FF Security addons

Discussion in 'other anti-malware software' started by CloneRanger, Sep 16, 2011.

Thread Status:
Not open for further replies.
  1. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    http://www.secniche.org/declsec

    These are in Experimental Phases, so use "At Your Discretion"
     
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    At least they exist, thanks.
     
  3. LODBROK

    LODBROK Guest

    Thanks CloneR. Both add-ons are pretty slick.

    As of this posting, the HTTP Content Security Policy Detector is listed for up to Firefox 5.x but installs and runs in 6.0.2 if you tweak the xpi's install.rdf.

    .
     
    Last edited by a moderator: Sep 17, 2011
  4. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ J_L

    :thumb:

    @ LODBROK

    That's good to know :) Let us know how you go :thumb:
     
  5. LODBROK

    LODBROK Guest

    Not mentioned on the developer's Web site linked above in #1 is also this add-on:

    -https://addons.mozilla.org/en-US/firefox/addon/strict-transport-security-d/-

    The three add-ons place text fields in the browser status bar. The attachment shows three samples, the top one being for a site and the other two for a couple of sample sites - PayPal in the middle and on bottom, mozilla dot org.

    I haven't seen anything for the X-Content_Security_Policy. That's the one I tweaked to install in Firefox 6.0.2. Maybe it's not working? Or I just never visited a site yet that has such a policy? Time will tell.

    They don't provide any layer of protection but simply report the status as parsed by the three detectors. Clicking on either of the text fields pops up a detailed dialogue.

    Further technical details are on each of the add-ons pages: screen shots, "About this Add-on" and the author's "For more details..." links.

    -https://addons.mozilla.org/en-US/firefox/addon/http-content-security-polic/-
    -https://addons.mozilla.org/en-US/firefox/addon/clickjacking-defense-declar/-

    If you have to ask what any of this is all about, you don't need these.

    Typical Wilders members normally concerned about GUI fonts and colors need not bother to even ask. :cautious:

    .
     

    Attached Files:

  6. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Yet another one, thanks.
     
  7. tlu

    tlu Guest

    Indeed. Moreover, it's good to know that Noscript also provides explicit protection against Clickjacking and supports Strict Transport Policy. CSP is supported by FF itself - see also here. So, as you already said, those addons don't provide anything new nor more security - they simply report if websites support those features.
     
  8. NRProia

    NRProia Registered Member

    Joined:
    Sep 11, 2011
    Posts:
    111
    Location:
    Lowell, MA
    Hello,

    I used to run two Firefox security add-ons until I upgraded to Ad Muncher:

    AdBlockPlus.org - Adblock Plus
    AddOns.Mozilla.org - Adblock Plus Pop-up Addon

    Also, this add-on is fairly good if you're not already using McAfee SiteAdvisor and/or Norton Safe Web:

    MyWOT.com - WOT (Web Of Trust)

    Regards,

    Nathan
     
  9. Jose_Lisbon

    Jose_Lisbon Registered Member

    Joined:
    Feb 5, 2010
    Posts:
    245
    Location:
    Portugal
    I'd like to thank all of you who put their machines at risk by installing unknown apps for the benefit of the majority of us.

    Of course I think it is a bit silly... but... where would we be without you?
    Long live the geeks!
     
Loading...
Thread Status:
Not open for further replies.