tag:blogger.com,1999:blog-13777170.post8434834214324453854..comments2024-03-11T02:35:50.848-05:00Comments on grand stream dreams: Firefox Malware Detection Download Monitoring: ThoughtsUnknownnoreply@blogger.comBlogger3125tag:blogger.com,1999:blog-13777170.post-34282879246957921162014-09-13T22:12:41.631-05:002014-09-13T22:12:41.631-05:00Yep, we should have the ability to "white lis...Yep, we should have the ability to "white list" a particular site, but that could lead to false sense of security if hacker manage to compromise the site and put up malicious versions of said applications. Of course in a situation like that you would your AV/Anti-Malware app would catch that...however as we have seen with these malware based data breaches with Target, Sally's, Home Depot, PeiWei/PF Changs, Goodwill Industries, etc. that hackers are a couple steps ahead of the AV/Anti-Malware apps. FF Extension Guruhttps://www.blogger.com/profile/13582647004716743827noreply@blogger.comtag:blogger.com,1999:blog-13777170.post-5956857909144540552014-09-13T18:21:32.564-05:002014-09-13T18:21:32.564-05:00@ FFGuru - Yes. This feature snuck up on me too.
...@ FFGuru - Yes. This feature snuck up on me too.<br /><br />See my post updates at the bottom (if you haven't already).<br /><br />It was in FF 31 for sure based on my test of the ESR version but I'm now really leaning to something being broken in the v 32 release build since the focused key isn't found in the v 32 about:config.<br /><br />I'm fine with the default blocking behavior (lots of chatter in forums about those Google calls and info/meta-data leakage to them) in the name of general/user security but that baby comes with the bathwater.<br /><br />I feel like you there should be some clear (or hidden but able to be changed) option to allow a per-case "passthrough" to the site/file-download without having to add a bunch of custom security rule-sets to the mix.<br /><br />We will see what comes out in v 33 and I will be watching things more closely now!<br /><br />It's good to hear from you!<br /><br />Cheers!<br /><br />--Claus V.Claushttps://www.blogger.com/profile/11692921474310162470noreply@blogger.comtag:blogger.com,1999:blog-13777170.post-54740637111471087162014-09-13T18:00:56.575-05:002014-09-13T18:00:56.575-05:00Hmm...well I sure don't recall seeing anything...Hmm...well I sure don't recall seeing anything about this "feature" anywhere (including in the Firefox 32 release notes). Yet, another Firefox/Mozilla blog I should be following. I use Download Status Bar as well.<br /><br />Like you I am mixed on this. I am careful as to what I download (unintended downloads via software installer I still have to deal with), but I know from experience there are many, many, many people who are not (mainly the people who think running an out-dated version of Firefox is fine). I know Google/Chrome in regards to safe browsing have always allowed you to view a blocked site after you promise not to hold Google responsible if something evil happens to your machine. <br /><br />Downloads on the other hand can be dangerous, especially for people who have Firefox automagically open them upon completion. I could see issues with a hidden malicious download...but in the case of a false positive it would be useful to have an option to easily 'accept the risks'. Perhaps Mozilla feels people are too likely not to understand what they are doing and would blindly proceed. Hopefully their AV/AntiMalware program would catch it (provided they have said programs installed...yes I've seen people who don't). Hopefully Mozilla will work out the kinks with Firefox 33 next month...<br />FF Extension Guruhttps://www.blogger.com/profile/13582647004716743827noreply@blogger.com