Immunization Settings for Firefox Lost Every Time Browser Opened

Discussion in 'SpywareBlaster & Other Forum' started by CindyS, Jul 8, 2009.

Thread Status:
Not open for further replies.
  1. CindyS

    CindyS Registered Member

    Joined:
    Jul 8, 2009
    Posts:
    3
    Upgrading to Firefox 3.5 has introduced an issue with SpywareBlaster that didn't exist before. I notified them of this (modified version follows) but they refer me to you (very Microsoft-ian of them, isn't it?). Just FYI, this issue also affects the latest release of Spybot Search & Destroy.

    In any case, you might want to look into this...

    //BEGIN
    Leaving "Site Preferences" checkbox checked in either of these places in Firefox 3.5:

    1) Tools | Options... | Privacy | Settings...
    2) Tools | Clear Recent History...

    results in the Firefox immunization protection offered by SpywareBlaster 4.2 being wiped out. In the case of 1) above, the problem occurs simply by opening the Firefox 3.5 browser. In the case of 2) above the problem occurs when choosing to clear recent history (Ctrl+Shift+Del) in Firefox 3.5.

    Unchecking the Firefox 3.5 "Site Preferences" checkbox in the places listed above resolves these issues -- but at the expense of me having to accept the possibility of site preference data being preserved within Firefox.

    This problem did NOT exist until the installation of Firefox 3.5. I have the latest version of SpywareBlaster with the latest definition files
    applied, and both were in place and functioning perfectly with the version of Firefox (3.0.11) I had in place prior to upgrading to FF 3.5. In fact, SpywareBlaster has worked fine with all versions of Firefox prior to 3.5! The problem started immediately upon upgrading to Firefox 3.5. The result is a potential compromise to Firefox security.


    Reproducible: Always

    Steps to Reproduce:
    1. Verify that all Firefox immunization/protection offered by SpywareBlaster 4.2 is in effect; close this program.
    2. Open Firefox 3.5
    3. Verify that the "Site Preferences" checkbox is checked in Tools | Options...
    | Privacy | Settings... (if not, check it and restart Firefox).
    4. Close Firefox.
    5. Repeat Step 1, which will show that all previously enabled Firefox
    protection is now disabled.

    OR

    1. Verify that all Firefox immunization/protection offered by SpywareBlaster 4.2 is in effect; close this program.
    2. Open Firefox 3.5
    3. Either select Tools | Clear Recent History... OR press Ctrl+Shift+Del
    4. Verify that the "Site Preferences" checkbox is checked (if not, check it).
    5. Click the "Clear Now" command button.
    6. Repeat Step 1, which will show that all previously enabled Firefox
    protection is now disabled.

    Actual Results:
    In both methods described above, the result is that the previously enabled
    Firefox protection offered by SpywareBlaster is then disabled.

    Expected Results:
    The previously enabled Firefox protection offered by SpywareBlaster should remain enabled.
    //END
     
  2. CindyS

    CindyS Registered Member

    Joined:
    Jul 8, 2009
    Posts:
    3
    It's been 2 days... this is a pretty big issue... any comment from Javacool as to whether they plan to address this issue?
     
  3. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    for the time being leave Site Preferences unchecked in Clear History options?
     
  4. javacool

    javacool BrightFort Moderator

    Joined:
    Feb 10, 2002
    Posts:
    3,997
    Hi,

    My apologies for the delayed reply.

    What Firefox calls "Site Preferences" are, in fact, the exact settings that SpywareBlaster, Spybot S & D, and even Firefox use to configure per-site restrictions or policies. They are not: cookies, history, the actual "preferences" or data that a site may have stored about you (ex. your e-mail address, your favorite color), etc.

    Some examples of Firefox features that set "Site Preferences": allowing pop-ups on a banking/ecommerce site, allowing cookies from a forum site.
    To clarify, all that's stored is a rule like the following: ALLOW cookies FROM wilderssecurity.com - not the actual cookies.

    IMHO, there's very little reason to ever clear these particular settings. Whether they are set by the user, or by another utility, they are usually wanted settings. If wanted, you can manage them individually from within Firefox preferences - there's no need (and hardly ever a reason) to clear them all using the Clear History -> Site Preferences option.

    From a privacy/completeness standpoint, I can understand why Mozilla may have wanted to include them as an option under the "Clear History" settings. From a practical standpoint, I'd highly recommend leaving the "Site Preferences" option unchecked in Firefox.

    Best regards,

    -Javacool
     
Thread Status:
Not open for further replies.