Google researchers announced recently of the POODLE (Padding Oracle On Downgraded Legacy Encryption) Attack which hackers take advantage of sites (around 0.3%) still using the outdated (introduced in 1996) SSLv3 security protocol. Mozilla has announced that SSLv3 will be disabled, unfortunately it won’t be until Firefox 34 which will be released on November 25th. However, user can (and are urged to) install the SSL Version Control extension which will disable SSLv3 on the fly. I would not be surprised though if Mozilla pushes out Firefox 33.1 update to have SSLv3 disabled in the coming days or weeks. Google Chrome is already testing changes to disable…
Browsers
Read More
Ever come across a site that won’t allow you to right-click? Some sites block the ability to right-click usually via JavaScript so you can’t say copy or download images. However, it is rather frustrating on a site such as a message board where Firefox underlines a misspelled word, but you can’t right-click to correct or ignore. A very quick about:config settings change will “fix” this for you: In a new tab type in the address bar about:config and press enter If you get a warning about “Voiding your Warranty” click the I’ll be careful, I promise button to continue In the Search box type context In the…
Google has come out with a tool (beta) for Windows to help users identify and remove rogue extensions and toolbars that are secretly tracking you. When malicious programs are using your Chrome browser to collect data, serve you ads or cause overall sluggishness, there’s a quick way to find out what’s causing the issues. Google recently published the Software Removal tool for Windows that will scan for software that is causing issues with the browser. A few words of caution before you use this tool: It is still in Beta so you may want to create a restore point just…
Browsers extensions are great as they enhance the usability and your experience with your browser. However, there are some extensions out there that will actually do the opposite. This seems to be a bigger problem for Chrome but there are a couple known ‘spying’ extensions in Firefox. These ‘evil’ extensions may track you or as in the case with Scott Hanselman inject ads into sites you are viewing. My perspective on JavaScript-based browser extensions has been far too naïve until this point. We were all burned by bad toolbars or evil ActiveX add-ons in the past, so when I run IE I run it with…
Mozilla release an emergency update for Firefox 32.0 on September 24th, 2014 with Firefox 32.0.3. This release addressed these issues: MFSA 2014-73: RSA Signature Forgery in NSS Please see the release notes for full details. Depending on update settings, users will be prompted to update to version 32.0.3 or can do so via Help > About Firefox or going to getfirefox.com where they can download and manually install the latest version of Firefox. The next planned release will be Firefox 33 on October 14, 2014.
Now, for whatever reason I have not seen any reference to this new feature (or annoyance as Mozilla makes it rather difficult to allow the download if you understand the risks) in the Firefox 32.x release notes. From the Mozilla Security Blog: Until recently, we only had access to lists of reported malicious web sites, now the Safe Browsing service monitors malicious downloaded files too. The latest version of Firefox (as of July 22) will protect you from more malware by comparing files you download against these lists of malicious files, and blocking them from infecting your system. The next version of Firefox…
Mozilla release an emergency update for Firefox 32.0 on September 12th, 2014 with Firefox 32.0.1. This release addressed these bugs: Stability issues for computers with multiple graphics cards Mixed content icon may be incorrectly displayed instead of lock icon for SSL sites WebRTC: setRemoteDescription() silently fails if no success callback is specified Please see the release notes for full details. Depending on update settings, users will be prompted to update to version 32.0.1 or can do so via Help > About Firefox or going to getfirefox.com where they can download and manually install the latest version of Firefox. The next planned release will…
You won’t be able to run Firefox on these, not that you can on the iPhone. For those hoping that may be things would change with the upcoming iPhone 6, they are not. From Mozilla Support: “Apple’s restrictions prevent us from bringing the current version of Firefox to iOS devices…”. What it comes down to is Apple telling Mozilla they must use the Apple web engine (WebKit) in order to have a Firefox app on iOS. Simply put Apple is telling Mozilla you can have a Firefox app on iOS, but really it is going to be mobile Safari dressed up to look like…
The current Nightly versions of Firefox 35 (planned release date: January 6, 2015) features a new theme interface within the Customize mode (Firefox Menu > Customize or right-click on a toolbar and select Customize…). Added to the Customize mode is a new Themes button with a pop-up menu giving you some options for managing and installing themes: You can switch between themes you have already installed (as seen in Appearance section of the Add-ons Manager). Choose to install and switch to one of the recommended themes. Go to addons.mozilla.org Theme Library to browse and download/install a new theme. Click for full size image…
For those who are having issues with (or don’t like) the newly redesigned context menu in Firefox 32, there is a simple way you can get back your old (Firefox 31 and older) context menu without too much trouble: Download and install the Classic Theme Restorer add-on. From the Firefox Tools menu select Classic Theme Restore Select the General UI category on the left then scroll down to Replace page context menu icons with labels (back, forward, stop, reload, bookmark page) and check this option. Note: Below screen shot is for the current 1.2.3 version. The 1.2.5 Beta versions the options has been renamed to Replace icons with labels…