Firefox will soon alert users about recently breached sites

Martin Brinkmann
Nov 15, 2018
Firefox
|
23

Mozilla's Firefox web browser will soon notify users when they visit websites that were breached recently.

The new functionality extends the capabilities of Firefox Monitor, a new service by Mozilla that anyone may use to check whether an email address is found in leaked password databases.

Mozilla integrated Firefox Monitor in Firefox 62 as a system add-on to users who run the EN-US language version of the browser after a successful test of the feature.

Since the launch of Firefox Monitor, a free service that notifies you when your email has been part of a breach, hundreds of thousands of people have signed up.

The organization announced the new functionality of Firefox Monitor and an extension to other locales today.

Firefox Monitor becomes available in 26 different languages in the near future including German, French, Spanish, Turkish, Chinese, Canadian English, Russian, Japanese and Portuguese.

firefox breach notification

Firefox Monitor Notifications is a built-in Firefox desktop feature that notifies Firefox users when they visit breached websites. Mozilla revealed in 2017 that it had plans to integrate breach notification functionality in the browser.

Firefox does not check whether users have an account on the site. The notification informs the user about the breach and displays options to dismiss the notification or check Firefox Monitor.

The "check" option links to the Firefox Monitor site; users may enter an email address on the site to check it against the leak database.

Firefox users who don't want to receive these notifications in the future can disable them by selecting "never show Firefox Monitor alerts" with a click on the dropdown icon.

The methodology that is used to check and notify users is straightforward:

  • Firefox checks the visited site against a database and notifies the user of the breach if it happened in the last 12 months.
  • For consecutive breaches, Firefox notifies users only if the breach happened within the last 2 months.

Firefox won't overburden users with notifications if you take these parameters into account.

Mozilla has not revealed when these changes will become available and how it is rolled out to users. The most likely option is the rollout as a system add-on to supported versions of the web browser.

One option that Firefox users have to check whether Firefox Monitor is installed or not is to check whether the preference extensions.fxmonitor.enabled exists on about:config; a check of about:support may work as well as Firefox Monitor should be listed under Firefox Features on the page if it is distributed as a system add-on.

Now You: What is your take on Firefox Monitor?

Summary
Firefox will soon alert users about recently breached sites
Article Name
Firefox will soon alert users about recently breached sites
Description
Mozilla's Firefox web browser will soon notify users when they visit websites that were breached or hacked in recent time.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. ULBoom said on November 16, 2018 at 12:03 am
    Reply

    Can’t find Monitor anywhere in 63.0.3.

    What value does this provide? How about flagging “real time” scrolling notifications of what someone nearby purchased? Those things are inherently privacy breaches.

    Monitor collects email addresses and account data. There are other ways to get the same info without communicating with your browser company, e.g.,
    https://haveibeenpwned.com/
    Presently has over 5 billion accounts in their databases; Mozilla has their own special value providing list? Not! Skip the middleman.

  2. John said on November 15, 2018 at 10:59 pm
    Reply

    Seems like Firefox is becoming the net nanny of browsers. I personally want just a browser, nothing more, nothing less. Mozilla must think Firefox can be the Swiss Army knife of web browsers. Trying to make it relevant against the Chrome browser which is still gaining market share all the while Firefox is losing. People at Mozilla need to wake up before its too late.

  3. P said on November 15, 2018 at 6:38 pm
    Reply

    I wonder what the ‘table flipping’ moment will be for the majority of firefox users.

    1. Kwasiarz said on November 15, 2018 at 10:53 pm
      Reply

      Majority of firefox users already switched to other browsers.

    2. John said on November 15, 2018 at 8:02 pm
      Reply

      The time when something gets too much for someone and he or she switches from one browser to another depends on the person. What is considered a good feature and what is considered a bad feature also depends on the person.

      There isn’t an absence of alternatives to Firefox out there. Waterfox is sort of Firefox on a slight delay update wise with all the telemetry turned-off and some (temporary?) backwards compatibility with old add-ons. Basilik is a bit like Firefox before Proton moving forward from version 52 or so along it’s own path instead of the one Mozilla chose. Pale Moon is an even older Firefox-like interface (way before the curved tabs, though they have themes that’ll give you those if you want them) with the same “backend” as Basilik these days that still gets updates. Tor is a thing if privacy is your #1 concern. I think IceWeasel has even been revived as a non-Debian project.

      Plus, obviously, there’s the other major browsers Chrome, there’s Edge, there’s Safari, there’s Opera- and many of them have forks and spin-offs like Vivaldi and whatnot.

      Of course, with any given browser you switch to, even the close forks, you’re likely to lose some of the things you like as well as some of the things you don’t.

      Some of the browsers are only available on certain operating systems, but, for the most part, the majority of users have lots of choices. Use whatever you like best. If you can code, I know some of these smaller browser forks have been virtually begging for people with skills to donate their time and formally work on the project, or simply to commit the occasional patch on an ad hoc basis.

      I have to be honest, though, I’ve back with Firefox since version 57 on PC. I decided to try it after some years in the wilderness and, to my surprise, I found that the square tabs were back and everything could be customized to the interface I wanted, without having to worry about the web rendering and compatibility issues smaller browsers sometimes present.

      I remember, ditching Firefox before it was popular to ditch Firefox, deriding it as trying to become a Chrome clone, and figuring I as might as well just use the up to date Chrome from Google. As soon as I learned that Pale Moon was basically the old Firefox I liked, except modern and updated on a regular basis, I switched to that for a couple years. Later, I jumped to Vivaldi. I meant to just try Firefox Photon when it came out and was surprised to learn that I really like it. It’s good to be back. But my oddessy made me realize there are lots of choices out there, and all of them have a certain appeal, though none are perfect.

      My advise would be if you aren’t happy with your browser (Whatever it is), switch for a month. You can probably export your bookmarks from the old browser and import them into the new browser. After a month, you can try a third browser, or switch back to the first one. There are a lot of good choices out there, Firefox included.

      Nothing is ever going to be *perfect* for most people, because almost everyone has their own vision of what perfect is for them, and most of us aren’t coders who can create our own browsers. There’s enough choice out there that I think most people would be happy enough if they gave stuff a try until they found a browser they could live with.

      There is less choice on Android and no real choice on iOS (iOS presents the illusion of choice, but all their alternate browsers have to use Safari’s backend, where’s Android lets browsers use their own rendering engines, etc.), but you’ve still got Chrome, Firefox (with add-ons and ad-blockers available), Waterfox (beta, I think), Tor (coming soon, I think), and Edge (Which bizarrely uses Blink instead of it’s own rendering engine, I guess it was easier to engineer and maintain that way) on Android, as well as some browsers I’ve never heard of outside of when I’ve occasionally searched for “Android browsers” on the web or in Google Play. So, event here, you’ve got a choice. I switched to Firefox on mobile long before I came back on desktop, just so I could put an ad and malware blocker add-on in place (Chrome for Android doesn’t offer add-ons, only their PC and Mac versions do).

      I’m not worried. We’ve got choices. No need to turn tables over. Just install some other things and give them a try if you’re unhappy and then you’ll either find a better browser, or come back to the browser you are using now, realizing it isn’t so bad once you’ve seen what else is out there to compare it with.

  4. Anonymous said on November 15, 2018 at 6:35 pm
    Reply

    “Firefox checks the visited site against a database”

    Is this check done only locally or not ?
    Couldn’t find this important information in the article or in any of the links.
    Safebrowsing sites and downloads checks are not 100% local so I’m curious if they are here.

    1. Anonymous said on November 15, 2018 at 7:04 pm
      Reply

      Logically of course not. It’s the same system when Firefox detect harmful sites, they send the data to Google

  5. Bobby Phoenix said on November 15, 2018 at 6:24 pm
    Reply

    Security over privacy any day of the week.

    1. rickmv said on November 15, 2018 at 10:37 pm
      Reply

      How secure are you in your bedroom…°o°

    2. John Fenderson said on November 15, 2018 at 6:57 pm
      Reply

      @Bobby Phoenix

      Privacy is an essential component of security.

  6. trends said on November 15, 2018 at 5:50 pm
    Reply

    FxMonitor is not installed
    in my FF63 (Ubuntu Linux 14.04 32-bits, US-EN).

    I did check the preference:
    “extensions.fxmonitor.enabled” in about:config;
    It does not exist.

    I also checked
    about:support
    Firefox Monitor is not listed under Firefox Features on that page.

    Q:
    How do I install/activate FxMonitor?

    1. Dave said on November 16, 2018 at 3:26 pm
      Reply

      I believe..

      Open about:config
      R-Click and create a new boolean
      Name it “extensions.fxmonitor.enabled”
      Set it to “false”

  7. Tom Hawack said on November 15, 2018 at 3:53 pm
    Reply

    I don’t uses system add-ons myself (all removed from Firefox’s install folder / browser / features), and I wouldn’t use any feature (built-in, system add-on, extension, plugin) that follows me to better serve me (at the best), which is what this ‘recently breached sites’ notification intends to do.

    It’s always easy to speak for ourselves, tougher to give an opinion in the scope of all users. Once again : as long as there is an on/off switch and that users may find it helpful, then I’m not against. Moreover innovations and maybe even more on the Web than elsewhere oppose quite often privacy to security, sometimes willingly sometimes not. If I have an escape for security issues when letting privacy prevail then I choose privacy, otherwise it’ll be security.

    1. John Fenderson said on November 15, 2018 at 6:45 pm
      Reply

      @Tom Hawack: “as long as there is an on/off switch”

      I agree with you in principle, but Mozilla has taken to putting these sorts of things in about:config and/or other technical files such as the .css.

      This has made actually configuring Firefox properly to be such a serious and error-prone pain in the butt that it is a major (but not the biggest) factor that pushed me away from the new Firefox.

      1. Tom Hawack said on November 15, 2018 at 10:26 pm
        Reply

        Speaking of Mozilla, and even if I do have Firefox as my default browser, I do wonder sometimes if their developers don’t need a good rest, some vitamins, as when I notice their latest extravagance which is to require cookie permission for addons.mozilla.org to handle what?

        A cookie for this : installButtonColorExperiment

        addons.mozilla.org will no longer display an extension’s page if it is not authorized to set a cookie regarding … installButtonColorExperiment

        I like Firefox but no doubt : Mozilla has a big problem.
        Dozens of things need to be fixed in Firefox Quantum, when a pertinent requirement is exposed on Bugzilla they often answer : no time come back later… but they do have the time to require a cookie for the insanity of ‘installButtonColorExperiment’

        Mozilla needs a good doctor.

      2. user17843 said on November 16, 2018 at 12:29 pm
        Reply

        What skilled developer wants to work for a company that makes it mandatory to listen to talks about “microaggressions” and “feminism” while at work?

        https://news.slashdot.org/comments.pl?sid=8836539&cid=51642315
        https://news.ycombinator.com/item?id=11230084
        https://news.ycombinator.com/item?id=10101637
        https://blog.mozilla.org/inclusion/2018/04/19/diversity-and-inclusion-at-mozilla/

      3. John Fenderson said on November 16, 2018 at 5:18 pm
        Reply

        @user17843

        Plenty do. However (assuming that this issue isn’t being exaggerated by Mozilla opponents for political purposes, which I believe it is), I figure that’s really between Mozilla and its employees, and has nothing to do with my opinion of Firefox.

      4. Tom Hawack said on November 15, 2018 at 7:48 pm
        Reply

        @John Fenderson, I have to agree with you about these on/off switches I mentioned trivially as sufficient by themselves to accept new features on that basis when in fact some important of these switches require at least digging into the browser’s about:config settings : this indeed should moderate my approach and I’d reword consequently : on/off switches accessible within the browser’s options.

        Generally speaking browsers are becoming more and more complex hence increasing number of settings, but better to have the settings available than not. I believe there may be many users who just want install-and-forget-it applications, browsers included, and therefor consider navigators with less settings as a relief. These users prefer ease of use to liberty’s requirements.

        Out of the box Firefox is as ready, operational as any other browser, based upon the fact many default settings which will bother more experienced users are legitimate on the ground of “optimal average” for a majority of users.

        But again, indeed, I do agree and believe that Firefox’s Options should include more settings, perhaps in a sort of “Pro settings for advanced users”.

      5. John Fenderson said on November 16, 2018 at 5:15 pm
        Reply

        @Tom Hawack

        “better to have the settings available than not.”

        I agree entirely.

        “I believe there may be many users who just want install-and-forget-it applications, browsers included, and therefor consider navigators with less settings as a relief.”

        I agree with this also, however that doesn’t mean that the about:config method is the solution. It’s entirely possible (and used to be common) to have a simplified set of options with reasonable default for those who are fine with how things work out of the box, but provide an “advanced settings” option for those who want to micromanage.

        The primary problem with about:config is that there’s no guide as to what settings are available or what they do. If you haven’t heard of the setting through the grapevine, then you’re unlikely to be able to discover it in about:config (particularly given the number of settings that simply don’t exist until you manually create them).

        Even if Mozilla just created a web page that listed all the settings and what they do, that would go a very long way to resolving this issue.

  8. Stan said on November 15, 2018 at 3:49 pm
    Reply

    Yeah. leaving because of NorCall lunacy like this?
    As long as the Red Queen’s the face of Mozilla they’re doomed.

    https://twitter.com/newstephen/status/1060489291376275457

    ‘mozilla stopped using the word ‘meritocracy’

    @Lets get DMV workers flying airliners.

    1. user17843 said on November 16, 2018 at 12:13 pm
      Reply

      Of course Mozilla doesn’t need to be a meritocracy when money is coming in regardless of performance.

      In my eyes the two women involved betrayed both Yahoo and Firefox users with this contract, essentially parving the way for Firefox to get harmed by a lack of innovation.

      When you get $1 billion for free, you can redesign a company based on political fanatism, since nothing what you do has any direct repercussions.

      It’s nice to live in a detached bubble. But reality will hit them at one point.

      https://www.recode.net/2016/7/7/12116296/marissa-mayer-deal-mozilla-yahoo-payment
      https://gizmodo.com/yahoo-s-insanely-bad-deal-to-pay-mozilla-375-million-a-1821043679
      https://techcrunch.com/2017/12/06/oath-and-mozilla-are-suing-each-other-after-firefox-switches-back-to-google-search/

  9. Yuliya said on November 15, 2018 at 2:26 pm
    Reply

    Someone should create an addon to alert Mozilla that their users are leaving: imgur.com/ulSKhmv

    Include these two articles under the “Reasons” section:
    “https://www.ghacks.net/2018/09/21/mozilla-wants-to-estimate-firefoxs-telemetry-off-population/”
    “https://www.ghacks.net/2018/08/25/firefox-62-firefox-monitor-system-add-on-integration/”

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.