The choice of a browser on a home PC or laptop is a personal one and is best left as such. A Firefox fanatic might never ever agree that Chrome could be a better choice. A Chrome man might vehemently dispute Opera’s claim of the fastest. Hence I would never ever say that a particular browser is or should be ‘the’ browser on a PC, laptop or netbook. I would only say that whatever is your preferred browser, use the latest version.
Continuing with the look into Firefox, I will take up the HTTP STS implementation and its implications for security in the Firefox 4. You may also find the previous part one and part two of interest.
5. The most interesting feature is the implementation of HTTP STS by default in Firefox 4. What this ensures is that the browser is forced to switch to ‘https’ instead of the normal ‘http’ for specified sites and ensure greater security.
Unfortunately, Firefox 4 is not provided with an inbuilt interface where users can add their own sites - like their bankers or a social networking site. This UI can be enabled by installing the ForceTLS extension in Firefox.
To add your own sites, open up the extension manager and options of the ForceTLS add-on. Type the URL like ‘www.google.com’ or ‘google.com’, check mark the box ‘Force sub-domains too’ and click ‘Add Site’ button. You can always remove one or all the sites with the buttons at the bottom.
Note: There is a slight bug in interaction between ForceTLS and Firefox in Private Browsing mode. In Private Browsing mode, any site can be added via the ForceTLS extension UI. However, they cannot be removed. To remove site(s), you’ve to restart Firefox in ‘normal’ ‘non-private’ mode and do the job. Also before you add a site to the list, be sure that the website does offer ‘https’ - don’t add a site blindly. Just because https is secure and is meant predominantly for web monetary transactions, do not assume that your bank does offer https. Check before you add it and if not, write to your bank.
:-P
Does HSTS and ForceTLS ensure that your banking transactions are fully secure? Unfortunately, no one can promise absolute, 100% security on the net. What this does is reduce the possibility of privacy violation or worse when you venture out on the web. It is like ensuring you have a really good lock on your door. A determined burglar may break through, but it ensures that your belongings are safe most of the time.
Firefox support page at the Mozilla site can be found here [http://support.mozilla.com/en-US/home]
Continuing with the look into Firefox, I will take up the HTTP STS implementation and its implications for security in the Firefox 4. You may also find the previous part one and part two of interest.
5. The most interesting feature is the implementation of HTTP STS by default in Firefox 4. What this ensures is that the browser is forced to switch to ‘https’ instead of the normal ‘http’ for specified sites and ensure greater security.
Unfortunately, Firefox 4 is not provided with an inbuilt interface where users can add their own sites - like their bankers or a social networking site. This UI can be enabled by installing the ForceTLS extension in Firefox.
To add your own sites, open up the extension manager and options of the ForceTLS add-on. Type the URL like ‘www.google.com’ or ‘google.com’, check mark the box ‘Force sub-domains too’ and click ‘Add Site’ button. You can always remove one or all the sites with the buttons at the bottom.
Note: There is a slight bug in interaction between ForceTLS and Firefox in Private Browsing mode. In Private Browsing mode, any site can be added via the ForceTLS extension UI. However, they cannot be removed. To remove site(s), you’ve to restart Firefox in ‘normal’ ‘non-private’ mode and do the job. Also before you add a site to the list, be sure that the website does offer ‘https’ - don’t add a site blindly. Just because https is secure and is meant predominantly for web monetary transactions, do not assume that your bank does offer https. Check before you add it and if not, write to your bank.
:-P
Does HSTS and ForceTLS ensure that your banking transactions are fully secure? Unfortunately, no one can promise absolute, 100% security on the net. What this does is reduce the possibility of privacy violation or worse when you venture out on the web. It is like ensuring you have a really good lock on your door. A determined burglar may break through, but it ensures that your belongings are safe most of the time.
Firefox support page at the Mozilla site can be found here [http://support.mozilla.com/en-US/home]
No comments:
Post a Comment