Firefox 17 to make add-ons more secure

h-Online: As suggested by some of its developers back in 2010, the Firefox browser will introduce enhanced separation between add-ons and the rest of the browser. With the change, which is planned to take effect with the release of Firefox 17, scripts on web pages will only be able to access the data belonging to add-ons if they are included in a whitelist. The beta version of Firefox 15 already logs warning messages in the browser鈥檚 Error Console when a page that is not on the whitelist tries to access data from add-ons....

August 23, 2012 路 2 min 路 305 words 路 Omid Farhang

Privacy concerns over popular ShowIP Firefox add-on

Cross-posted from SophosLabs: A popular Firefox add-on appears to have started leaking private information about every website that users visit to a third-party server, including sensitive data which could identify individuals or reduce their security. Naked Security reader Rob Sanders alerted us to the activities of the recently updated ShowIP add-on for the Firefox browser. According to the description on the Mozilla add-ons website, ShowIP is designed to 鈥渟how the IP address(es) of the current page in the status bar....

May 1, 2012 路 3 min 路 444 words 路 Omid Farhang

Firefox Extension Used in Facebook Scam

Symantec Connect: Not only Facebook is adding new and interesting features to its toolbox; spammers and scammers in Facebook are, too. Currently there is a scam making rounds using a classic 鈥渨ho is viewing your profile鈥 themed bait. So far 鈥 nothing new. After the user grants the application the requested privileges, which of course will send out the above mentioned spam posts to all his or her friends, the user gets redirected to a download instruction site....

March 23, 2011 路 3 min 路 433 words 路 Omid Farhang

Rainbow 0.2 is here!

For those who missed this update on Nov 18: In the spirit of releasing early and releasing often 鈥 Mozilla bring you version 0.2 of Rainbow 鈥 an experimental Firefox add-on from Mozilla Labs that exposes audio and video recording capabilities to web pages. What鈥檚 new in this release? It now support both audio and video recording on Windows, and audio recording on Linux. They added preliminary support for writing multiplexed media frames to a websocket....

November 25, 2010 路 1 min 路 171 words 路 Omid Farhang

Firesheep author takes backhanded pot-shot at free speech

Sophos Labs: Two weeks ago, an automatic session-hijacking plugin was released for Firefox. It was named Firesheep, and it鈥檚 been downloaded over 600,000 times so far. The decision to release Firesheep publicly is a controversial one. On the good side, it鈥檚 reminded people that some of their common web surfing habits are dangerously insecure. Many websites use HTTPS (secure HTTP) for login, which protects your password. But they revert to insecure HTTP for the rest of the session....

November 7, 2010 路 3 min 路 569 words 路 Omid Farhang

Find Words Smarter with Word Suggestions

Mozilla Labs: In our first Prospector experiment, Speak Words, we helped Firefox learn what words you might want to type into the Awesome Bar. We have taken that idea to help you find words in your open tab in our latest experiment. Finding a word in Firefox has always been easy because Firefox will move you to the new word formed by your last keystroke. This means you do not need to type out a word then click a search button to try finding a word that you might have misspelled....

November 6, 2010 路 2 min 路 373 words 路 Omid Farhang

Mozilla Gives Firefox a New Add-On for Audio and Video Recording

Mozilla Labs has been working hard on browser-based audio and video 鈥 not just for playback, but also for recording. Labs鈥 newest creation, called Rainbow, lets developers access your hardware鈥檚 video and audio recording capabilities with a few lines of JavaScript. The files created are all in open-source formats, including Theora, Vorbis and Ogg (support for WebM and other formats are planned in the product鈥檚 roadmap). Once media is captured, files can be accessed via the DOM with HTML5 File APIs....

October 29, 2010 路 2 min 路 218 words 路 Omid Farhang

Firesheep: who is eating my cookies?

Internet is great, and everyday millions of people spend their day surfing it, using Google, Gmail, Youtube, Twitter, Facebook, etc. Some people buy at ebay, or Amazon. Even some people use it to work, though these cases maybe not that common As a reader of this blog, you are concerned about security and therefore you already know that connecting through public WiFi is a risky sport. But it is also really convenient, how many of you have done it in McDonalds,Starbucks, etc....

October 26, 2010 路 3 min 路 496 words 路 Omid Farhang