Why does one version of firefox allow me to facebook, and the other does not?
December 11, 2011 4:53 PM Subscribe
Why would one browser version circumvent my company's internet blocking software, while an updated version does not?
I just recently updated my Firefox browser from 3.5 (or 3.6?) to 8. On the old version, I could get to any internet site, including facebook and things apparently labeled "adult". Now that I've updated, the ScanSafe blocker works again. Now obviously, I shouldn't be visiting those sites, I shouldn't use software my company hasn't allowed, etc. I just want to know if there is any reason why updating the browser would have this effect. It's Windows XP Pro, I don't know which service pack. Both firefox versions are portable, and I still have both installed so I can offer more details if needed.
I just recently updated my Firefox browser from 3.5 (or 3.6?) to 8. On the old version, I could get to any internet site, including facebook and things apparently labeled "adult". Now that I've updated, the ScanSafe blocker works again. Now obviously, I shouldn't be visiting those sites, I shouldn't use software my company hasn't allowed, etc. I just want to know if there is any reason why updating the browser would have this effect. It's Windows XP Pro, I don't know which service pack. Both firefox versions are portable, and I still have both installed so I can offer more details if needed.
What add-ons are installed in each version? I'm wondering if AdBlock or NoScript are preventing the blocker from working correctly.
posted by werkzeuger at 5:04 PM on December 11, 2011
posted by werkzeuger at 5:04 PM on December 11, 2011
When something like that happened to me on my work computer, it turned out to be coincidental. The weekend I updated my browser and was playing around on the computer, they had done some changes on their acceleration server which temporarily turned off the nanny software that blocked unapproved sites.
Hours later, they fixed it and it was back to normal.
posted by birdherder at 5:05 PM on December 11, 2011
Hours later, they fixed it and it was back to normal.
posted by birdherder at 5:05 PM on December 11, 2011
Response by poster: They both have adblock plus, faviconize tab, ie tab, tab mix plus, microsoft .NET framework assistant and old location bar. The 3.5 version also has xmarks and menu editor. The 8 version has Missing e, and tiny menu.
posted by trogdole at 5:09 PM on December 11, 2011
posted by trogdole at 5:09 PM on December 11, 2011
Another alternative could be that your proxy settings are different between the browser versions--one version is hitting the HTTP proxy with the net nanny installed and another is not.
My company's net nanny works that way, though they've also disallowed any traffic that is not run through the proxy.
posted by fifteen schnitzengruben is my limit at 5:41 PM on December 11, 2011
My company's net nanny works that way, though they've also disallowed any traffic that is not run through the proxy.
posted by fifteen schnitzengruben is my limit at 5:41 PM on December 11, 2011
Best answer: Firefox version 4 changed the default proxy settings from "no proxy" to "system proxy setting", which on Windows translates to "copy the Internet Explorer proxy setting".
Seems likely to me that your netadmin has used Group Policy to select their approved filtering proxy, and that your pre-4.0 Firefox was simply ignoring this and connecting direct. For this to work, your netadmin would need to be wearing clown shoes. I leave the plausibility of that scenario to you.
If you want to restore the old behavior using the new Firefox, go to Tools->Options->Advanced->Network Connections and change the proxy from "system proxy" to "no proxy".
posted by flabdablet at 5:59 PM on December 11, 2011 [3 favorites]
Seems likely to me that your netadmin has used Group Policy to select their approved filtering proxy, and that your pre-4.0 Firefox was simply ignoring this and connecting direct. For this to work, your netadmin would need to be wearing clown shoes. I leave the plausibility of that scenario to you.
If you want to restore the old behavior using the new Firefox, go to Tools->Options->Advanced->Network Connections and change the proxy from "system proxy" to "no proxy".
posted by flabdablet at 5:59 PM on December 11, 2011 [3 favorites]
Oh and by the way: one of the standard checklist items on the ICT audit that upstream inflicts on my site every year is whether or not I'm using Group Policy to prevent users from changing IE's proxy settings. Since I am quite convinced that the guy who wrote that checklist was wearing clown shoes, I suspect that mistaking this kind of measure for "security" does indeed form part of some kind of tragicomic IT tradition.
Our upstream netadmins are not quite as silly as yours seem to be; they've actually worked out that by blocking port 80 outbound, most people will be forced to use their proxy for web access. And they're red-hot on preventing any kind of outbound access via "dangerous" ports like 993 for secure IMAP or 587 for secure SMTP, which stops my users doing threatening things like accessing their Gmail accounts via Outlook (quote: "Our External Fire Wall blocks these ports and provide protection to us all ... We are NOT going to open any other ports through the FW.")
Ports 1024 on up are wide open, though, so I guess none of those could ever possibly be used for anything even vaguely insecure.
posted by flabdablet at 5:09 AM on December 12, 2011
Our upstream netadmins are not quite as silly as yours seem to be; they've actually worked out that by blocking port 80 outbound, most people will be forced to use their proxy for web access. And they're red-hot on preventing any kind of outbound access via "dangerous" ports like 993 for secure IMAP or 587 for secure SMTP, which stops my users doing threatening things like accessing their Gmail accounts via Outlook (quote: "Our External Fire Wall blocks these ports and provide protection to us all ... We are NOT going to open any other ports through the FW.")
Ports 1024 on up are wide open, though, so I guess none of those could ever possibly be used for anything even vaguely insecure.
posted by flabdablet at 5:09 AM on December 12, 2011
« Older Asking out a socially awkward friend | What are the best accessories/apps/tweaks/forums... Newer »
This thread is closed to new comments.
posted by trogdole at 4:55 PM on December 11, 2011