SEARCH

The How-To Geek Forums Have Migrated to Discourse

How-To Geek Forums / Geek Stuff

FF add ons for security

(7 posts)
  • Started 5 years ago by BobJam
  • Latest reply from JonMCC33
  • Topic Viewed 1408 times

BobJam
BobJam
Posts: 1052

I've recently switched over my default browser and email reader from IE7 and OE to Firefox 3.03 and Thunderbird 2.0.0.17. So far I'm very satisfied, though I'm still on the learning curve.

I also operate within a sandbox (Sandboxie).

I'm still experimenting with add ons and am particularly interested in security add ons.

I have found that the WOT, NoScript, Flagfox, and Interclue add ons are particularly useful, though those are all FF and not TB security add ons.

Since I'm still new to FF and TB, I'd like to ask what security add ons others are using. I know the Geek is a FF user, and I think Scott is too, and I'm sure there's a lot of others out there.

Thoughts and suggestions?

Posted 5 years ago
Top
 
Scott
Scott
Posts: 5618

Bob, the only security addon I use is NoScript. All the rest (24) make my browsing experience a little easier, or more fun. I do use AdBlockPlus though.

Here is the link to addons Mozilla considers for security,
https://addons.mozilla.org/en-US/firefox/browse/type:1/cat:12

I've never used TBird but I know many here do.

Posted 5 years ago
Top
 
0zSpitt
0zSpitt
Posts: 1037

adblock plus and trackmenot are a couple of others. no script gets to be a pain after a while but it makes it pretty secure

Posted 5 years ago
Top
 
Lighthouse
Lighthouse
Posts: 13598

I was under the impression, that, running a browser "sandboxed", gave 100% protection. Am I wrong?

Posted 5 years ago
Top
 
BobJam
BobJam
Posts: 1052

LH,

Well, as far as I'm concerned, YES, running sandboxed is secure, but I don't think you can ever say something is . . . "100%" secure. Sandboxie, though, is probably 99.9% secure. There are those that would argue that malware CAN in fact detect if it's in a sandbox (VM or Software Emulator), and indeed there have been some credible papers done on that.

While there has yet to be any credible evidence that malware can break out of a sandbox (I've heard it compared to waking up and realizing you are in jail, but you can't break out of jail), the malware writers I'm sure are hard at work figuring out a way to break out of a sandbox. And when sandboxes become more popular as security measures (and they are already being used by more and more people), no doubt the malware writers will increase their targeting efforts toward sandboxes.

Sandboxing is much less tedious than using a LUA . . . the only drawback is that when you try to do a download in a sandbox, the download is confined within the sandbox (which actually ISN'T a drawback if you happen to download malware) and the download is immediately deleted when you exit the sandbox session.

I consider that a drawback in the sense that if you don't remember you're in a sandbox and do a legitimate clean download, you have to start the download all over again in a non-sandboxed session. There is a sandbox marker ("[#]" for Sandboxie) up in the title bar and that will tell you the browser is in a sandbox (I'm in one right now), but I don't always look at the title bar. And then when I leave the sandboxed session and look for my download and see it's not there, that's when I go "Duhhhh . . ." and I have to do it all over again in a non-sandboxed session.

There IS a setting in Sandboxie that will allow a download to poke out of the sandbox, but once you start creating holes like that in the sandbox, you're defeating the whole purpose of the sandbox. That would be like leaving the jail door open.

Bottom line, sandboxes are secure right now, but as always the malware writers will figure out a way to "break out of jail".

Posted 5 years ago
Top
 
ScottW
ScottW
Posts: 6609

Bob, I like NoScript for security. I don't feel that I need WOT because the search engines, such as Google, and FF3 both protect me from going to bad sites. I am looking forward to trackless browsing in FF 3.1 (will also be in IE8). Privacy and security are close cousins.

I have used VMs before, but I don't feel the need to run my browser in a VM or even a sandbox. However, you certainly have a secure system there and browsers are one of the most insidious infection vectors. When you feel that the sandbox environment is no longer safe, consider Logical Partitioning. :-)

Posted 5 years ago
Top
 
JonMCC33
JonMCC33
Posts: 266

Just use Adblock Plus and a good AV program like Avast.

Posted 5 years ago
Top
 



Topic Closed

This topic has been closed to new replies.

Enter Your Email Here to Get Access for Free:

Go check your email!