Not every monthly browser update feels like a milestone, far from it, but Firefox 147 is an exception to the rule. Released just a moment ago, on January 13, 2026, version 147 of the open source browser is not just another round of bug and security fixes — it is a comprehensive update that crosses some of the oldest items from the community’s wish list.
Whether you are a Linux user who has been waiting for 20 years for a cleaner home directory, a privacy advocate looking for improvements, or an AMD-GPU user who is now benefitting from decreased memory use and improved battery life during video playback.
Here are the five standout features in Firefox 147 that make this update essential.
Closing a privacy loophole in Safe Browsing
Mozilla Firefox uses Safe Browsing from Google for security checks. This checks visited URLs to make sure they are not on a list of dangerous addresses.
Up until now, Mozilla Firefox used V4 of Safe Browsing. Under this system, Firefox downloaded a database of hash prefixes from Google. This list included only the first four bytes of a hash and not the full addresses.
When a Firefox user visited a site in the browser, it compared the first four bits of the site’s hash against the list. If a match was found, it contacted Google servers to verify if the site was on the badlist (bad then), or not (collision, not bad).
The problem here was that Firefox had to contact Google for this. This meant that Google got to see the IP address of the user’s computer and the has prefix of the site.
While local first, it was not fully private because of that.
Version 5 makes a shift to Oblivious HTTP. This adds a third-party server between the browser’s request, and thus a user’s IP address, and the Google server. The third-party server sees the IP address of the user, but only the encrypted hash that is submitted.
Google on the other hand sees the hash, which it can decrypt, but not the user’s IP address.
Site isolation support in Firefox for Android
Site isolation was introduced in late 2021 for desktop versions of the Firefox browser. The main idea was to load each site in its own separate process to avoid certain forms of attacks or privacy issues.
Now, almost four years later, Mozilla is introducing site isolation on Android. Apart from improving security, site isolation should also improve the stability of the Firefox browser on Android.
Under the old system, a crash of a website could take down other tabs or even the whole browser. With site isolation in place, only specific tabs associated with the site will crash, while all other sites and the browser itself won’t be affected.
Local network protection in Strict Tracking Protection
Only a few legitimate services require access to local network resources when you browse the Internet. However, sites may abuse the option for certain tracking forms or attacks. Fingerprinting, for example, benefits from identifying other network devices that are connected to the same network.
Starting in Firefox 147, the browser blocks requests from public websites to private RFC 1918 IP addresses, when tracking protection is set to Strict mode. Nothing changes if tracking protection is set to standard mode, which is the default.
As usual, Firefox users have the option to override this for individual sites.
Zero-Copy Video benefitting video playback on AMD GPU systems
Zero-Copy Video is a rendering technique that is designed to eliminate unnecessary transfers of data between system memory (RAM) and the graphics card (VRAM). Introduction of the feature removes one of the biggest bottlenecks when it comes to media consumption, especially on Linux systems.
To better understand the new system, it is important to understand how the old system worked. Or, more precisely, what made the old process inefficient.
When watching a video in the browser, say a 4K video on YouTube, this is what happened:
- The GPU decodes the compressed video file.
- The browser copies the decoded image into system RAM for the webpage frame.
- The compositor copies the image back to the GPU for it to draw the image on the monitor.
Under the new system, the browser is no longer copying the decoded image. Instead, the GPU gives the browser a pointer to the image in its VRAM.
The main effect: The video never leaves the VRAM. This reduces memory (RAM), CPU usage, and PCIe traffic significantly.
XDG Base Directory Support
For the past 20 years, Mozilla has placed the .mozilla folder in the home folder on Linux to store configuration files and data. This has been a major annoyance for Linux users for a number of reasons:
- Using the .mozilla folder violated the XDG Base Directory Specification, which says that files should be split into three locations based on purpose, not one location (Configuration, Data, and Cache).
- Backup issues, as it was difficult to separate important files, such as configuration files, from trash, such as cache.
- Some programs needed special rules to include the Firefox configuration, e.g., third-party sync software.
- Performance problems on Enterprise networks that mounted the home directories over a network.
This changes with the release of Firefox 147. Firefox will store config files in ~/.config/mozilla and data in ~/.local/share/mozilla going forward, which resolves the long-standing issue.
Closing Words
You can check out the full release notes of Firefox 147 here. There you also find a link to the included security fixes, which, fix several issues rate high or lower, but none that appears to be exploited in the wild already.
You may want to edit the 2nd sentence, Martin. I don’t believe we’re that far into the future just yet.
Thanks Ashwin 😉
Hey Ashwin, I really liked your articles on ghacks. Do you publish new articles on another site now?
Thumb’s-up for unGoogling Safe Browing. I might even start using it now.