Firefox gains Google encrypted search by default
Posted on 18 July 2012.
With this latest Firefox release (v14.0.1), Mozilla has fixed a slew of security vulnerabilities, including five deemed critical that may have allowed hackers to run attacker code and install software without requiring any user interaction.

The new release also includes some welcome new and changed security features such as default Google encrypted search, an improved site identity manager to prevent spoofing of an SSL connection with favicons, and the ability to configure the browser not to load plugins without user interaction.

"Enabling HTTPS for these searches shields our users from network infrastructure that may be gathering data about the users or modifying/censoring their search results. Additionally, using HTTPS helps providers like Google remove information from the referrer string," Mozilla's Lead Privacy Engineer Sid Stamm explained in May.

"While Google users may expect Google to know what they are searching for, Firefox users may not be aware these search terms are often transmitted to sites they visit when they click on items in the search results; enabling HTTPS search helps sites like Google strip this information from the HTTP referrer string, putting the user better in control of when and to whom their interests are shared."

The changing of the icons in the address bar according to the type of site the user is visiting (regular, with SSL encryption, or those possessing an Extended Validation Certificate) should also help users to identify malicious sites:


Finally, the browser can be configured in such a way as to prevent add-ons to be run without user interaction, in order to prevent users to be unknowingly saddled with malicious plugins via booby-trapped websites.






Spotlight

Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //