As a Firefox user: if I want a VPN I'll use an actual VPN. Focus on making a great browser, and not all this distraction.
Also, "free": "If you're not paying for it, you're the product being sold"
nl 2 hours ago [-]
> "If you're not paying for it, you're the product being sold"
This is such a un-nuanced take.
In this case Firefox's route-to-market is the product. It's a distribution channel where some people who receive the free version will upgrade.
Free tiers for products where some will pay to upgrade seems like a reasonable compromise, but it does depend on how the deal is structured.
If Mullvad pays Firefox for the free users then Firefox's incentives are aligned with its users.
If Mullvad pays per conversion then it's a different story.
Springtime 33 minutes ago [-]
I doubt Mullvad would be doing this if they weren't getting compensated given they've always said (even right now[1]) they don't offer a free tier since they don't believe it makes sense.
The other aspect is I expect it would stain the IP pool further. VPN IPs often end up on various blacklists due to abuse and introducing a wave of free users would only make it worse for paying customers.
> Why no free plan? "Free" services nearly always come at some cost, whether that be the time you spend watching an intro ad, the collection of your data, or by limiting the functionality of the service. We don't operate that way – at all.
aurareturn 8 minutes ago [-]
Also, "free": "If you're not paying for it, you're the product being sold"
HN is "free" too. :)
mentalgear 5 minutes ago [-]
At least free to data mine by everyone (as far as I know).
piperswe 3 hours ago [-]
Mozilla only makes the integration between the browser and the VPN, not the VPN network itself - Mozilla VPN is white label Mullvad.
That's an existing product that may or may not be related. Unless you know something the article doesn't?
crummy 3 hours ago [-]
> "If you're not paying for it, you're the product being sold"
This must apply to Firefox itself, right?
chii 2 hours ago [-]
of course it does.
Why do you think google buys the rights to firefox's search bar (as a default setting)?
echoangle 3 minutes ago [-]
Don’t they buy the search bar to have another competitor and not get forced to give away chrome for antitrust reasons? I don’t think they care about the search bar THAT much, it’s basically a donation right?
hvb2 1 hours ago [-]
That's not remotely the same? A default setting that can easily be changed for a feature the vendor didn't have a solution for?
To give you an example. Try to use Google Search without sending your data to Google. You cannot use the product without it, you cannot opt out. Firefox, you can use just fine with Google not being your search engine.
chii 55 minutes ago [-]
Why isn't it the same? The fact that it is possible to change that default means google simply pays less for it than they otherwise would if it wasn't changeable.
It's not a binary toggle - firefox is selling you as a source of revenue for themselves. They're just not making it as extreme as it is possible to be - in the hopes that you don't switch away.
You can compare same situation with safari in iOS. Except google pays a lot more, since you cannot switch away in iOS as easily, and culturally there's more reluctance compared to firefox users. This makes google pay more for iOS traffic, as those users are worth more.
noosphr 29 minutes ago [-]
Are you the product for Firefox too?
VPNs are no longer optional for the current internet. This is as controversial as Firefox speaking ftp.
nhinck3 24 minutes ago [-]
Yes?
I mean it's very provable that they sell access to your data and your eyeballs other companies.
pogue 4 hours ago [-]
I often use Opera browser's free proxy they offer for basic browsing or blocked sites. They advertise it as a free VPN but it's merely a proxy. As far as I know, it's unlimited traffic and you can choose the region it connects to.
Edge also has some Microsoft VPN with a very small amount of bandwidth for the free tier.
I'm fine with this kind of stuff as long as people are aware it doesn't offer the same connectivity as a full paid VPN.
Dylan16807 3 hours ago [-]
> They advertise it as a free VPN but it's merely a proxy.
What's the difference when you're accessing it through a browser?
> I'm fine with this kind of stuff as long as people are aware it doesn't offer the same connectivity as a full paid VPN.
Are you talking about it not reaching out and affecting other programs, or is there a restriction within the browser?
pogue 1 hours ago [-]
In Opera, with their "VPN" it only affects traffic within the browser and it sounds like that's the same thing Firefox will offer.
A proxy isn't as secure as a full VPN. I had previously read a really good article on it but I hunted and hunted but couldn't find it.
Hopefully no one will start with the whole "they're Chinese owned" argument. If anybody is still on that whole trip, see this (and go watch SomeOrdinaryGamer's video on the subject) but in short it's really nothing to worry about.
Yes because it's VPN for the browser. I can do the same kind of targeting with most VPN software. Applying it to specific programs doesn't make it stop being a VPN.
> This explains it well enough though:
Which answer? The dumb bot that contradicts itself? The first human answer says it is a VPN. Though that "cyber security expert" is also not someone I would trust since they seem to think AES 128 versus 256 is actually an important difference.
The first human "no" says it's not encrypted and I don't believe that for a second.
To say more about the bot answer, it basically repeats three times that only Opera traffic goes through the VPN as its main reason. And then it says it "doesn't offer split tunneling". Come on... The rest of the answer isn't much more grounded in reality.
aragilar 36 minutes ago [-]
Is an SSH jump server a VPN (or forwarding a port from another machine at VPN)? I'd suggest neither are because it's connection-based rather than setting up a network (with routing etc). Absent a network, it's a proxy (which can be used like some deployments of a VPN).
corranh 2 hours ago [-]
In the Firefox case, no difference. It doesn’t encrypt traffic from your device outside of Firefox but for whatever you do inside of Firefox it’s == VPN.
dyauspitr 2 hours ago [-]
It comes down to encryption. Proxies aren’t usually encrypted, I don’t know what it does in opera or Firefox’s case.
notepad0x90 4 hours ago [-]
I usually defend Mozilla with these things, but I'm a bit bearish on this. It's not like they're not relying on big partnerships already for their survival. I don't have a problem with free to long as there is a paid plan, which I don't see on their announcement page. I don't care who is running a free-only VPN is a huge red flag, and I am one of those people that recommends using VPN services instead of running your thing on a VPS or something.
What worries me is this will get adoption and they're start talking about profiting from it via "differential privacy"
Or, even worse for the web is a more realistic problem: Firefox is notoriously hard to manage in an enterprise fleet. Their biggest hurdle to marketshare is just that, chrome works well with windows, linux and mac a like and lends itself to management. I'm frequently fighting to be allowed to use Firefox already personally. This poses a direct threat to enterprise security policies. Anyone who bans random free vpns in their networks, now has to include Firefox to that list. And I don't need to mention how bad that is for the web given Google will effectively be the gatekeeper of the entire internet, even the tiny marketshare Mozilla has will be crushed. I wonder if in retrospect, this seemingly mundane feature would be the death-blow to the only alternative browser ecosystem.
pavon 3 hours ago [-]
Mozilla has offered paid VPN plans for over 5 years now. This is just adding a free tier to that.
Over the past year, Pornhub had to make the difficult decision to block access to users in the following American states due to Age Verification laws:
Alabama
Arizona
Arkansas
Florida
Georgia
Idaho
Indiana
Kansas
Kentucky
Mississippi
Missouri
Montana
Nebraska
North Carolina
North Dakota
Oklahoma
South Carolina
South Dakota
Tennessee
Texas
Utah
Virginia
Wyoming
yichk 41 minutes ago [-]
I hope this isn't the main reason Firefox is introducing a built-in proxy. Tacitly encouraging people to watch videos of women being abused and raped is an awful browser market dominance strategy.
encrypted_bird 10 minutes ago [-]
Oh shove off with this Puritan attitude. First off, you're implying most of PornHub is rape. That'a ridiculous; no one is uploading videos of actual rape to PornHub.
Secondly, porn ≠ abuse. It's an actual industry and so obviously the treatment of women varies by company.
Simply put, if you don't like porn, DON'T WATCH IT. Don't try to shove your personal beliefs on everyoje else.
JasonADrury 30 minutes ago [-]
Can gay men still watch porn, or should they feel bad too?
yichk 15 minutes ago [-]
Everyone should feel bad for consuming it. Pornhub is the polished face of a predatory, exploitative and abusive industry.
dawnerd 16 minutes ago [-]
I hate about full access to Reddit? Discord? Have you tried accessing the internet from a location with these laws in place?
looopTools 2 hours ago [-]
As I understand it, it is just like in Opera. So a proxy not a VPN. I honestly find it distasteful that they may call it a VPN without it actually being one.
m132 2 hours ago [-]
What makes a proxy a "VPN" again? Most popular "VPN" companies only offer a proxy that merely runs over a VPN protocol.
nl 2 hours ago [-]
> Most popular "VPN" companies only offer a proxy that merely runs over a VPN protocol.
Well that doesn't seem true?
Mullvad, Proton, Private Internet Access, NordVPN, ExpressVPN etc are all VPNs. You can use them for whatever protocol you want.
ShowalkKama 1 hours ago [-]
> You can use them for whatever protocol you want.
the two most commons protocols used for proxying traffic support arbitrary tcp traffic.
socks is quite self explanatory but http is not limited to https either!
Of course most providers might block non https traffic by doing DPI or (more realistically) refusing to proxy ports other than 80/443 but nothing is inherent to the protocol.
> Aside from enabling secure access to websites behind proxies, a HTTP tunnel provides a way to allow traffic that would otherwise be restricted (SSH or FTP) over the HTTP(S) protocol.
> If you are running a proxy that supports CONNECT, restrict its use to a set of known ports or a configurable list of safe request targets
> A loosely-configured proxy may be abused to forward traffic such as SMTP to relay spam email, for example.
m132 51 minutes ago [-]
To complement your comment, SOCKS 5 also supports two, less known kinds of traffic: UDP and the server side of TCP
All of them offer only proxied access to the internet. They do not expose access to any "private network".
DaSHacka 1 hours ago [-]
Depends on the VPN, I remember Nord had a private p2p network that allowed users of their VPN service to communicate directly with each other without exposing their p2p services to the greater internet.
Granted, its been a lomg time since I used Nord, not sure if they still offer that service.
7bit 2 hours ago [-]
Because people understand VPN but not necessarily proxy. It's targeted to non-tech people.
dyauspitr 2 hours ago [-]
Is the proxy encrypted? If so then you might as well call it a VPN.
prophesi 2 hours ago [-]
Do they name the service provider of this VPN or how it works? The official announcement is just as sparse on the details.
Panzerschrek 2 hours ago [-]
> Mozilla said the free tier will initially provide 50GB of monthly data to users in the United States, France, Germany, and the United Kingdom.
Sadly no countries are mentioned where such VPN is really needed (due to strict internet censorship).
russelg 2 hours ago [-]
With Ofcom I'd say the UK falls into that group nicely.
glitchcrab 1 hours ago [-]
At least now I'll be able to view all those broken Imgur links here in the UK.
isodev 2 hours ago [-]
You know what would be actually cool and a transformative improvement? Mozilla to make an iOS port of Firefox and publish it in regions where Apple has been forced to allow it.
3 hours ago [-]
Razengan 24 minutes ago [-]
These "official" privacy features tend to end up being hollow masquerades when the providers inevitably capitulate to other corporations and authoritarian countries.
Like Apple's iCloud Private Relay not working in China, UAE/Dubai etc. or letting Facebook and TikTok secretly track you across devices and reinstalls with their iCloud Keychain API
They WILL leak our shit to the highest bidder or the biggest stick
Free VPN's are usually funded by agreeing to route some VPN traffic for other people though your own network. They basically work as mixers, randomizing traffic throughout the VPN population.
This can expose users to legal risks, but but can also add plausible deniability at the same time "it wasn't me, it was someone on VPN".
dawnerd 13 minutes ago [-]
I’ve suspected that’s where these “ethical” (as they like to call it) residential proxy services get their access from. They’re really dodgy about it other than saying the people agree to it, which ya ok.
Animats 3 hours ago [-]
Now, from the people who brought you Pocket.
Could they please stop integrating services into Firefox? Thank you.
trhway 2 hours ago [-]
VPN is like SSL some time ago (and there were times when a browser would come without SSL, and you'd have to explicitly download it yourself) - it quickly becomes a basic necessity even in civilized societies, let alone say Russia, Iran and the likes.
spikewall 18 minutes ago [-]
So you mean I can trust an American corporation that ships its software with telemetry on by default and has a history of data-mining its users more than my standard ISP?
Ladybird(alpha) cannot come soon enough.
DaSHacka 1 hours ago [-]
Tunneling all my traffic through someone else's machine is not the same as encrypting the communication between me and the destination website.
bobsmooth 3 hours ago [-]
Where's the money for this VPN going to come from? The ads they insert into my home page or the CEO's inflated compensation?
HalawehMohann49 1 hours ago [-]
[dead]
Rendered at 07:54:56 GMT+0000 (Coordinated Universal Time) with Vercel.
Also, "free": "If you're not paying for it, you're the product being sold"
This is such a un-nuanced take.
In this case Firefox's route-to-market is the product. It's a distribution channel where some people who receive the free version will upgrade.
Free tiers for products where some will pay to upgrade seems like a reasonable compromise, but it does depend on how the deal is structured.
If Mullvad pays Firefox for the free users then Firefox's incentives are aligned with its users.
If Mullvad pays per conversion then it's a different story.
The other aspect is I expect it would stain the IP pool further. VPN IPs often end up on various blacklists due to abuse and introducing a wave of free users would only make it worse for paying customers.
[1] https://mullvad.net/en/pricing
> Why no free plan? "Free" services nearly always come at some cost, whether that be the time you spend watching an intro ad, the collection of your data, or by limiting the functionality of the service. We don't operate that way – at all.
This must apply to Firefox itself, right?
Why do you think google buys the rights to firefox's search bar (as a default setting)?
To give you an example. Try to use Google Search without sending your data to Google. You cannot use the product without it, you cannot opt out. Firefox, you can use just fine with Google not being your search engine.
It's not a binary toggle - firefox is selling you as a source of revenue for themselves. They're just not making it as extreme as it is possible to be - in the hopes that you don't switch away.
You can compare same situation with safari in iOS. Except google pays a lot more, since you cannot switch away in iOS as easily, and culturally there's more reluctance compared to firefox users. This makes google pay more for iOS traffic, as those users are worth more.
VPNs are no longer optional for the current internet. This is as controversial as Firefox speaking ftp.
I mean it's very provable that they sell access to your data and your eyeballs other companies.
Edge also has some Microsoft VPN with a very small amount of bandwidth for the free tier.
I'm fine with this kind of stuff as long as people are aware it doesn't offer the same connectivity as a full paid VPN.
What's the difference when you're accessing it through a browser?
> I'm fine with this kind of stuff as long as people are aware it doesn't offer the same connectivity as a full paid VPN.
Are you talking about it not reaching out and affecting other programs, or is there a restriction within the browser?
A proxy isn't as secure as a full VPN. I had previously read a really good article on it but I hunted and hunted but couldn't find it.
This explains it well enough though:
https://www.quora.com/Is-Opera-browser-with-built-in-VPN-a-g...
However, reading the write up from Opera it's actually pretty decent tech that they've had audited by a third party and the whole nine:
Why browsing with Opera’s VPN is safer https://blogs.opera.com/security/2025/07/opera-vpn-is-safe/
Hopefully no one will start with the whole "they're Chinese owned" argument. If anybody is still on that whole trip, see this (and go watch SomeOrdinaryGamer's video on the subject) but in short it's really nothing to worry about.
Debunking misinformation about Opera’s browsers https://blogs.opera.com/security/2023/07/debunking-spyware-m...
Yes because it's VPN for the browser. I can do the same kind of targeting with most VPN software. Applying it to specific programs doesn't make it stop being a VPN.
> This explains it well enough though:
Which answer? The dumb bot that contradicts itself? The first human answer says it is a VPN. Though that "cyber security expert" is also not someone I would trust since they seem to think AES 128 versus 256 is actually an important difference.
The first human "no" says it's not encrypted and I don't believe that for a second.
To say more about the bot answer, it basically repeats three times that only Opera traffic goes through the VPN as its main reason. And then it says it "doesn't offer split tunneling". Come on... The rest of the answer isn't much more grounded in reality.
What worries me is this will get adoption and they're start talking about profiting from it via "differential privacy"
Or, even worse for the web is a more realistic problem: Firefox is notoriously hard to manage in an enterprise fleet. Their biggest hurdle to marketshare is just that, chrome works well with windows, linux and mac a like and lends itself to management. I'm frequently fighting to be allowed to use Firefox already personally. This poses a direct threat to enterprise security policies. Anyone who bans random free vpns in their networks, now has to include Firefox to that list. And I don't need to mention how bad that is for the web given Google will effectively be the gatekeeper of the entire internet, even the tiny marketshare Mozilla has will be crushed. I wonder if in retrospect, this seemingly mundane feature would be the death-blow to the only alternative browser ecosystem.
https://www.mozilla.org/en-US/products/vpn/
Over the past year, Pornhub had to make the difficult decision to block access to users in the following American states due to Age Verification laws:
Secondly, porn ≠ abuse. It's an actual industry and so obviously the treatment of women varies by company.
Simply put, if you don't like porn, DON'T WATCH IT. Don't try to shove your personal beliefs on everyoje else.
Well that doesn't seem true?
Mullvad, Proton, Private Internet Access, NordVPN, ExpressVPN etc are all VPNs. You can use them for whatever protocol you want.
the two most commons protocols used for proxying traffic support arbitrary tcp traffic. socks is quite self explanatory but http is not limited to https either!
Of course most providers might block non https traffic by doing DPI or (more realistically) refusing to proxy ports other than 80/443 but nothing is inherent to the protocol.
edit: this is also mentioned on MDN: https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/...
> Aside from enabling secure access to websites behind proxies, a HTTP tunnel provides a way to allow traffic that would otherwise be restricted (SSH or FTP) over the HTTP(S) protocol.
> If you are running a proxy that supports CONNECT, restrict its use to a set of known ports or a configurable list of safe request targets
> A loosely-configured proxy may be abused to forward traffic such as SMTP to relay spam email, for example.
https://www.rfc-editor.org/rfc/rfc1928#page-6
Granted, its been a lomg time since I used Nord, not sure if they still offer that service.
Sadly no countries are mentioned where such VPN is really needed (due to strict internet censorship).
Like Apple's iCloud Private Relay not working in China, UAE/Dubai etc. or letting Facebook and TikTok secretly track you across devices and reinstalls with their iCloud Keychain API
They WILL leak our shit to the highest bidder or the biggest stick
This can expose users to legal risks, but but can also add plausible deniability at the same time "it wasn't me, it was someone on VPN".
Could they please stop integrating services into Firefox? Thank you.