Archive for Firefox

Firefox Yanks Russian Search Providers From Their Browser

Posted in Commentary with tags , on March 16, 2022 by itnerd

This morning I woke up to Firefox wanting to do an update to version 98.0.1. So I dutifully did the update that it requested. And when I checked to see what changed, I saw this:

Those are Russian search engines. That immediately got my attention as I was not aware that Firefox used any Russian search engines. I am going to go out on a limb and suggest that Mozilla is concerned about mis-information being spread via having those search engines in Firefox. Which these days is a legitimate concern.

I’m now waiting for the announcement that Firefox is banned in Russia as a result of this move.

Firefox 69 Turns On Tracking Protection By Default

Posted in Commentary with tags on September 3, 2019 by itnerd

Firefox users should be aware that Mozilla has switched on Firefox’s tracking protection feature for everyone on Windows and Android, dialing up its effort to protect privacy from website publishers and advertisers that would like to keep tabs on your online behavior. I am guessing that this is an attempt to match the feature set found in Apple’s new Safari browser that is due in macOS 10.15. Here’s what Mozilla had to say in a blog post:

For today’s release, Enhanced Tracking Protection will automatically be turned on by default for all users worldwide as part of the ‘Standard’ setting in the Firefox browser and will block known “third-party tracking cookies” according to the Disconnect list. We first enabled this default feature for new users in June 2019. As part of this journey we rigorously testedrefined, and ultimately landed on a new approach to anti-tracking that is core to delivering on our promise of privacy and security as central aspects of your Firefox experience.

Currently over 20% of Firefox users have Enhanced Tracking Protection on. With today’s release, we expect to provide protection for 100% of ours users by default. Enhanced Tracking Protection works behind-the-scenes to keep a company from forming a profile of you based on their tracking of your browsing behavior across websites — often without your knowledge or consent. Those profiles and the information they contain may then be sold and used for purposes you never knew or intended. Enhanced Tracking Protection helps to mitigate this threat and puts you back in control of your online experience.

To get this protection, you’ll need to make sure that you’re running Firefox 69 which is available now.

Have I Been Pwned Teams Up With Mozilla To Ensure That You Don’t Get Pwned

Posted in Commentary with tags on June 26, 2018 by itnerd

Coming to a future version of Firefox is Firefox Monitor which is a service that is powered by the famous Have I Been Pwned Service. The tool will allow Firefox users to enter an email address to see if their account was part of a known breach. If so, Firefox Monitor will let them know the extent of the personal data exposed, and serve up recommendations on how to secure their account. The service will go into trials next week and then roll it out to everyone if the trial is successful. Watch this space for more details.

Mozilla Releases Firefox Addon That Isolates Facebook From The Rest Of Firefox

Posted in Commentary with tags , on March 27, 2018 by itnerd

Now this is something that a significant number of those who still use Facebook for whatever reason will use. A Firefox add-on that isolates the Facebook website and all its domains to a separate “container” has been released by Mozilla today. The add-on is named Facebook Container and it is meant to address Facebook’s more “sinister” data collection habits.

When you first use Facebook Container, it will zap any existing Facebook cookies and prompt you to log back into their Facebook. The add-on will then create a separate database that will keep all Facebook-related data, such as cookies, cache data, and more. If you go anywhere else other than Facebook, the normal Firefox database will be used. Thus Facebook has no clue what you’re doing.

This is a brilliant idea and hope that those behind Edge, Internet Explorer, Chrome, Safari as well as other browsers are paying attention as this make Mozilla look like heroes at a time when we could use a hero to protect the world from the evils of Facebook.

Firefox Users Need To Update Their Browser NOW To Avoid Pwnage

Posted in Commentary with tags on February 2, 2018 by itnerd

If you run Firefox as your browser, you should update it ASAP if you’re running anything less than version 58.0.1 because of an exploit that the Cisco security team found:

A vulnerability in Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.

The vulnerability is due to insufficient sanitization of HTML fragments in chrome-privileged documents by the affected software. An attacker could exploit the vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely.

Mozilla has confirmed the vulnerability and released software updates.

In English, that means that an attacker can pwn you if you run Firefox on a computer with administrative rights. And by pwn I mean that they can literally do anything they want. So to avoid pwnage, make sure you’re running the latest Firefox. Do it now. You’ll thank me later.



Firefox 57 Launches Today

Posted in Commentary with tags on November 14, 2017 by itnerd

Last week I gave you a heads up on Firefox 57 and what it does with extensions. Today, Firefox 57 which is also known as Firefox Quantum has launched. Here’s what Mozilla had to say:

When you load it for the first time, you’ll notice that it looks different. Some highlights include a unified search bar that helps you get to what you’re looking for lickity-split, navigation icons are organized on the left and the far right side is where you can find all your personal items like downloads, history, screenshots). Even better, this bold new design and intelligent menus are easy to use and look amazing on PC, Macs, phones or tablets.

The new Firefox runs fast thanks to hundreds of performance improvements. This means that Firefox Quantum is 2 times faster and uses 30% less memory than Chrome, so you don’t have to sacrifice performance to use the browser backed by not-for-profit, champion for the user, Mozilla.

Great marketing. It will be interesting to see if actual users see those sorts of performance gains. You can update to it now as long as you’ve got extensions that play nice with it. Let us know via a comment how this new version of Firefox works for you.

#PSA: Firefox 57 Dumps Your Legacy Extensions

Posted in Commentary with tags on November 10, 2017 by itnerd

On November 14, Mozilla will be releasing Firefox 57. It promises to be massively faster than any other Firefox that came before it because it will better leverage the hardware that you have to run faster.

However, it also brings a major change for those who use extensions to add functionality to the browser. Up until now Firefox has supported two types of extensions. The traditional legacy ones and the WebExtension ones that work more like what Chrome uses. As of Firefox 57, the browser will only support the latter. The reason for this change is that legacy extensions slow down Firefox and cause stability problems that end users often blame on Firefox. Thus Firefox becomes way more stable by taking away the ability to run legacy extensions. But it also means if you have the former installed and you happen to like them, you need to check for updates or they will stop working the second that you install Firefox 57.

My advice is that you should check Are we WebExtensions yet to see if the extensions that you use have WebExtenion versions and upgrade now to avoid some pain in a few days. But don’t be surprised if you favorite extension is missing a WebExtension version. Well known ones such as Lastpass, DownThemAll, HTTPSEverywhere and Flashblock are among the extensions that haven’t made the transition. Which is kind of odd as developers knew that this was coming for well over a year as Mozilla has been pretty public about this change. Thus if you want to be ticked off at someone, direct your outrage towards the developer and not towards Mozilla. Your other option is to remain on the version of Firefox that you’re running, but that’s a bit of a security risk as you’d be running a version that may have exploits that are patched in newer versions.

It will be interesting to see what happens when Firefox 57 ships next week. Will there be a lot of rage or will this be much ado about nothing? Stay tuned.

Firefox To Kill Off Vista And XP Support By Next June

Posted in Commentary with tags on October 5, 2017 by itnerd

Here’s another reason for you to upgrade to Windows 10 if you’re still running Windows XP or Vista. Firefox, which is the last browser to support Vista and XP will drop support for those two operating systems next June:

Today we are announcing June 2018 as the final end of life date for Firefox support on Windows XP and Vista. As one of the few browsers that continues to support Windows XP and Vista, Firefox users on these platforms can expect security updates until that date. Users do not need to take additional action to receive those updates.

We strongly encourage our users to upgrade to a version of Windows that is supported by Microsoft. Unsupported operating systems receive no security updates, have known exploits, and are dangerous for you to use.

So consider this a big push for you to upgrade to a newer operating system so that you can run Firefox…. And pretty much anything else that’s out there at present. While you have six months or so before Firefox no longer supports Vista and XP, you should plan on making the move now as that would be less painful.

An Exploit That Is “Impossible To Detect” Exists On Chrome, Firefox, & Opera

Posted in Commentary with tags , , , on April 17, 2017 by itnerd

A Chinese researcher has found an exploit that can be leveraged for phishing attacks on Chrome, Firefox, and Opera. Here’s the kicker, there’s no way you can protect yourself. Here’s the details from The Hacker News:

Hackers can use a known vulnerability in the Chrome, Firefox and Opera web browsers to display their fake domain names as the websites of legitimate services, like Apple, Google, or Amazon to steal login or financial credentials and other sensitive information from users.


Okay, then before going to the in-depth details, first have a look at this demo web page, set up by Chinese security researcher Xudong Zheng, who discovered the attack.

“It becomes impossible to identify the site as fraudulent without carefully inspecting the site’s URL or SSL certificate.” Xudong Zheng said in a blog post.

If your web browser is displaying “” in the address bar secured with SSL, but the content on the page is coming from another server (as shown in the above picture), then your browser is vulnerable to the homograph attack.

Homograph attack has been known since 2001, but browser vendors have struggled to fix the problem. It’s a kind of spoofing attack where a website address looks legitimate but is not because a character or characters have been replaced deceptively with Unicode characters.

Lovely. Google (via Engadget) says that they have a fix on the way for this. Firefox users can mitigate the attack by doing the following:

  1. Type about:config in address bar and press enter.
  2. Type Punycode in the search bar.
  3. Browser settings will show parameter titled: network.IDN_show_punycode, double-click or right-click and select Toggle to change the value from false to true.

Opera and Chrome users have no mitigation strategies available at this time. Hopefully, all three browsers will be fixed shortly as this is extremely dangerous.

Update Firefox NOW Due To Exploit In the Wild

Posted in Commentary with tags on August 7, 2015 by itnerd

If your preferred browser is Firefox, make sure you’re running version 39.0.3. If you’re not, upgrade right now. Here’s why:

Yesterday morning, August 5, a Firefox user informed us that an advertisement on a news site in Russia was serving a Firefox exploit that searched for sensitive files and uploaded them to a server that appears to be in Ukraine. This morning Mozilla released security updates that fix the vulnerability. All Firefox users are urged to update to Firefox 39.0.3. The fix has also been shipped in Firefox ESR 38.1.1.

Scary isn’t it. At least Mozilla (the people behind Firefox) reacted quickly to this. Thus all you need to do is upgrade yourself to be fully protected.