That's not remotely the same? A default setting that can easily be changed for a feature the vendor didn't have a solution for?
To give you an example. Try to use Google Search without sending your data to Google. You cannot use the product without it, you cannot opt out. Firefox, you can use just fine with Google not being your search engine.
Why isn't it the same? The fact that it is possible to change that default means google simply pays less for it than they otherwise would if it wasn't changeable.
It's not a binary toggle - firefox is selling you as a source of revenue for themselves. They're just not making it as extreme as it is possible to be - in the hopes that you don't switch away.
The same situation could even be said of safari in iOS. Except google pays a lot more, since you cannot switch away in iOS as easily, and culturally there's more reluctance compared to firefox users. This makes google pay more for iOS traffic, as those users are worth more.
I often use Opera browser's free proxy they offer for basic browsing or blocked sites. They advertise it as a free VPN but it's merely a proxy. As far as I know, it's unlimited traffic and you can choose the region it connects to.
Edge also has some Microsoft VPN with a very small amount of bandwidth for the free tier.
I'm fine with this kind of stuff as long as people are aware it doesn't offer the same connectivity as a full paid VPN.
Hopefully no one will start with the whole "they're Chinese owned" argument. If anybody is still on that whole trip, see this (and go watch SomeOrdinaryGamer's video on the subject) but in short it's really nothing to worry about.
Yes because it's VPN for the browser. I can do the same kind of targeting with most VPN software. Applying it to specific programs doesn't make it stop being a VPN.
> This explains it well enough though:
Which answer? The dumb bot that contradicts itself? The first human answer says it is a VPN. Though that "cyber security expert" is also not someone I would trust since they seem to think AES 128 versus 256 is actually an important difference.
The first human "no" says it's not encrypted and I don't believe that for a second.
To say more about the bot answer, it basically repeats three times that only Opera traffic goes through the VPN as its main reason. And then it says it "doesn't offer split tunneling". Come on... The rest of the answer isn't much more grounded in reality.
In the Firefox case, no difference. It doesn’t encrypt traffic from your device outside of Firefox but for whatever you do inside of Firefox it’s == VPN.
As I understand it, it is just like in Opera. So a proxy not a VPN. I honestly find it distasteful that they may call it a VPN without it actually being one.
> You can use them for whatever protocol you want.
the two most commons protocols used for proxying traffic support arbitrary tcp traffic.
socks is quite self explanatory but http is not limited to https either!
Of course most providers might block non https traffic by doing DPI or (more realistically) refusing to proxy ports other than 80/443 but nothing is inherent to the protocol.
> Aside from enabling secure access to websites behind proxies, a HTTP tunnel provides a way to allow traffic that would otherwise be restricted (SSH or FTP) over the HTTP(S) protocol.
> If you are running a proxy that supports CONNECT, restrict its use to a set of known ports or a configurable list of safe request targets
> A loosely-configured proxy may be abused to forward traffic such as SMTP to relay spam email, for example.
Depends on the VPN, I remember Nord had a private p2p network that allowed users of their VPN service to communicate directly with each other without exposing their p2p services to the greater internet.
Granted, its been a lomg time since I used Nord, not sure if they still offer that service.
I usually defend Mozilla with these things, but I'm a bit bearish on this. It's not like they're not relying on big partnerships already for their survival. I don't have a problem with free to long as there is a paid plan, which I don't see on their announcement page. I don't care who is running a free-only VPN is a huge red flag, and I am one of those people that recommends using VPN services instead of running your thing on a VPS or something.
What worries me is this will get adoption and they're start talking about profiting from it via "differential privacy"
Or, even worse for the web is a more realistic problem: Firefox is notoriously hard to manage in an enterprise fleet. Their biggest hurdle to marketshare is just that, chrome works well with windows, linux and mac a like and lends itself to management. I'm frequently fighting to be allowed to use Firefox already personally. This poses a direct threat to enterprise security policies. Anyone who bans random free vpns in their networks, now has to include Firefox to that list. And I don't need to mention how bad that is for the web given Google will effectively be the gatekeeper of the entire internet, even the tiny marketshare Mozilla has will be crushed. I wonder if in retrospect, this seemingly mundane feature would be the death-blow to the only alternative browser ecosystem.
You know what would be actually cool and a transformative improvement? Mozilla to make an iOS port of Firefox and publish it in regions where Apple has been forced to allow it.
VPN is like SSL some time ago (and there were times when a browser would come without SSL, and you'd have to explicitly download it yourself) - it quickly becomes a basic necessity even in civilized societies, let alone say Russia, Iran and the likes.
Free VPN's are usually funded by agreeing to route some VPN traffic for other people though your own network. They basically work as mixers, randomizing traffic throughout the VPN population.
This can expose users to legal risks, but but can also add plausible deniability at the same time "it wasn't me, it was someone on VPN".
Also, "free": "If you're not paying for it, you're the product being sold"
This is such a un-nuanced take.
In this case Firefox's route-to-market is the product. It's a distribution channel where some people who receive the free version will upgrade.
Free tiers for products where some will pay to upgrade seems like a reasonable compromise, but it does depend on how the deal is structured.
If Mullvad pays Firefox for the free users then Firefox's incentives are aligned with its users.
If Mullvad pays per conversion then it's a different story.
This must apply to Firefox itself, right?
Why do you think google buys the rights to firefox's search bar (as a default setting)?
To give you an example. Try to use Google Search without sending your data to Google. You cannot use the product without it, you cannot opt out. Firefox, you can use just fine with Google not being your search engine.
It's not a binary toggle - firefox is selling you as a source of revenue for themselves. They're just not making it as extreme as it is possible to be - in the hopes that you don't switch away.
The same situation could even be said of safari in iOS. Except google pays a lot more, since you cannot switch away in iOS as easily, and culturally there's more reluctance compared to firefox users. This makes google pay more for iOS traffic, as those users are worth more.
Edge also has some Microsoft VPN with a very small amount of bandwidth for the free tier.
I'm fine with this kind of stuff as long as people are aware it doesn't offer the same connectivity as a full paid VPN.
What's the difference when you're accessing it through a browser?
> I'm fine with this kind of stuff as long as people are aware it doesn't offer the same connectivity as a full paid VPN.
Are you talking about it not reaching out and affecting other programs, or is there a restriction within the browser?
A proxy isn't as secure as a full VPN. I had previously read a really good article on it but I hunted and hunted but couldn't find it.
This explains it well enough though:
https://www.quora.com/Is-Opera-browser-with-built-in-VPN-a-g...
However, reading the write up from Opera it's actually pretty decent tech that they've had audited by a third party and the whole nine:
Why browsing with Opera’s VPN is safer https://blogs.opera.com/security/2025/07/opera-vpn-is-safe/
Hopefully no one will start with the whole "they're Chinese owned" argument. If anybody is still on that whole trip, see this (and go watch SomeOrdinaryGamer's video on the subject) but in short it's really nothing to worry about.
Debunking misinformation about Opera’s browsers https://blogs.opera.com/security/2023/07/debunking-spyware-m...
Yes because it's VPN for the browser. I can do the same kind of targeting with most VPN software. Applying it to specific programs doesn't make it stop being a VPN.
> This explains it well enough though:
Which answer? The dumb bot that contradicts itself? The first human answer says it is a VPN. Though that "cyber security expert" is also not someone I would trust since they seem to think AES 128 versus 256 is actually an important difference.
The first human "no" says it's not encrypted and I don't believe that for a second.
To say more about the bot answer, it basically repeats three times that only Opera traffic goes through the VPN as its main reason. And then it says it "doesn't offer split tunneling". Come on... The rest of the answer isn't much more grounded in reality.
Well that doesn't seem true?
Mullvad, Proton, Private Internet Access, NordVPN, ExpressVPN etc are all VPNs. You can use them for whatever protocol you want.
the two most commons protocols used for proxying traffic support arbitrary tcp traffic. socks is quite self explanatory but http is not limited to https either!
Of course most providers might block non https traffic by doing DPI or (more realistically) refusing to proxy ports other than 80/443 but nothing is inherent to the protocol.
edit: this is also mentioned on MDN: https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/...
> Aside from enabling secure access to websites behind proxies, a HTTP tunnel provides a way to allow traffic that would otherwise be restricted (SSH or FTP) over the HTTP(S) protocol.
> If you are running a proxy that supports CONNECT, restrict its use to a set of known ports or a configurable list of safe request targets
> A loosely-configured proxy may be abused to forward traffic such as SMTP to relay spam email, for example.
Granted, its been a lomg time since I used Nord, not sure if they still offer that service.
What worries me is this will get adoption and they're start talking about profiting from it via "differential privacy"
Or, even worse for the web is a more realistic problem: Firefox is notoriously hard to manage in an enterprise fleet. Their biggest hurdle to marketshare is just that, chrome works well with windows, linux and mac a like and lends itself to management. I'm frequently fighting to be allowed to use Firefox already personally. This poses a direct threat to enterprise security policies. Anyone who bans random free vpns in their networks, now has to include Firefox to that list. And I don't need to mention how bad that is for the web given Google will effectively be the gatekeeper of the entire internet, even the tiny marketshare Mozilla has will be crushed. I wonder if in retrospect, this seemingly mundane feature would be the death-blow to the only alternative browser ecosystem.
https://www.mozilla.org/en-US/products/vpn/
Sadly no countries are mentioned where such VPN is really needed (due to strict internet censorship).
Over the past year, Pornhub had to make the difficult decision to block access to users in the following American states due to Age Verification laws:
Could they please stop integrating services into Firefox? Thank you.
This can expose users to legal risks, but but can also add plausible deniability at the same time "it wasn't me, it was someone on VPN".