Even worse was the fact that Firefox users were not able to manage these components at all as they would not be displayed in the add-on’s and plugin’s section of the web browser. This meant that Firefox users were not able to disable them if they encountered incompatibilities. But the Mozilla developers themselves were also unable to react on incompatible components or those that would pose a security risk to Firefox users. You might remember that they did block a Microsoft plugin globally after a security vulnerability was disclosed but that was a plugin, not something that was added to the components directory.

From Firefox 3.6 Beta 3 on the components directory is locked for third parties. This means that third party programs that were using this way to add their functionality to Firefox are not working anymore since they are blocked by the web browser. Only Mozilla components will from this web browser version on be allowed to use the components directory.

Neowin and others have reported about this but got their facts wrong as they linked this stability and security measure to the Microsoft silent install incident a while ago. Microsoft back then installed two plugins without the user’s consent, something that other software companies like Apple do as well. Microsoft’s bad luck was that a security vulnerability was disclosed shortly thereafter which made the Mozilla developers block the plugin globally for all Firefox users.

The components directory is a subdirectory of the Firefox installation directory.

Related posts

• Web Browser: Firefox 3.0.7 (5)
• Top 5 Security Plugins For Firefox, Chrome And Internet Explorer (17)
• Test The Phishing Protection In Firefox (4)
• Tab Preview Features In Firefox 3.6 (5)
• Secure Firefox with Firekeeper (2)

The Firefox 3.5.4. release notes classify the update as a security and stability update making it an recommended update for every Firefox user. The full list of fixes and changes lists a total of 124 items with seven marked as critical and 13 as major. The Firefox 3.0.15 release notes list fewer items but still mention several security and stability fixes for that version of the web browser making it a recommended update as well.

It should also be noted that Firefox 2.x is no longer supported by the developers who ask users to update to the Firefox 3.x branch as the older branch contains known security and stability issues that are not (and will not be) fixed.

Both Firefox 3.5.4 and 3.0.15 are available from the Mozilla firefox website.

Related posts

• Firefox 3.03 released (4)
• Web Browser: Firefox 3.0.8 (13)
• Web Browser: Firefox 3.0.7 (5)
• Prepare For Firefox 3.0.9. (4)
• Mozilla Firefox 3.0.11 Released (5)

The majority of the blame should not be put solely on Microsoft though. Other software companies like Apple or Google have been doing exactly the same thing. Firefox users might notice a Google Update plugin or Apple iTunes plugin in the plugin section of the web browser. And those installations are not blocked by the Firefox browser.

There is however an option to block automatic plugin installations. It is not a perfect solution though but it is all that is provided currently. The Mozilla developers have added several directories and locations in the Firefox preferences that are automatically scanned by the web browser for plugins. If a plugin is found it will be added and activated in the browser.

These plugin directories are listed in the all.js files which is located in the greprefs directory of the Firefox installation. The following directories and locations are listed in the file (search for plugin or another word that will move the cursor to that position).

// Locate Java by scanning the Sun JRE installation directory with a minimum version
// Note: Does not scan if security.enable_java is not true
pref(”plugin.scan.SunJRE”, “1.3″);

// Locate plugins by scanning the Adobe Acrobat installation directory with a minimum version
pref(”plugin.scan.Acrobat”, “5.0″);

// Locate plugins by scanning the Quicktime installation directory with a minimum version
pref(”plugin.scan.Quicktime”, “5.0″);

// Locate and scan the Window Media Player installation directory for plugins with a minimum version
pref(”plugin.scan.WindowsMediaPlayer”, “7.0″);

// Locate plugins by the directories specified in the Windows registry for PLIDs
// Which is currently HKLM\Software\MozillaPlugins\xxxPLIDxxx\Path
pref(”plugin.scan.plid.all”, true);

// Controls the scanning of the Navigator 4.x directory for plugins
// When pref is missing, the default is to pickup popular plugins such as
// Flash, Shockwave, Acrobat, and Quicktime. If set to true, ALL plugins
// will be picked up and if set to false the scan will not happen at all
//pref(”plugin.scan.4xPluginFolder”, false);

As you can see there are entries for Sun Java, Adobe Acrobat, Apple Quicktime, the Windows Registry and Netscape plugins. Putting a comment in front of the plugin locations that should not be scanned will block those plugins from being started with Firefox (comments are added by adding // in front of a row).

Many Microsoft, Apple and Google plugins are added from the location in the Windows Registry. It is not advised to block that location completely as it also lists the Adobe Flash plugin in the Registry which would stop Flash support in the web browser. The only solution right now would be to go into the Registry and backup and remove the plugins that are not needed. If it were not for the Flash plugin the whole Registry location could be blocked from being scanned.

The programs will not add their plugins again to the Windows Registry unless they are updated or reinstalled. Another option to automatically block plugin installation (and display a prompt instead) is to use a software that will show a prompt before a specific Registry key is edited in Windows. A program like MJ Registry Watcher can do that. Simply add the HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins key to the list of keys protected by the program to be informed whenever a software tried to change or add entries to the key.

Related posts

• How To Uninstall Windows Presentation Foundation Plugin In Firefox (18)
• Web Browser: Firefox 3.0.7 (5)
• Top 5 Security Plugins For Firefox, Chrome And Internet Explorer (17)
• Test The Phishing Protection In Firefox (4)
• Secure Firefox with Firekeeper (2)

The following is a guide on how to remove the Windows Presentation Foundation plugin in the Firefox web browser for good. If the plugin would not be blacklisted it would be possible to find out about its dll files by typing in about:plugins in the web browser address bar.

The dll NPWPF.dll is the the Windows Presentation Foundation plugin. Here are the steps to remove it from the Firefox web browser (and other Mozilla products) for good:

• Close the Firefox web browser and every other Mozilla software that is running.
• Go to x:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\ in windows Explorer where x is the drive letter where Windows is installed on the computer system.
• Locate the file NPWPF.dll
• Create a backup of the file by copying it to another location, e.g. to c:\backups\
• Delete the dll NPWPF.dll in the Windows Presentation Foundation folder
• Restart the computer

Open Firefox after the restart. The Windows Presentation Foundation plugin should not show up in the list of installed plugins anymore. There is a second step that might be necessary. There is also a Registry entry for the plugin. Do the following to remove the plugin from there as well:

• Open the Windows Registry, press [Windows key R], type regedit and hit [enter]
• Locate the Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins
• Locate the sub-key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5
• Right-click the sub-key and select Export to backup the key before deleting it.
• Delete the key in the Registry
• Restart the computer system or kill and reload explorer.exe in Windows to load the Registry without the key.

This should get rid of the Windows Presentation Foundation plugin in Firefox for now.

Related posts

• How To Stop Automatic Plugin Installations In Firefox (10)
• Web Browser: Firefox 3.0.7 (5)
• Top 5 Security Plugins For Firefox, Chrome And Internet Explorer (17)
• Test The Phishing Protection In Firefox (4)
• Secure Firefox with Firekeeper (2)

The Windows Presentation Foundation Plugin gets installed when the Microsoft .net Framework 3.5 SP1 gets installed in the Windows operating system. Users who noticed the installation also noticed that they were not able to uninstall the plugin, only disable it in the Firefox plugin manager.

Mozilla today blacklisted the Windows Presentation Foundation Plugin. Not because of the silent install but because of a security vulnerability, or to be precise a remote code execution vulnerability. The vulnerability was reported on October 16 and measures to block the plugin were initiated today. Interested users can read up on the vulnerability at the Bug listing at the Mozilla website.

This raises several interesting questions. Could Microsoft be held accountable if computer systems are successfully attacked? Microsoft is not the only developer that is adding plugins to Firefox without asking the user. The Mozilla developers should consider implementing a security control to block unwanted plugins from being installed. Users who have not received the message in Firefox yet should check in the plugin section if the plugin is installed and if it is enabled or disabled. It should be disabled immediately if it is not already.

Related posts

• Web Browser: Firefox 3.0.7 (5)
• Top 5 Security Plugins For Firefox, Chrome And Internet Explorer (17)
• Test The Phishing Protection In Firefox (4)
• Secure Firefox with Firekeeper (2)
• Safe Cache and History for Firefox (5)

Additional differences become apparent in the web browser plugin development and availability. Some browsers offer thousands of plugins while others only a handful. Plugins can be a very effective way of adding additional protection to the web browser. This article is about the top 5 security plugins for the most popular web browsers. If you know of a plugin that is missing in the list let us (and everyone else) know about it in the comments.

Mozilla Firefox

No Script – The one add-on that many security experts do not want to live without. No Script can block script execution on websites. It does so on all websites by default with the option to enable specific scripts temporarily or permanently. The add-on can prevent script based attacks (most of them are) if used correctly.

Last Pass – The password manager for Firefox. It can generate and remember secure passwords, fill out forms and even auto login the user into websites. The three important security related features are secure password generation, password storing and auto login. Secure passwords have the weakness that they are hard to remember. It is simply easier to remember 123456 than f&z_cU!;re4xZ especially if you consider that unique passwords should be used one every website. With Last Pass users get unlimited secure passwords with the need to only remember the master password. The auto login feature can be very effective against phishing attacks as it won’t work on phishing websites that use a different url than the original.

No Redirect – A versatile add-on that handles several things at once. It will reveal the destination url of short url services and prevent that Internet providers and other companies use DNS hijacks to show their (search pages). This does happen for instance with many major ISPs if the user mistypes a domain extension.

Link Extend and Web of Trust – Link Extend and Web of Trust provide a similar functionality. They provide website ratings to inform the user about potentially dangerous websites. Both display ratings in major search engines but also in a toolbar for the active page.

CS Lite – Cookie permissions on a per-site basis. Allows the user to block or allow cookies permanently or temporarily.

Backup: Febe Firefox Backup. It is always a good idea to create regular backups to be prepared when data gets corrupted or deleted. Febe is a Firefox add-on that can backup all profile data of the web browser including bookmarks, settings, extensions and passwords.

Google Chrome

Last Pass – The Last Pass password manager is also available for the Google Chrome web browser. Extension support is currently only available for dev releases of the Google browser. The functionality on the other hand is similar to that of the Firefox add-on. It is possible to generate passwords, store them and use the auto login feature.

Flash Block – This is the closest to the No Script Firefox add-on. Flash Block will only block Flash content but not other script related objects.

McAfee Site Advisor bookmarklet – There are not many Google Chrome extensions yet. Bookmarklets try to close that gap by allowing all Google Chrome users – and not only those that use a dev version – to make use of additional features. This bookmarklet will display McAfee Site Advisor ratings when executed. Comparable to Wot or Link Extend with the difference that it has to be executed manually.

Adsweep and Adblock+ – Two options to disable most advertisement that is displayed on websites. These add-ons are more about the annoying objects on websites and less about security. They can however be helpful in situations were rogue ads are displayed that spread malware.

Backup: Fav Browser – Fav Browser 2 can backup and restore all settings of Google Chrome 2, 3 or 4.

Internet Explorer

Last Pass – Did we mention that we love Last Pass? The password manager is available as a plugin for Microsoft’s Internet Explorer. It offers the same functionality on all supported web browsers including password generation and secure storage of passwords.

Web of Trust or Trend Protect – Both display ratings for the active websites and websites that are listed in the major search engines (Google Search, Yahoo Search, MSN). They can be used as an indicator if a site’s potentially dangerous to visit.

IE7 Pro – A great plugin for Internet Explorer (not only 7 but also Internet Explorer 8) that offers ad blocking and many additional features. It comes closes to the No Script Firefox add-on. The ad blocker includes a Flash Blocker. Another interesting module is userscript support which can be also beneficial to security.

Backup: Fav Backup – You can use the tool to backup and restore Internet Explorer profile settings.

Only four for Internet Explorer. Do you know of additional Internet Explorer security add-ons? Let us know in the comments.

Related posts

• Xenocode Web Browser Sandbox (0)
• Web Browser Popularity (51)
• Web Browser Memory Usage Benchmark Gets It All Wrong (15)
• Web Browser Have Impact On Battery Life (1)
• Web Browser Benchmark Comparison (19)

Firefox will display a warning whenever the user tries to open a website that is a reported phishing website. Updated phishing and malware lists are automatically downloaded every 30 minutes if the web forgery protection is enabled in the web browser.

The following screen is then displayed if a website is opened that is on that list of phishing and malware websites.

The user still has the option to ignore the warning and proceed with the site loading but it is generally recommended to stop at this point and close the tab. There is however one nagging questions that some Firefox users have. How can they be sure that the phishing protection is working in the web browser?

Mozilla has created a specifically prepared website that will trigger the phishing protection. Users who open the It’s a trap website at Mozilla.com will see the web forgery warning if the phishing protection is enabled and working in the web browser. Everyone else will simply see the test website.

Firefox users who do not see the warning page should go into the Tools > Options > Security in the Firefox options and ensure that the entries Block reported attack sites and Block reported web forgeries are checked.

The phishing test website will not work with other browsers even if they offer phishing protection as well.

Related posts

• Add Hostname To Firefox Titlebar (3)
• Web of Trust: collaborative online security (7)
• Web Browser: Firefox 3.0.7 (5)
• Top 5 Security Plugins For Firefox, Chrome And Internet Explorer (17)
• Secure Firefox with Firekeeper (2)

The beta release notes which are currently publicly available mention several security and stability fixes making the update a recommended update for every Firefox user currently working with the 3.5x branch. The bug list lists 43 bugs that have been fixed in this version of Firefox with nine bugs being rated as critical.

Firefox users who do not want to wait for the official release announcement can download the Us version of Firefox 3.5.3. from a file host where we have uploaded the installers to. Firefox 3.5.3 installers for all supported operating systems – that is Microsoft Windows, Linux and Apple Macintosh – have been added to the file host.

Interested users can check the bug list that was fixed in Firefox 3.5.3. Most software portals will soon host this version of Firefox as well on their pages. Cautious users might want to wait until the official release announcement has been made.

A reboot was required after the installation on a Windows system, cannot remember that this ever happened before.

Related posts

• Web Browser: Firefox 3.0.8 (13)
• Web Browser: Firefox 3.0.7 (5)
• Mozilla Checks Flash Version After Firefox Updates (14)
• Latest Firefox Web Browser Vulnerable to 0-Day Exploit (4)
• Firefox 3.5.2 Released (8)

That’s where the Mozilla developers began thinking about solutions for this problem. They quickly came up with the solution to test the version of the Adobe Flash plugin after Firefox updates. Regular Firefox users know that Firefox will open a what’s new page after an update. This what’s new page will contain the Adobe Flash version check.

Firefox users with an outdated version of Adobe Flash will receive the notification that it is outdated. This information contains a link that is directly pointing to the latest version of Adobe Flash at the Adobe website. Hopes are that many users who are running an outdated version of Flash will visit the Adobe website after a Firefox update to download the latest version of Adobe Flash to install it on their computer system.

Users who want to try the Flash check right now can visit the upcoming what’s new page for Firefox 3.5.3.

Related posts

• Firefox 3.5.3 (11)
• Firefox 3.03 released (4)
• Web Browser: Firefox 3.0.8 (13)
• Web Browser: Firefox 3.0.7 (5)
• Mozilla Flash Upgrade Statistics (5)

Ghacks readers can – as always – download the US-English version of Firefox early from a free file host. The new version of Firefox is hosted at Mediafire. Downloads for Microsoft Windows, Apple Macintosh and Linux are provided as a courtesy to my readers.

• Firefox 3.5.2 for Microsoft Windows
• Firefox 3.5.2 for Apple Macintosh
• Firefox 3.5.2 for Linux

The beta release notes of Firefox 3.5.2 mention several security and stability issues that have been fixed in the new version. This makes it a recommend update for all Firefox 3.5x users. A issue with images with ICC profiles has been fixed as well which now render properly on all computer monitors. The full list of bug fixes and issues can be accessed at Bugzilla.

Please be advised that there might be last minute changes to a release which would then not be covered in this current version of Firefox. While it is usually safe to download and install these releases it is advised to stay away from them if you are a cautious user. Wait for the official release announcement then.

Related posts

• Firefox 3.5 RC3 Released (2)
• Prepare For Firefox 3.0.9. (4)
• Mozilla Firefox 3.5 RC1 (4)
• Firefox 3.5.3 (11)
• Firefox 3.5.1 Update Available (8)

A proof of concept has already been created that demonstrates the vulnerability. No patch has been made available yet. Firefox users are encouraged to disable JavaScript until a patch is issued to avoid leaving their computer system vulnerable for the attack.

Users working with security add-ons like NoScript might consider their Firefox installation safe without disabling JavaScript. It is however theoretically possible to compromise websites that are in the whitelist of the add-on (if the whitelist is used) which would make the system vulnerable to this kind of attack.

JavaScript can be disabled in the Firefox options in the content tab.

Related posts

• Latest Firefox Web Browser Vulnerable to 0-Day Exploit (4)
• Firefox 3.5.1 Update Available (8)
• Web Browser: Firefox 3.0.8 (13)
• Web Browser: Firefox 3.0.7 (5)
• Increase Firefox Security With FormFox (4)

The Mozilla Firefox team is currently distributing the Firefox 3.5.1 update to all mirror websites. It is expected to be announced publicly in the next 48 hours giving Firefox 3.5 users a change to update their web browser to fix the security vulnerability.

The release is not available on any of the popular download portals yet. We took the liberty to upload the US version of Firefox 3.5.1 for the Windows operating to a free file host from where it can be downloaded. Users who use a different operating system or language will have to wait a while longer before they can download and update their version of Firefox.

The big download portals are expected to offer Firefox 3.5.1 soon as a download on their website. Cautious users might want to wait until the new version has been announced officially by the Firefox team. Users who have applied the temporary workaround to Firefox 3.5 should undo the changes by doing the following:

Type in about:config in the Firefox address bar and hit enter. Now filter for the term javascript.options.jit.content and double-click it afterwards to set it to true which enables the Tracemonkey JavaScript engine.

Firefox 3.5.1 US for Windows can be downloaded from Mediafire.

Related posts

• Firefox 3.5.2 Released (8)
• Another Critical Firefox Vulnerability Emerges (6)
• Web Browser: Firefox 3.0.8 (13)
• Latest Firefox Web Browser Vulnerable to 0-Day Exploit (4)
• Firefox 3.5.3 (11)

A full list of all 50 bug fixes is available at the Bugzilla website. Cautious users might want to wait until the update has been distributed to all mirror sites so that it can be downloaded either from the official Mozilla website or through Firefox’s check for update functionality. The public release is expected soon.

Related posts

• Web Browser: Firefox 3.0.7 (5)
• Latest Firefox Web Browser Vulnerable to 0-Day Exploit (4)
• Youtube It Firefox Add-on (4)
• Web Browser: Firefox 3.0.8 (13)
• QtWeb Internet Browser (8)

Form Fox is another security add-on for the Firefox web browser. It deals with web forms as the name suggests and displays the destination url of the submit button in an overlay. Attackers use web forms to submit the data to one of their servers instead of the original server. The problem is that inexperienced users have a hard time checking the destination of the web form on a website as it is visible in the source code of the website.

Even experienced users might not want to check the destination every time they visit the website as this turns out to be quite time consuming when done on every visit.

Form Fox displays the destination directly in an overlay when the user hovers the mouse cursor over the submit form which automates the manual method of looking up a web forms destination url.

A rule of thumb is that a web form is usually safe if it links to a page on the same domain whereas links to other domains should be analyzed carefully before submitting the form data. FormFox is available for all Firefox 2 and 3 editions.

Related posts

• Use Firefox Without A Computer Mouse (7)
• Url Revealer (2)
• Skip Screens In Firefox Web Browser (15)
• Load Multiple URLs In Firefox (3)
• Flickr To Twitter Poster (2)

There is one additional problem concerning websites that do offer HTTPS connections on most of their network but not everywhere. Mouser over at Donation Coder mentioned a hidden setting in the NoScript (check my Firefox security profile for additional information) add-on of the Firefox web browser allowing to force HTTPS connections for listed websites. This is helpful in a few cases. Some websites offer both HTTP and HTTPS connections to their servers. Another possibility are websites that make use of HTTPS connections but not on all pages.

Users with the excellent No Script add-on installed can configure sites to always use a secure https connection when they are visited. This option can be accessed by right-clicking the NoScript icon in the Firefox status bar, selecting Options from the context menu, clicking on the Advanced tab in the configuration and there on the HTTPS tab.

New websites or pages that should be forced to use secure HTTPS connections can be added to NoScript in there. The use of wildcards is possible. Users should however note that this will not work on all websites. It will obviously not work on websites that do not offer HTTPS. There are also sites that automatically redirect HTTPS requests to HTTP. Google.com is a prime example of this. If you add google.com to the list you will notice a never ending loop when opening that website because of NoScript trying to force HTTPS and Google redirecting to HTTP.

Related posts

• x Ways To Manipulate Websites In Firefox (6)
• Web Browser: Firefox 3.0.7 (5)
• Mozilla Firefox 3.0.11 Released (5)
• Latest Firefox Web Browser Vulnerable to 0-Day Exploit (4)
• Increase Internet Security With Safe SSL (4)

The Firefox exploit could be used to add software to the target system without the knowledge of the users. There is currently no solution to block this attack from being executed other than being very careful about the visited websites. The safest would be to switch to another web browser at least for the time until the Mozilla developers have published the update that fixes the vulnerability in the web browser or a hot fix becomes known.

The issue has already been fixed according to the bug report that was filed at the Mozilla website and is now awaiting verification.

Related posts

• Web Browser: Firefox 3.0.8 (13)
• Web Browser: Firefox 3.0.7 (5)
• Critical Security Vulnerability In Firefox 3.5 (10)
• Mozilla Firefox 3.0.11 Released (5)
• Firefox 3.5.3 (11)

Other notable changes to the new version of the web browser include several bug fixes. A full list of all bugs that have been fixed in Firefox 3.0.7 is accessible here.

The release has not been announced officially yet although it is available directly on several ftp mirrors already. There is a slight chance that changes will be made to this release before it is announced which would mean that early downloaders would have to download the new version as well. It is however unlikely that this is going to happen and you will be informed here if it is.

Users who want to update Firefox to the latest version right away can access the official list of mirror sites. Some are already listing the Firefox 3.0.7 release while others have not been updated yet.

Related posts

• Latest Firefox Web Browser Vulnerable to 0-Day Exploit (4)
• Web Browser: Firefox 3.0.8 (13)
• Mozilla Firefox 3.0.11 Released (5)
• Firefox 3.5.3 (11)
• Firefox 3.03 released (4)

The following list will contain Firefox add-ons that protect the user from various threats on the Internet. They have been divided into the categories Browsing, Cache, Cookies, Identity & Privacy, Passwords and Misc. Each link will lead to the Mozilla homepage that contains additional information and download possibilities.

All but one add-on should be compatible with the latest version of Firefox 3. Some of them are experimental add-ons that require an account at the Mozilla website before they can be downloaded and installed.

Browsing:

Blocksite – A customizable blacklist that blocks access to specific sites. It will also disable all hyperlinks pointing to those websites.

Bookmark Permissions – Stores five permissions (like enabled Javascript or Plugins) for every bookmark.

Customize Google – Customizes Google by adding and removing information automatically.

FlashBlock – Blocks all Macromedia Flash content from being loaded.

FoxFilter – Filters websites based on keywords. Ideal for parents who want to have more control over what websites are viewed by their children.

Ghostery – Displays information about tracking scripts on websites.

IDND – Informs the user if the domain name is an International domain name.

NoScript – Disables scripts automatically on the Internet with the option to enable them individually.

PhishTank – Adds extra phishing protection to Firefox.

Public Fox – Lock down add-ons, browser settings and downloads.

Redirect Remover – Removes redirects from links and images.

Secure Login – A one click login button that is similar to Opera’s Wand functionality.

Show IP – Displays the IP of the current website in the browser.

Cache:

Cache Status – Cache Management from the Firefox status bar.

Passive Cache – Access the contents of a site without visiting it directly.

Safe Cache (FF2) – Segments the Firefox cache based on the source of the documents which defends against techniques to determine if a user visited another domain.

Cookies:

Add n Edit Cookies – Makes it possible to edit cookies.

Better Privacy – Adds Flash Cookie handling to Firefox.

Cookie Monster – Provides cookie management capabilities to allow and disallow cookies to be set on specific websites.

Cookie Swap – Use multiple cookies on one website.

CS Lite – Manage cookie permissions.

Identity and Privacy:

Adblock Plus – blocks advertisement on the Internet.

FoxyProxy – An advanced proxy management tool for the Firefox browser.

Goolash – The extension makes sure that a user is always logged out of Google accounts during Google search.

History Block – Can block sites from appearing in the browser’s history.

MailCatch – A Firefox add-on to make use of a disposable email service that can be used to create emails to use on the Internet.

No Referer – Can block the referrer when accessing specific sites.

Private Browsing – Hides surfing trails.

Quick Proxy – Switch proxies on and off with one click.

Random User Agent – Replaces the default Firefox user agent with a random one.

RefSpoof – Allows to change the referrer on the fly.

Spam Advert – Another temporary email service that can be used in Firefox.

Stealther – Privacy browsing for Firefox versions that do not provide that feature.

Temporary Inbox – Another temporary email service that can be used to create disposable emails on the fly.

Torbutton – Adds a button to Firefox to enable or disable the anonymity software Tor.

Track me not – Protects the user against search data profiling.

Trashmail – Another one click temporary email creation service.

Passwords:

Last Pass – A secure password manager and form filler.

Mass Password Reset – Makes it easier to reset multiple passwords at once.

Secure Password – Secure password generation with the click of a button.

Show Passwords – Displays the passwords in web forms without asterisks.

Misc Extensions:

Controle de Scripts – Advanced settings for Javascript behavior in Firefox.

Febe – Firefox Environment Backup Extension can backup various Firefox modules such as extensions, options or themes.

Javascript Deobfuscator – Will inform the user about Javascript that gets loaded and executed on a website.

Javascript Options – A lite version of NoScript.

JS View – View the source code of Javascript files.

Long URL Please – Replaces short urls with their real destinations.

Quick Java – Quickly turn on or off Java with the click of a button.

Malware Search – Has been designed for HiJack This users who need to search for entries on the Internet.

Panic Button – Will perform an action like hiding all windows when pressed.

Remember Mismatched Domains – Adds a “Don’t warn me again about this certificate for this domain” checkbox to the Domain Mismatch and Expired Certificate warning windows.

US Homeland Security Level – Displays the current US Homeland Security Threat Level in the web browser.

View Dependencies – Will display a list of all objects that have been loaded on the current website.

Yes Script – Can block specific scripts on a website. Basically the opposite of how NoScript handles it.

Related posts

• The Ultimate Firefox Download Extensions List (16)
• Skip Megaupload Time Limit (15)
• Firefox View Dependencies (3)
• Firefox URLBar Extension (1)
• Firefox Extensions Website Gets Overhaul. Collections Introduced (6)

A total of eight security vulnerabilities are patched in Firefox 3.05 including three critical vulnerabilities. Critical vulnerabilities are described as vulnerabilities that require “no user interaction beyond normal browsing”.

The other security vulnerabilities are rated as high, moderate and low. Most Firefox users should already be able to check for a new update directly in their web browser by clicking on the Help > Check For Updates link in the main Firefox menu.

The alternative is to head straight to the Mozilla website and download the latest version of the Firefox web browser from there.

Five new languages (Bengali, Esperanto, Galicia, Hindi, and Latvian) have been added in this release as well. This is also the first release without an EULA during setup.

Related posts

• Web Browser: Firefox 3.0.8 (13)
• Web Browser: Firefox 3.0.7 (5)
• Prepare For Firefox 3.0.9. (4)
• Mozilla Firefox 3.0.11 Released (5)
• Latest Firefox Web Browser Vulnerable to 0-Day Exploit (4)

Tools have been created that can generate and store unique strong passwords so that the user does not have to remember anything anymore. These tools are unfortunately not used by many Internet users. (Last Pass is one alternative).

The problem with having the same account data for multiple websites is that one breach is enough to put all accounts in jeopardy.

Mass Password Reset is a Firefox add-on that can change the password of multiple accounts in Firefox in one go. This is useful if you decided to change the password for a username that you are using on multiple websites.

The tool can change the password based on a the domain, username or password. You could use the tool to change passwords of all accounts associated with the domain ghacks.net, with the username ghacks or the password ghacks1. (No that is not the admin pass here .P)

The main benefit of using Mass Password Reset is that it can quickly change a lot of passwords in one go. It is however advised to use a password manager or a system of unique username and password combinations for every account instead.

Firefox is preventing access to the add-on if a Master Password has been set in the web browser. The Master Password has to be entered before any passwords can be changed.

Related posts

• Remove Traces Of Active Websites in Firefox (1)
• Youtube Video Download (11)
• Youtube It Firefox Add-on (4)
• Youtube Comment Cloud Firefox Add-On (4)
• Web Development: Widerbug For Firefox (8)