Mozilla so sorry for intrusive Firefox VPN popup ad

Firefox

Mozilla managed to annoy many Firefox users this week by presenting an unwanted ad for its VPN service, and has since suspended the promotional initiative.

This is the same Mozilla that markets Firefox specifically for the availability of ad blocking extensions, or add-ons. "The average person sees an average of 4,000 ads a day," the org crows on its website. "If you think that’s too many, an ad blocker is your new best friend."

Yet the Mozilla VPN ad presented to Firefox users was immune to ad blocking extensions because it was not part of any web page. Rather it was served through Firefox's user interface, via the browser Messaging System. The ad can be disabled, however, by entering about:config in the Firefox input bar and setting browser.vpn_promo.enabled to false.

Microsoft Edge has tried this tactic as well. It presented what looks like a banner ad for Edge atop a Google Chrome Canary download page, though the ad resided within an adjacent Edge-controlled content area rather than content area used for page rendering.

Mozilla's VPN ad proved to be particularly egregious because it disabled the rest of the Firefox interface until it was dismissed.

• Mozilla drags Microsoft, Google, Apple for obliterating any form of browser choice
• Mozilla, like Google, is looking ahead to the end of Apple's WebKit rule
• Serious surfer? How to browse like a pro on Firefox
• Mozilla browser Firefox hits the big 100

This is not the first time Mozilla has annoyed users with unwanted ads. In 2020, Mozilla forced push notifications on Firefox users without permission to promote its blog post about the StopHateForProfit coalition, which tried to pressure Facebook to deal with harmful content. The company faced similar blowback in 2017 for its Mr. Robot promotional add-on.

Mozilla's flirtations with advertising – a way to augment and diversify its revenue beyond search engine deals – date back at least to 2014.

Firefox users voiced their displeasure about the unwelcome VPN ad through online forums like Reddit and Mozilla support pages.

As one user wrote, "I am a developer on an emergency intervention hotline for sexual assault. Firefox is now throwing up pseudo-modal advertisements for its VPN above pages.

"It is absolutely IMPERATIVE that our visitors do not receive these new modal advertisements that Firefox is throwing at them. What can I do to prevent Firefox's new browser-hijacking advertisements from showing up on our hotline pages?"

Another user wrote, "The company I work for uses Firefox to view and project web content while filming government meetings, along with a number of critical apps. Modal popups will make it difficult to use in production; there are reports of this crashing the current page and causing issues with multiple monitors. If you add this back, I'll have to deploy a Firefox Enterprise policy to disable this on our entire laptop fleet, which is... annoying."

A bug report was filed about the ad and shortly thereafter Mozilla disabled the promotion.

It appears the ad was being triggered inappropriately due to a time miscalculation error. Mozilla's Messaging System includes code that tries to trigger a message (an ad in this case) when a Firefox user has been idle for 20 or more minutes.

But as Mozilla engineer Shane Hughes describes it, browser's attempt to find how much time has passed since the last user interaction or audio event treats Epochs – time since January 1st, 1970 00:00:00 UTC – as if they were milliseconds.

The Register asked Mozilla to confirm that the errant ad followed from a timing bug and to comment on the company's decision to present such an ad.

A Mozilla spokesperson addressed just our second question.

"We’re continuously working to understand the best ways to communicate with people who use Firefox," a Mozilla spokesperson said in an emailed statement. "Ultimately, we accomplished the exact opposite of what we intended in this experiment and quickly rolled the experience back. We apologize for any confusion or concern." ®