Firefox 57, scheduled for release on November 14, will ship with a new protective measure that will prevent accessibility apps from accessing the web browser's data.
Accessibility is a term used to describe the design of products for people with disabilities. Firefox's accessibility features allow specialized accessibility apps to connect to the browser and interpret browsing data for persons with disabilities.
For example, screen readers use Firefox's accessibility support to read content from an active web page, menus, buttons, preferences, browser history, or others.
Mozilla engineers say that recently they've discovered apps abusing Firefox's accessibility (a11y) feature to access and collect user data stored inside Firefox.
"We're detecting a long list of obscure and some not so obscure 3rd party Windows applications that use accessibility to snoop on user activity," explains Jim Mathies, Software Engineering Manager for Mozilla.
"We want to cut down on this by better communicating when [accessibility] is active," Mathies added. "This bug is about adding a new section under preferences -> privacy that displays a11y active state and provides a switch to force accessibility off."
In addition, Mozilla engineers have also added a new section in the Firefox "about:support" page called "Accessibility." If access to Firefox accessibility is enabled, this section will list all apps currently using the feature.
This will allow users to detect rogue apps that use Firefox's accessibility feature to spy on users and surreptitiously collect telemetry data.
Firefox 57 is a groundbreaking release on many fronts. First and foremost, this will be the first Firefox version that will support only the newer WebExtensions add-on system, meaning all legacy Firefox add-ons built on the old XML-based Add-Ons API will cease to function.
You can test most of the upcoming Firefox 57 changes, including the new accessibility protection measures, via the Firefox Nightly edition.