FF Security addons

http://www.secniche.org/declsec

These are in Experimental Phases, so use "At Your Discretion"

 

At least they exist, thanks.

 

Thanks CloneR. Both add-ons are pretty slick.

As of this posting, the HTTP Content Security Policy Detector is listed for up to Firefox 5.x but installs and runs in 6.0.2 if you tweak the xpi's install.rdf.

.

 

@ J_L



@ LODBROK

That's good to know Let us know how you go

 

Not mentioned on the developer's Web site linked above in #1 is also this add-on:

-https://addons.mozilla.org/en-US/firefox/addon/strict-transport-security-d/-

The three add-ons place text fields in the browser status bar. The attachment shows three samples, the top one being for a site and the other two for a couple of sample sites - PayPal in the middle and on bottom, mozilla dot org.

I haven't seen anything for the X-Content_Security_Policy. That's the one I tweaked to install in Firefox 6.0.2. Maybe it's not working? Or I just never visited a site yet that has such a policy? Time will tell.

They don't provide any layer of protection but simply report the status as parsed by the three detectors. Clicking on either of the text fields pops up a detailed dialogue.

Further technical details are on each of the add-ons pages: screen shots, "About this Add-on" and the author's "For more details..." links.

-https://addons.mozilla.org/en-US/firefox/addon/http-content-security-polic/-
-https://addons.mozilla.org/en-US/firefox/addon/clickjacking-defense-declar/-

If you have to ask what any of this is all about, you don't need these.

Typical Wilders members normally concerned about GUI fonts and colors need not bother to even ask.

.

 

Yet another one, thanks.

 

Indeed. Moreover, it's good to know that Noscript also provides explicit protection against Clickjacking and supports Strict Transport Policy. CSP is supported by FF itself - see also here. So, as you already said, those addons don't provide anything new nor more security - they simply report if websites support those features.

 

Hello,

I used to run two Firefox security add-ons until I upgraded to Ad Muncher:

AdBlockPlus.org - Adblock Plus
AddOns.Mozilla.org - Adblock Plus Pop-up Addon

Also, this add-on is fairly good if you're not already using McAfee SiteAdvisor and/or Norton Safe Web:

MyWOT.com - WOT (Web Of Trust)

Regards,

Nathan

 

I'd like to thank all of you who put their machines at risk by installing unknown apps for the benefit of the majority of us.

Of course I think it is a bit silly... but... where would we be without you?
Long live the geeks!