Starting with Firefox 60 —expected to be released in May 2018— websites won't be able to use Firefox to access data from sensors that provide proximity distances and ambient light information.
But at the start of the month, Mozilla engineers have decided to disable access to these two APIs by default. The APIs won't be removed, but their status is now controlled by two Firefox flags that will ship disabled by default.
This means users will have to manually enable the two flags before any website can use Firefox to extract proximity and ambient light data from the device's underlying sensors.
The two flags will be available in Firefox's about:config settings page. The screenshot below shows the latest Firefox Nightly version, where the two flags are now disabled, while other sensor APIs are enabled.
The Firefox code commit in which these two flags have been added also includes three other flags —to enable or disable all sensors APIs, to enable/disable the Device Orientation Sensor API, and to enable/disable the Motion Sensor API.
These three flags will ship enabled by default, as access to these two APIs is needed by a broad range of a wide range of mobile websites.
The Proximity and Ambient Light sensors are both new and highly controversial. A key factor in the decision to ship these two APIs disabled by default is the work of privacy expert Lukasz Olejnik.
Olejnik published two research reports on the possible ways attackers and advertisers could abuse these two APIs.
For example, Olejnik argued that the W3C Proximity Sensor API could allow websites and advertisers to query the position of nearby objects in relation to a user's smartphone or tablet. Additionally, he also argued that malicious sites could use the W3C Ambient Light Sensor API to steal browser data.
Shipping these two APIs off by default takes care of some of Olejnik's concerns, albeit it does not mitigate the risk altogether.
"More user control is always good," Olejnik said regarding Mozilla's decision.