IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [firefox]

Firefox is a Web browser that is smaller, faster, and in some ways more secure than the Netscape browser from which much of its code was derived.

Firefox is a Web browser that is smaller, faster, and in some ways more secure than the Netscape browser from which much of its code was derived.

352 questions
92
votes
6 answers

Why does my IT department block Firefox?

We received a message from the IT bods this week stating: Summary of the issue: IT will disabling and blocking the use of the browser Firefox next Thursday the 03.12.20 on all IT managed devices. Due to certain vulnerabilities and security risks…
Sam
  • 673
  • 1
  • 3
  • 6
77
votes
13 answers

Should I allow browsers to remember my passwords and synchronize them?

I wonder, how wise is it to allow Chrome and Firefox to a) remember the passwords b) synchronize them? My gut tells me that if it's not man in the middle who can intercept them, but Google and Mozilla themselves can see them on their servers or with…
Incerteza
  • 2,177
  • 3
  • 15
  • 22
71
votes
1 answer

Why is there no certificate error while visiting google.net although it presents a certificate issued to google.com?

The following output shows that google.net is presenting a certificate that has been issued to www.google.com. $ openssl s_client -connect google.net:443 < /dev/null > out.txt 2>&1; cat out.txt depth=2 /C=US/O=GeoTrust Inc./CN=GeoTrust Global…
Lone Learner
  • 968
  • 1
  • 9
  • 18
66
votes
3 answers

Why is Firefox (and only Firefox) reporting that my connection is insecure on multiple sites?

After installing Firefox 54.0.1 on my work laptop, the first page I see warns me that "Your connection is not secure" when opening https://www.mozilla.org/. "The owner of Firefox has configured their website improperly" After browsing a bit more, I…
Stevoisiak
  • 1,515
  • 1
  • 11
  • 27
65
votes
6 answers

Are there objective reasons to not allow Google Chrome extensions, but to allow Firefox extensions?

Recently, the company I work for has forbidden usage of any extensions in Chrome. They also do not allow account sync. This affected virtually all Web developers since they use Chrome to test their front-end code and use an extension or two to…
Alexei
  • 2,183
  • 3
  • 9
  • 23
60
votes
4 answers

Can HSTS be disabled in Firefox?

For pentesting/VA, it is, of course, imperative to always be able to see the HTTP site of a target. If present, HSTS conflicts with this need. Without using a proxy to address the problem (e.g. Burp), is it possible to natively disable HSTS in…
Cheekysoft
  • 1,267
  • 1
  • 9
  • 12
43
votes
4 answers

How can you change "system fonts" in Firefox (to increase own safety & privacy)?

I know there were some previous (similar) questions to this, I have read them all and also tried but nothing has really helped (maybe because it was outdated information). What I did was I went to: https://panopticlick.eff.org to see my digital…
tenepolis
  • 533
  • 4
  • 7
40
votes
3 answers

Is Ghostery safe to use?

I've heard about Ghostery, a browser extension/plugin that blocks web trackers. But according to this link it sells our data. Are add-ons and plugins open source in Firefox? Is there another alternative to Ghostery?
Vesal75
  • 559
  • 1
  • 5
  • 8
39
votes
1 answer

Can a browser extension (Chrome, Firefox, etc.) read the web console log?

I realized that my bank handles sensitive information in the web console log, so my concern is if any browser extension could read the log?
Nyan D' Sparkle
  • 509
  • 4
  • 6
39
votes
4 answers

Avast AV could read Firefox saved passwords

My friend uses Firefox's built-in password manager feature to save passwords for sites. Later, after installing Avast Free Antivirus there was a feature called Passwords on the Avast UI. When accessed it read all the stored passwords from Firefox…
RamValli
  • 491
  • 4
  • 7
32
votes
3 answers

Are official browser add-ons really safe?

Almost any browser addon/extension that I install on my Chrome or Firefox (be it Firebug, RESTClient, ...) warns me, saying: It [the add-on] can: Access your data on all website Access your tabs and browsing activity Now, practically speaking, I…
Harry
  • 861
  • 8
  • 12
28
votes
2 answers

How can you fake geolocation in Firefox?

Google and many other sites know my correct location. How can I fake my location without using a VPN, proxy, Tor or similar? I went to about:config and looked for geo. What I think I have to modify is geo.wifi.uri? Maybe we can put in false…
cnmesr
  • 475
  • 1
  • 6
  • 9
28
votes
7 answers

How trustworthy is Firefox?

I looked at different password managers, to swap my user-generated, more or less predictable passwords for automatically generated, secure passwords. I stumbled upon KeePass and FeeFox (for Firefox integration), which seems to be a good and trusted…
Christian
  • 381
  • 1
  • 3
  • 4
28
votes
3 answers

Firebug appears to be decrypting SSL traffic: is it the correct behaviour?

In my company we were writing a small web application which would be hosted and tested under HSTS protocol. One of my tester complained that the username and password can be seen in cleartext so it is insecure. I replied that due to HSTS…
BlueBerry - Vignesh4303
  • 5,107
  • 13
  • 34
  • 63
27
votes
3 answers

Is Firefox Password Manager less secure than LastPass?

After installing the LastPass password manager, I am presented with a login dialog including the option to "Disable Insecure Firefox Password Manager". (This option appears as long as the Firefox Password Manager is enabled, whether or not a master…
lofidevops
  • 3,550
  • 6
  • 23
  • 32
1
2 3
23 24