Should I also block all 3rd party cookies in Firefox? Will Privacy Badger alone protect from HEIST attack?

[David-Else]

Hello,

Firefox has a setting 'accept 3rd party cookies: never'

Someone online recommended to use this setting as well as install Privacy Badger? Is this correct, I would have assumed Privacy Badger deals with it for you?

If i do leave Firefox to accept cookies, can Privacy Badger alone protect against this and similar attacks?

http://www.theregister.co.uk/2016/08/05/javascript_heist_attack_https/

The researchers said that the only way to protect against HEIST is to disable third-party cookies, which is an option on most browsers but not enabled by default. Disabling third-party cookies would prevent HEIST's fetch() call from authenticating with the raided webpage.

[ghost]

There is a setting in Firefox that blocks 3rd party cookies. Just click Tools at the top then options. Privacy and there you will see Accept third-party cookies: with a drop down menu and you can choose how to handle third-party cookies.

[David-Else]

Thanks for the input, but i was asking if there is any point in blocking 3rd party cookies if privacy badger is taking care of the business anyway?

[cooperq]

It certainly can't hurt to block third party cookies in addition to running privacy badger! Privacy badger will only block cookies once they look like they are tracking you, so yea you might block some additional stuff! Note that this will make privacy badger slower to block things since one of the main indicators it uses to decide whats tracking you is the cookies that things set. But that's okay!