IndexedDB

At work a fellow employee discovered access to GMail failed when using Firefox but not Chrome. The failure was recent. The root cause for the failure was dom.indexedDB.enabled=false. I don’t know why access to GMail with Firefox only broke recently.

The IndexedDB topic is a rabbit hole.

My original reasons for disabling were protecting privacy and improving security. We do not want to provide the potential for accessing sensitive company data through web browsers. Data mining and tracking on the web has reached insane levels and does not begin to address how such data would be abused by malicious actors. Hence my conservative approach.

IndexedDB is a client-side (local) storage mechanism. Whereas cookies and WebStorage store small strings of data, IndexedDB is a database technology holding large amounts of data. There are plausible reasons for using the feature. The feature could be used to improve rendering speeds, such as locally storing images and other data such as files, calendars, and to do lists.

That’s being charitable because the Google business model is data mining and tracking. Who knows how else they are using the storage method, especially since much of the data is stored in binary format rather than plain text. For example, certainly location data is being stored by the technology. On mobile devices this data easily creates a history of the person’s habits and routines.

Many web site owners will not resist data mining and tracking, especially when part of the business model. There is a perverse incentive for certain people to purposely break their own web site when IndexedDB is disabled. These people specifically engage in data mining and tracking. For example, my understanding is Twitter will not open correctly when IndexedDB is disabled.

I found no meaningful online stories about abusing this feature. Privacy advocates postulate the feature might be abused to track and fingerprint users. As nominal evidence, when the IndexedDB protocol was introduced some web browsers disabled the feature when using private browsing or incognito mode. By default Firefox is still configured this way, which implies the debate is not fully tinfoil hat territory.

My understanding is the contents of the database is isolated to first party access as long as third party cookies are denied. No cross domain third party can pierce that boundary to sniff the data. Unlike traditional tracking cookies, IndexedDB data limits potential privacy and tracking abuses to first parties.

Firefox supports a feature called privacy.firstparty.isolate that is intended to ensure third parties do not access locally stored client-side browser data. I already had this option enabled in the company master user.js file, which is synced to all local systems.

As recently discovered, disabling this option breaks certain web sites. Because of our narrow task focus within our work flows, likely we seldom tripped over any such site breakage. If that has happened most likely users just shrugged.

Personally I have disabled this option for years, but I am unashamedly zealous about protecting my privacy while online. I don’t care if my browser decisions break certain web sites. I'm not interested in any illusions about a “rich user experience.” Conversely, I don’t use and don’t care about privacy invasive sites such as Facebook, Twitter, and the likes. Without visiting such sites likely I don’t see much breakage and would not know if my disabling the feature makes any difference.

Similarly at work, generally we do not visit such web sites and until recently with the sudden GMail change never experienced or noticed breakage.

When enabled the IndexedDB database is stored at $HOME/.mozilla/firefox/*.default/storage/. The data can be viewed using a SQLite viewing app, but much of the data are binary blobs and will look like gibberish when trying to view.

Firefox supports a per-site method for controlling these storage mechanisms. I have not researched those options. These options can be viewed by “right-clicking” anywhere on a web page and from the context menu selecting the View Page Info option.

Possibly I should look into addons that automatically delete this specific storage when closing the browser. On my personal systems I have a way to do that without addons, but I need to decide if and how to implement that on work systems. Automatically deleting the data might be a reasonable privacy protection, but defeats the purpose of using the technology because the data must be reloaded with each subsequent site visit.

These kinds of topics and discussion have no easy answers. Perhaps resistance is futile. No wonder the majority of people shrug and not bother with privacy and security.

Posted: Category: Usability Tagged: Firefox

Next: Ubuntu and VirtualBox

Previous: Odd Date Comparison Error