uTalk

Official forum for Utopia Community

You are not logged in.

#1 2023-07-11 23:35:04

thrive
Member
Registered: 2023-01-04
Posts: 2,575

To protect user security, a new Mozilla feature blocks risky add-ons

As part of a brand-new function called Quarantined Domains, Mozilla has disclosed that some add-ons might be prevented from functioning on particular websites.

According to the company's release notes for Firefox 115.0, which was released last week, "We have introduced a new back-end feature to only allow some extensions monitored by Mozilla to run on specific websites for a variety of reasons, including security concerns.".

The company warned that malicious actors might take advantage of the add-on ecosystem's openness to their own ends.

Mozilla stated in a separate support document that "this feature allows us to prevent attacks by malicious actors targeting specific domains when we have reason to believe there may be malicious add-ons we have not yet discovered.".

Starting with Firefox version 116, users should have more control over each add-on's settings. However, it can be turned off by entering "about:config" in the address bar and setting "extensions.
quarantinedDomains.
enable" to false.

The innovation broadens Mozilla's ability to remotely disable specific extensions that endanger user security and privacy.

It's important to note that in the current implementation, the alert does not appear if an add-on is pinned to the toolbar because it appears in the Extensions popup rather than on the Extensions icon.

Quarantined Domains in Firefox.
According to security researcher and add-on developer Jeff Johnson, "It turns out that when you pin an extension to the toolbar, it no longer appears in the Extensions popup!".

"As a result, the Extensions popup no longer includes a warning about quarantined domains. In actuality, the Extensions popup is no longer present; instead, selecting the icon in the toolbar simply opens the about addons page, which is devoid of any indications of the quarantined domains warning. ".

The new "security" feature's awful user interface hides the warning from the user while silently disabling extensions, according to Johnson.

Mozilla has stated that it plans to enhance the user experience in upcoming releases, but it has not specified a specific timeframe.

The change also comes as Mozilla condemned a French proposal for browser-based website blocking that would require browser manufacturers to set up systems to forcibly block websites that are listed on a government-provided list in order to combat online fraud.

"Such a move will overturn decades of established content moderation norms and provide a playbook for authoritarian governments that will easily negate the existence of censorship circumvention tools," the company claimed.

Offline

Board footer

Powered by FluxBB