Ask MetaFilter questions tagged with firefox and security

Autopager: safe to use?

dicetumbler — Wed, 24 Dec 2008 09:32:46 -0800

Is it safe to use the Firefox extension "Autopager"? I have a question about the Autopager extension (link). As far as I can tell, when I visit a site like google.com, the extension queries a database and downloads a script that allows me to see all the results in one infinite-scrolling page (as opposed to my having to click "next"). I guess the scripts are in XPath. My question is, is this safe, or am I potentially opening myself up to attacks, like the way I hear people can use javascript?

I might not have gotten the description quite right (not as big a geek as I wish I was). In any case, I'd appreciate it if someone could give me the bottom line and tell me this extension is safe to use (or not). Thanks!

How safe is Firefox 2.0?

storybored — Sat, 19 Jul 2008 13:36:44 -0800

How secure is Firefox 2.0? I recently attended a short seminar on Web security and the horrors of "drive by downloading". So how vulnerable is the latest version of Firefox 2.0 to this type of nastiness? What about 3.0? At Mozilla.org, there's a nice long list of the security flaws that each 2.0 update has fixed. But no general statement. Even a probabilistic statement would be nice....

No, really, it's still the same computer!

Cricket — Mon, 11 Feb 2008 21:38:47 -0800

What is losing some of my identifying information from Firefox every time I reboot the computer? I'm running Firefox v. 2.0.0.12 on Windows Vista with a Vaio VGN-N230E laptop. Every time I reboot the computer (as for installation of certain updates), I find that I am no longer logged into some sites that normally remember me (Metafilter, for one), and financial pages that require verification beyond a password when you access them from a different computer think I'm on a new computer (this is the only one I use) and require me to jump through verification hoops (Chase has one that requires them to call me with a PIN, which was a problem when their verification system was down for nearly a month--I rely on being able to pay certain bills online).

Is there anything I can change about my computer settings so that I'm still me after a reboot? Is this a cookie issue? I have cookies set to only delete when they expire, and I looked in the cookie manager and found tons of cookies (though, come to think of it, none from websites I know are affected, and those should be leaving some, right?).

Why is this website trying to connect to some of my bookmarks?

Anonymous — Sun, 28 Oct 2007 11:56:26 -0800

Visiting a website forces firefox to try to make several HTTPS connections to websites in my bookmarks. Okay, this is slightly embarrassing but my curiosity and paranoia are stronger so I must ask:

While strolling through the interwebs, I happened upon a website with pictures of pretty girls. Nothing depraved, just pretty girls, 90% non-nude but for the sake of everyone here let's say NSFW.

Clicking on one of the pictures to see a larger view set off my newly installed firewall, notifying me of several HTTPS connection attempts to websites in my bookmarks, including:

Logmein
Vanguard (banking)
Latimes.com
FNBO Direct (banking)

What!? Obviously the banking stuff makes me nervous.

Anyone know how it's pulling these from my bookmarks and the security problems going on here?

I'm a former XP user, so I understand the dangers of spyware/trojans/etc... but the odd thing is I'm on OS X, using Firefox.

More info you might ask:

-These bookmarks aren't placed near each other in my bookmarks (different folders), yet they are all HTTPS.
-It's always the same websites each time I close firefox and try to reload the website, not random ones.
-Using Firefox 2.0.0.8 on a fully patched OS X 10.4.10
-Firewall is Little Snitch (there's a free demo of version 2.0 until Nov 17)

Here's a link to the website, NSFW and please take your own firewall precautions.

Please forget you knew my name

aburd — Sat, 10 Feb 2007 17:19:33 -0800

I don't like that Firefox knows my credit card number. How do I make it forget and not relearn this information? When I buy things online Firefox often will try to "help me" by remembering the form information. It offers what it thinks I might be typing beneath the form cell. This is really handy many times, but it is also remembering my credit card number. That bugs me. Other people use my computer sometimes, and while I trust them, I don't want them being offered the option of my credit card number if they buy something.

Using a toolbar I can have my name, address, etc entered with the click of a button. So really I don't need Firefox to help me in this way. So how do I turn it off? I see the option in Firefox to clear "saved form information" but how do I stop it from re-learning this information?

Non-irritating password remembrance?

pornucopia — Sun, 09 Apr 2006 21:44:07 -0800

I want my browser to remember my password for a couple of sites, but it must assume that I don't want most of my passwords remembered. I hate browser popups that ask "Remember this password?" What's a good solution? I use Firefox on Windows.

HOSTS file and Firefox

Anonymous — Fri, 20 Jan 2006 11:00:54 -0800

I'm interested in enacting parental controls on the Mozilla Firefox browser. I have a teenage son who is reasonably computer savvy, who I strongly suspect of visiting a certain not-so-swell website. (I have cookies for this site listed, but he erases the history log)

What I want to do is block this site from being browsed. I have tried editing the HOSTS file, but it doesn't seem to work. When I set the site to IP 127.0.0.1 or 0.0.0.0, and I ping the site from the command prompt, then the HOSTS redirect appears to be working.

When I browse to the site in Firefox, however, it comes up just the same as always.

Can anybody tell me what I'm doing wrong? Barring that, are there any other secure freeware blockers that any of you have used successfully on Firefox? Any extensions?

Our computer is connected to a cable modem via a wireless router, if that makes any difference.

How to prevent Drudge from generating popups?

Manjusri — Mon, 20 Jun 2005 02:06:51 -0800

Drudge seems to have figured out a way around the Firefox popup blocker. I'm guessing it has to do with Java, but I'd rather not disable java or javascript, since that would reduce the functionality of the browser. Any less drastic way to prevent this?

Firefox password safety?

Nelson — Mon, 21 Feb 2005 15:28:30 -0800

How safe is it for me to store passwords in Firefox? The threat model I'm worried about is a bug in Firefox's site containment stuff letting Javascript / Java from one website somehow get at the stored password for another website. I'm the only one with physical access to my machine, so I'm not concerned about an unauthorized person at the keyboard. And I'm not worried about a trojan stealing passwords: if it's gonna do that, it's gonna run a keysniffer too. A master password doesn't seem to be much help to me.