Security News

If you make use of the Firefox Multi-Container Account add-on, it now includes the ability to sync your customizations across your Firefox account. I've covered the installation and setup of this app in my post, How to use the Firefox Multi-Account Containers extension.

Converting websites from HTTP to HTTPS over the last decade must count as one of the most successful quiet security upgrades ever to affect web browsing. There are some HTTPS security caveats worth mentioning, but before getting to them we'll start with the news that that Mozilla's Firefox will, from May's version 76, offer the option to browse in an HTTPS-only mode.

Firefox Extended Support Release will continue to have FTP turned on by default in ESR version 78. A part of the FTP code is very old, unsafe and hard to maintain and we found a lot of security bugs in it in the past.

Mozilla is getting ready to remove support for the File Transfer Protocol from the Firefox web browser due to security concerns. The Internet giant aims to completely remove support for FTP in Chrome 82.

Firefox has decided it's time to burn the browser's FTP connections. Platform list, developer Michal Novotny announced "We plan to remove FTP protocol implementation from our code."

Just a month after shipping version 73 of its Firefox browser, Mozilla has released version 74 with a range of privacy and security enhancements. Firefox 74 fixes the problem by using multicast DNS with ICE to create a random ID that cloaks a computer's IP address.

With TLS 1.0 and TLS 1.1 considered vulnerable to various types of attacks, including BEAST, CRIME and POODLE, the Internet organization last month announced plans to disable them in its popular browser and allow only connections made using TLS 1.2 and TLS 1.3. An override button on the error page will provide users with the option to fallback to TLS 1.0 or TLS 1.1.

Five high-severity bugs were fixed in the Firefox web browser with the release of version 74 by the Mozilla Foundation on Tuesday. In total, 12 bugs were patched with six rated as moderate severity and one low-severity bug.

Mozilla has said it plans to make a privacy technology called DNS-over-HTTPS the default setting for US users of Firefox within weeks. Although not a perfect shield against DNS snooping, DoH makes that a lot harder.

A group of researchers has built a sandbox framework that can improve the security of Firefox by isolating third-party libraries used by the browser. Similar to other major browsers, Firefox relies on third-party libraries to render content - such as audio, video, and images - and these libraries often introduce additional vulnerabilities, researchers from the University of California San Diego, University of Texas at Austin, Stanford University and Mozilla say.