February 17, 2019

Seven Must-Have Firefox Security Add-Ons - page 2

Web-borned Attacks Galore

  • February 26, 2009
  • By Paul Rubens

3. ShowIP

ShowIP helps against phishing attacks by displaying the IP address of the current website in the status bar at the bottom of the browser. While this is of limited use in itself (unless the user happens to know the IP address of the web site they want to visit,) right clicking on the IP address shown in the status bar brings up a number of options, including running a whois lookup to confirm the registered owner of the IP address concerned.

4. WOT (Web of Trust)

The WOT add-on gives a trustworthiness rating for sites that users visit based on feedback from other WOT users, access from a WOT button in the address toolbar. The button itself changes color depending on the trustworthiness of the site, giving an instant warning when a user visits a site that may be a source of malware. For some sites, such as those rated dangerous, WOT brings up a warning screen with the options to proceed to the site, add it to a whitelist, or to find out more information about the nature of the dangers that other users have reported.

5. Foxmarks

There's always a danger with mobile workers that bookmarks for sites that are on their desktop computers won't be available on their laptops. If they then type in the address of the site manually there's the possibility that they could misspell it, and end up on a malicious web site inadvertently. Foxmarks prevents this by syncing the user's laptop and desktop bookmarks, so they can access frequently visited sites via bookmarks which are known to work. Foxmarks can also sync web site passwords (protected by a PIN) so that passwords stored on a desktop machine by Firefox's password manager are also available without the user having to write them down for use on the road. This also makes it more practical for a user to change their passwords frequently and storethem within Firefox without having to worry about keeping the password stores on different computers synchronized.

6. Master Password Timeout

Firefox has the ability to remember and enter passwords for web sites that the user may visit, and these passwords can be protected with a master password. If the master password is long and not guessable but stored on the user's head (i.e. not written down) then having Firefox remember passwords can be a very secure solution. The problem is that once the master password is entered Firefox gives the user access to passwords without prompting for the master password until it detects five minutes of inactivity. This is a potential security risk if the user leaves the laptop unattended for a minute or two in a public place. To prevent this Master Password Timeout allows the user to specify their own, shorter timeout period. The master password can also be "logged off" manually from the Tools menu once Master Password Timeout is installed.

7. FireGPG

The use of encryption and digital signatures are important ways of maintaining the security of communications which are sent over insecure channels such as the Internet , when a VPN is not available. FireGPG allows users to encrypt, decrypt, sign and verify the signature of text from within Firefox from a FireGPG item in the Tools menu. It also adds buttons to the Gmail web page carrying out the same functions. Note: FireGPG requires that GnuPrivacyGuard (GPG) is installed on the laptop computer.

Article courtesy of Enterprise Networking Planet

Most Popular LinuxPlanet Stories