Discussion in 'other software & services' started by xAustinx, Jan 19, 2005.

Thread Status:
Not open for further replies.
  1. xAustinx

    xAustinx Guest

    I was browsing round and came accross mozilla and mozilla firefox. I read the details and mozilla has more features then I want like the chat facility etc. But I looked at mozilla/firefox and that seemed alright. Could some one give me some information about it like if it has good features etc and how good the pop up blocker is etc.

    I understand its supposed to be more secure than IE, at the moment i use ie and dont really know how to set up the security on it. I run numerous securiy software an all that. So would you say mozilla/firefox is worth trying?


  2. Blackspear

    Blackspear Global Moderator

    Dec 2, 2002
    Gold Coast, Queensland, Australia
    Hi xAustinx, the popup blocker is great and it is well worth trying, everyone I have put on to it just loves it, great browser.

    Cheers :D
  3. the Tester

    the Tester Registered Member

    Jul 28, 2002
    The Gateway to the Blue Hills,WI.
    Try Firefox.
    I bet that you will like it. ;)
  4. meneer

    meneer Registered Member

    Nov 27, 2002
    The Netherlands
    I'm running a non security and non geek 40.000 page per day site (although open source related...) and firefox (all versions) is nearing the 20% mark :cool:

    Go get it!
  5. firefoxguy

    firefoxguy Guest

    The popup blocker is okay, about the same level as the one you get in XP SP2. Nowdays, most decent popup blockers are about the same level. Mozilla based browsers have a easier time of blocking popups, than IE because the latter has several unique ways of starting popups (modeless dialog boxes etc) compared the former.

    If your only reason to switch is cos of the popup blocker, I say forget it.

    Of course, firefox has more than that. Tab browsing, password manager, built in search box, the powerful find as you type feature, RSS reader etc.

    But again, if the only reason you want to switch is because of such features, I say forget it. After all you can run out and get one of those IE shells, which out of the box has a TON of features more than firefox out of the box and most of what I mention above.

    Granted with firefox extensions , my firefox has even more features than IE shells, but for beginners they may find it hard to find the extensions they need or want.

    So why switch?

    Given that this is a security forum, the answer is simple, for security and privacy!
  6. drake456

    drake456 Registered Member

    May 21, 2004
    So what this guy is saying is, Yes download Firefox, Its much better then IE,
    Ive been useing Firefox for about 7months and I would never use IE again.
  7. firefoxguy

    firefoxguy Guest

    Firefox is as secure if not more secure out of the box than IE with the various security tweaks you do in IE.

    For one thing, you don't need all the protection that involve activeX (eg spywareblaster, immunization in spybot), since firefox doesnt support that. Ditto for protection with regards to monitoring BHOs .

    You might consider using another utility to monitor firefox configurations, but AFAIK there arent any native homepage hijackers for mozilla yet.

    Still if you are paranoid you can do several things to enhance privacy and to some extent security. Many of them are similar to what you do in IE.


    The nicest thing about firefox compared to IE, is that you have a much greater grandular control over what Javascript can or cannot do.

    Under tools--> options --->web features, press the advanced button, I recommend you uncheck everything. In particular by preventing scripts from raising or lowering windows will protect you from many of the phishing problems mentioned on Secunia.

    If you are in a mode to experiment, you can even find more options by typing about:config in the address bar, then searching for dom.disable and turning them to true


    Of course, there are drawbacks to the above settings, there's a reason why it isn't default of course. If this were IE, the solution would be simple, we would throw some sites that had problems into the trused zone.

    But firefox doesn't use the zonal system. This is a plus believe it or not. Many of the most serious flaws in IE historically, have being a results of sites being able to worm their way into the Local machine zone or trusted zone to achieve greater privilages. By not having an automatic free for all "install everything" zone, firefox doesnt face this problem.

    Still if you really want such a system , you can use the following extension . You can then customise sites to your liking.


    XPI installs on firefox is a very powerful and dangerous technology, it's often compared to activeX, because like activeX, once you allow an extension to run, there are no restrictions at all on what it can do (unlike the java sandbox).

    Thankfully, firefox has learnt from the activex problems and several powerful safeguards, some off them off the top of my hand are

    1) XPI installation whitelist - By default, only one site is given permission to directly install extensions, the official mozilla update online site. You can extend this by adding more sites into the whitelist of course. I add for example.

    This alone protects you completely unless you start whitelisting sites like crazy but even then......

    2) By default, such xpi installation prompts can only occur using onclick, rather than onload or other events. This means you don't immediately get confronted with millions of popups asking for permission to install something just by entering a site.

    You need to actually click on the link to install before that occurs. If the site is not whitelisted , it actually displays a non-instructive information bar, telling you what has happened, and giving you an opportunity to whitelist the site.

    Even if the site is whitelisted and you by your own native freewill, clicked on the install link, there is still one more layer of protection.

    3) The popup request that occurs actually has a delaying mechanism of 3 seconds. This means that the site cannot bombard you with a million requests.

    As you can see, firefox is built with security in mind, something that IE XP SP2 is only now beginning to approach slowly.


    I initally intended to post about other privacy related tweaks you can do, such as blocking referrers, ad banners, cookie management etc, but I figure the post is already too long.

    Besides the differences I point out, in most cases, your security software will continue to protect you. You should continue to employ a host files, a antivirus, a software firewall and a proxy if you prefer.

    Most of your antispyware software that involve scanning the hard-disk and running processing will continue to work, altough many IE specific protection such as monitoring of IE browser settings will not work, but that's okay.

    Various protections employed using BHOS like Sdhelper, spywareguard will not work as well, but again those are IE specific solutions to IE problems anyway.
  8. TheQuest

    TheQuest Registered Member

    Jun 9, 2003
    Kent. UK by the sea
    Hi, firefoxguy

    Great post firefoxguy.

    Never to long when it comes to Privacy and Security.

    Looking forward to a lot more. :)

    Take Care,
    TheQuest :cool:
  9. solarpowered candle

    solarpowered candle Registered Member

    Jan 9, 2003
    new zealand
  10. Can't tell

    Can't tell Guest

    Same for me too.

    Very interesting views on FFox...

    Thanks! :)
Thread Status:
Not open for further replies.