Seven Must-Have Firefox Security Add-Ons
Web-borned Attacks Galore
Mobile workers who access the Internet from laptops while traveling can pose a serious security threat to your network. That's because laptops are more vulnerable to malicious software and hacker attacks when they are not protected by corporate security systems. When the mobile worker returns to his office and connects to the corporate network, a compromised laptop can spread malware throughout the organization or cause a company-wide security breach.
To minimize the risk of succumbing to a web-borne attack then, it's essential that laptop users use the Web as safely as possible, and the first thing to decide upon is a browser. The two most popular choices are Microsoft's Internet Explorer and Mozilla Firefox, and there's some debate about which one is more secure. It's certainly true that Explorer is used by far more people than Firefox (due to it's being part of the Windows operating system) so one could argue that, all things being equal, choosing the minority browser is the sensible choice because it offers a smaller (and thus less tempting) pool of potential victims to malware writers.
Ensuring that the browser is up to date can help minimize security risks, but perhaps the most interesting feature of Firefox from a security perspective is the possibility of enhancing the browser's security with the addition of browser extensions or add-ons. Of course any add-ons risks adding new vulnerabilities, but if they protect against known problems at the expense of possibly adding as-yet unknown ones, then the trade-off may well be worth it.
With that proviso, here are some important ones to consider for anyone browsing the Web on a laptop outside the corporate network, to protect against web-based exploits, and more general security risks. All are available from http://addons.mozilla.org.
NoScript also protects against Cross Site Scripting attacks, and ClickJacking (also known as UI Redressing) attacks that cause users to click on buttons which are obscured by other page elements.
2. CS Lite
This simple add-on allows users to selectively or globally block cookies from websites, and view edit and delete them directly from the status bar. It does for cookies what NoScript does for scripts and plug-ins.