a service or not is irrelevant to selling your data nowadays. | |
| ▲ | crummy 4 hours ago | parent | prev | next [-] | | > "If you're not paying for it, you're the product being sold" This must apply to Firefox itself, right? | | |
| ▲ | chii 4 hours ago | parent [-] | | of course it does. Why do you think google buys the rights to firefox's search bar (as a default setting)? | | |
| ▲ | echoangle 2 hours ago | parent | next [-] | | Don’t they buy the search bar to have another competitor and not get forced to give away chrome for antitrust reasons? I don’t think they care about the search bar THAT much, it’s basically a donation right? | | |
| ▲ | chii 2 hours ago | parent [-] | | > for antitrust reasons? well, a benefit is a benefit. It doesn't really matter how it manifests does it? It's not a donation, as it is not altruistic. | | |
| ▲ | echoangle 2 hours ago | parent [-] | | But then I’m not the product? The government is basically forcing google to pay my browser developer, how does that make me the product it is bad for me? | | |
| ▲ | chii an hour ago | parent [-] | | You are still "the product" even if google derives secondary benefits - because you are using firefox. Google doesn't pay the other forks of firefox money (at least, as far as i know). It's because you aren't using those browsers (you as in the royal you). I didn't say you being a product is bad - but it does not align customer with software company. You may be OK with being sold as a product to google, as this relationship currently isn't damaging. But what if a future offer which would damage you is taken by mozilla because it's profitable? |
|
|
| |
| ▲ | hvb2 3 hours ago | parent | prev [-] | | That's not remotely the same? A default setting that can easily be changed for a feature the vendor didn't have a solution for? To give you an example. Try to use Google Search without sending your data to Google. You cannot use the product without it, you cannot opt out. Firefox, you can use just fine with Google not being your search engine. | | |
| ▲ | chii 3 hours ago | parent | next [-] | | Why isn't it the same? The fact that it is possible to change that default means google simply pays less for it than they otherwise would if it wasn't changeable. It's not a binary toggle - firefox is selling you as a source of revenue for themselves. They're just not making it as extreme as it is possible to be - in the hopes that you don't switch away. You can compare same situation with safari in iOS. Except google pays a lot more, since you cannot switch away in iOS as easily, and culturally there's more reluctance compared to firefox users. This makes google pay more for iOS traffic, as those users are worth more. | |
| ▲ | Incipient 2 hours ago | parent | prev [-] | | It isn't the same, but it's comparable. Google is paying Mozilla to be the default search engine. Google is only paying Mozilla because Firefox has users, regardless if they use the default search engine or not. So, indirectly everyone is the 'product'. I'm sure if 95% of people did swap to ddg, then google may change their mind. Also I believe there is the possibility Google also pays Mozilla to offer competition so Chrome isn't considered a monopoly (but maybe Edge has changed that to some extent?) |
|
|
| |
| ▲ | gzread 41 minutes ago | parent | prev | next [-] | | I think a VPN is a great add-on for Firefox and way for Mozilla to monetize itself, but I'm surprised it's free. Perhaps it's a free trial like Proton? | |
| ▲ | noosphr 2 hours ago | parent | prev [-] | | Are you the product for Firefox too? VPNs are no longer optional for the current internet. This is as controversial as Firefox speaking ftp. | | |
| ▲ | nhinck3 2 hours ago | parent [-] | | Yes? I mean it's very provable that they sell access to your data and your eyeballs other companies. |
|
|
|
| ▲ | pogue 5 hours ago | parent | prev | next [-] |
| I often use Opera browser's free proxy they offer for basic browsing or blocked sites. They advertise it as a free VPN but it's merely a proxy. As far as I know, it's unlimited traffic and you can choose the region it connects to. Edge also has some Microsoft VPN with a very small amount of bandwidth for the free tier. I'm fine with this kind of stuff as long as people are aware it doesn't offer the same connectivity as a full paid VPN. |
| |
| ▲ | Dylan16807 4 hours ago | parent [-] | | > They advertise it as a free VPN but it's merely a proxy. What's the difference when you're accessing it through a browser? > I'm fine with this kind of stuff as long as people are aware it doesn't offer the same connectivity as a full paid VPN. Are you talking about it not reaching out and affecting other programs, or is there a restriction within the browser? | | |
| ▲ | corranh 3 hours ago | parent | next [-] | | In the Firefox case, no difference. It doesn’t encrypt traffic from your device outside of Firefox but for whatever you do inside of Firefox it’s == VPN. | |
| ▲ | pogue 3 hours ago | parent | prev | next [-] | | In Opera, with their "VPN" it only affects traffic within the browser and it sounds like that's the same thing Firefox will offer. A proxy isn't as secure as a full VPN. I had previously read a really good article on it but I hunted and hunted but couldn't find it. This explains it well enough though: https://www.quora.com/Is-Opera-browser-with-built-in-VPN-a-g... However, reading the write up from Opera it's actually pretty decent tech that they've had audited by a third party and the whole nine: Why browsing with Opera’s VPN is safer
https://blogs.opera.com/security/2025/07/opera-vpn-is-safe/ Hopefully no one will start with the whole "they're Chinese owned" argument. If anybody is still on that whole trip, see this (and go watch SomeOrdinaryGamer's video on the subject) but in short it's really nothing to worry about. Debunking misinformation about Opera’s browsers
https://blogs.opera.com/security/2023/07/debunking-spyware-m... | | |
| ▲ | Dylan16807 3 hours ago | parent [-] | | > it only affects traffic within the browser Yes because it's VPN for the browser. I can do the same kind of targeting with most VPN software. Applying it to specific programs doesn't make it stop being a VPN. > This explains it well enough though: Which answer? The dumb bot that contradicts itself? The first human answer says it is a VPN. Though that "cyber security expert" is also not someone I would trust since they seem to think AES 128 versus 256 is actually an important difference. The first human "no" says it's not encrypted and I don't believe that for a second. To say more about the bot answer, it basically repeats three times that only Opera traffic goes through the VPN as its main reason. And then it says it "doesn't offer split tunneling". Come on... The rest of the answer isn't much more grounded in reality. | | |
| ▲ | aragilar 2 hours ago | parent [-] | | Is an SSH jump server a VPN (or forwarding a port from another machine at VPN)? I'd suggest neither are because it's connection-based rather than setting up a network (with routing etc). Absent a network, it's a proxy (which can be used like some deployments of a VPN). | | |
| ▲ | Dylan16807 an hour ago | parent | next [-] | | I see your point, but I think that might label many uses of wireguard in tailscale "not a VPN" because they use imaginary network devices that only exist inside the tailscale process. Saying that would feel very wrong. On the other hand if process internals can be the deciding factor, then optimizing the code one way or the other could change whether a system is "VPN" or "not a VPN" even though it looks exactly the same from the outside. That doesn't feel great either. And do we even know if Opera uses internal network addresses for its "VPN"? I think I'm willing to say that routing all internet traffic from a program through a tunnel can be called either a VPN or a proxy. | |
| ▲ | gzread 40 minutes ago | parent | prev [-] | | Really none of these VPNs are VPNs either since they don't establish a virtual private network. They are just tunnels for your internet access. Tailscale is actual VPN software. It simulates a private network. |
|
|
| |
| ▲ | dyauspitr 4 hours ago | parent | prev [-] | | It comes down to encryption. Proxies aren’t usually encrypted, I don’t know what it does in opera or Firefox’s case. |
|
|
|
| ▲ | notepad0x90 5 hours ago | parent | prev | next [-] |
| I usually defend Mozilla with these things, but I'm a bit bearish on this. It's not like they're not relying on big partnerships already for their survival. I don't have a problem with free to long as there is a paid plan, which I don't see on their announcement page. I don't care who is running a free-only VPN is a huge red flag, and I am one of those people that recommends using VPN services instead of running your thing on a VPS or something. What worries me is this will get adoption and they're start talking about profiting from it via "differential privacy" Or, even worse for the web is a more realistic problem: Firefox is notoriously hard to manage in an enterprise fleet. Their biggest hurdle to marketshare is just that, chrome works well with windows, linux and mac a like and lends itself to management. I'm frequently fighting to be allowed to use Firefox already personally. This poses a direct threat to enterprise security policies. Anyone who bans random free vpns in their networks, now has to include Firefox to that list. And I don't need to mention how bad that is for the web given Google will effectively be the gatekeeper of the entire internet, even the tiny marketshare Mozilla has will be crushed. I wonder if in retrospect, this seemingly mundane feature would be the death-blow to the only alternative browser ecosystem. |
| |
|
| ▲ | looopTools 4 hours ago | parent | prev | next [-] |
| As I understand it, it is just like in Opera. So a proxy not a VPN. I honestly find it distasteful that they may call it a VPN without it actually being one. |
| |
| ▲ | m132 4 hours ago | parent | next [-] | | What makes a proxy a "VPN" again? Most popular "VPN" companies only offer a proxy that merely runs over a VPN protocol. | | |
| ▲ | nl 3 hours ago | parent [-] | | > Most popular "VPN" companies only offer a proxy that merely runs over a VPN protocol. Well that doesn't seem true? Mullvad, Proton, Private Internet Access, NordVPN, ExpressVPN etc are all VPNs. You can use them for whatever protocol you want. | | |
| ▲ | ShowalkKama 3 hours ago | parent | next [-] | | > You can use them for whatever protocol you want. the two most commons protocols used for proxying traffic support arbitrary tcp traffic.
socks is quite self explanatory but http is not limited to https either! Of course most providers might block non https traffic by doing DPI or (more realistically) refusing to proxy ports other than 80/443 but nothing is inherent to the protocol. edit:
this is also mentioned on MDN: https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/... > Aside from enabling secure access to websites behind proxies, a HTTP tunnel provides a way to allow traffic that would otherwise be restricted (SSH or FTP) over the HTTP(S) protocol. > If you are running a proxy that supports CONNECT, restrict its use to a set of known ports or a configurable list of safe request targets > A loosely-configured proxy may be abused to forward traffic such as SMTP to relay spam email, for example. | | | |
| ▲ | tobz1000 3 hours ago | parent | prev [-] | | All of them offer only proxied access to the internet. They do not expose access to any "private network". | | |
| ▲ | DaSHacka 3 hours ago | parent [-] | | Depends on the VPN, I remember Nord had a private p2p network that allowed users of their VPN service to communicate directly with each other without exposing their p2p services to the greater internet. Granted, its been a lomg time since I used Nord, not sure if they still offer that service. |
|
|
| |
| ▲ | gzread 38 minutes ago | parent | prev | next [-] | | A VPN as you refer to it isn't a VPN either. There's no private network that is virtualized. Actual VPN software is like Tailscale. | |
| ▲ | 7bit 3 hours ago | parent | prev | next [-] | | Because people understand VPN but not necessarily proxy. It's targeted to non-tech people. | |
| ▲ | dyauspitr 4 hours ago | parent | prev [-] | | Is the proxy encrypted? If so then you might as well call it a VPN. |
|
|
| ▲ | isodev 4 hours ago | parent | prev | next [-] |
| You know what would be actually cool and a transformative improvement? Mozilla to make an iOS port of Firefox and publish it in regions where Apple has been forced to allow it. |
| |
| ▲ | gzread 38 minutes ago | parent | next [-] | | Apple doesn't allow alternative browsers in those regions, it just does enough to convince the regulatory body that it allows them and the other browsers just don't want to for some reason. | |
| ▲ | Fizz43 42 minutes ago | parent | prev [-] | | Wouldnt be suprised if they were working on it already |
|
|
| ▲ | ceving an hour ago | parent | prev | next [-] |
| The ability to nest proxy servers using TLS would be sufficient for me. |
|
| ▲ | prophesi 4 hours ago | parent | prev | next [-] |
| Do they name the service provider of this VPN or how it works? The official announcement is just as sparse on the details. |
|
| ▲ | klntsky 3 hours ago | parent | prev | next [-] |
| Why are they trying to sell a VPN in the countries where users barely need it? |
| |
| ▲ | ShowalkKama 3 hours ago | parent | next [-] | | https://www.pornhub.com/blog/age-verification-in-the-news Over the past year, Pornhub had to make the difficult decision to block access to users in the following American states due to Age Verification laws: Alabama
Arizona
Arkansas
Florida
Georgia
Idaho
Indiana
Kansas
Kentucky
Mississippi
Missouri
Montana
Nebraska
North Carolina
North Dakota
Oklahoma
South Carolina
South Dakota
Tennessee
Texas
Utah
Virginia
Wyoming
| |
| ▲ | mrweasel 41 minutes ago | parent | prev | next [-] | | That feels weird to me as well. I get that they need to trial it, but United States, France, Germany and the United Kingdom isn't really the countries I'd priorities for a free VPN. I understand that a number of people in both the US and the UK is struggling right now and may not be able to affort a VPN, but their primary need is to avoid age restriction, while a large number countries are censoring the internet for political reasons. That latter seems more important to address. | |
| ▲ | sunaookami 32 minutes ago | parent | prev [-] | | A VPN is more relevant than ever in Europe. |
|
|
| ▲ | TRYEXCEPT 2 hours ago | parent | prev | next [-] |
| FireFox need to improve their integrations and offerings to be on par with Chrome at this stage. It, at times can be such a bainful browser to use and honestly I don't think a VPN is the next step. Improved account handling & switching would be huge. |
| |
| ▲ | bartvk an hour ago | parent [-] | | I'm not sure what you mean by account handling, but you can long-press the new tab, and you can choose a different profile (for example "work") which has a differently-colored tab. It's pretty great. |
|
|
| ▲ | MikeDods 17 minutes ago | parent | prev | next [-] |
| Another Mozilla project to be discontinued in 18 months ... |
| |
|
| ▲ | bobsmooth 5 hours ago | parent | prev | next [-] |
| Where's the money for this VPN going to come from? The ads they insert into my home page or the CEO's inflated compensation? |
|
| ▲ | ars 5 hours ago | parent | prev | next [-] |
| Free VPN's are usually funded by agreeing to route some VPN traffic for other people though your own network. They basically work as mixers, randomizing traffic throughout the VPN population. This can expose users to legal risks, but but can also add plausible deniability at the same time "it wasn't me, it was someone on VPN". |
| |
| ▲ | dawnerd 2 hours ago | parent [-] | | I’ve suspected that’s where these “ethical” (as they like to call it) residential proxy services get their access from. They’re really dodgy about it other than saying the people agree to it, which ya ok. |
|
|
| ▲ | ChrisArchitect 5 hours ago | parent | prev | next [-] |
| Source: https://blog.mozilla.org/en/firefox/firefox-148-149-new-feat... (https://news.ycombinator.com/item?id=47415420) |
|
| ▲ | Animats 4 hours ago | parent | prev | next [-] |
| Now, from the people who brought you Pocket. Could they please stop integrating services into Firefox? Thank you. |
| |
| ▲ | trhway 4 hours ago | parent [-] | | VPN is like SSL some time ago (and there were times when a browser would come without SSL, and you'd have to explicitly download it yourself) - it quickly becomes a basic necessity even in civilized societies, let alone say Russia, Iran and the likes. | | |
| ▲ | spikewall 2 hours ago | parent | next [-] | | So you mean I can trust an American corporation that ships its software with telemetry on by default and has a history of data-mining its users more than my standard ISP?
Ladybird(alpha) cannot come soon enough. | |
| ▲ | DaSHacka 3 hours ago | parent | prev [-] | | Tunneling all my traffic through someone else's machine is not the same as encrypting the communication between me and the destination website. |
|
|
|
| ▲ | Razengan 2 hours ago | parent | prev | next [-] |
| These "official" privacy features tend to end up being hollow masquerades when the providers inevitably capitulate to other corporations and authoritarian countries. Like Apple's iCloud Private Relay not working in China, UAE/Dubai etc. or letting Facebook and TikTok secretly track you across devices and reinstalls with their iCloud Keychain API They WILL leak our shit to the highest bidder or the biggest stick |
|
| ▲ | Panzerschrek 4 hours ago | parent | prev [-] |
| > Mozilla said the free tier will initially provide 50GB of monthly data to users in the United States, France, Germany, and the United Kingdom. Sadly no countries are mentioned where such VPN is really needed (due to strict internet censorship). |
| |
