The Mozilla Foundation announced yesterday that it is in the process making HTTP connections incompatible with its popular Firefox Web browser.
Tag Archives: browser security
Mozilla to Remove Turkish CA From Firefox Trust Store
Mozilla is removing a Turkish root CA from the Firefox trust store, not because of a compromise or a mistakenly issued certificate, but because the certificate authority hasn’t lived up to the audit requirements Mozilla has for trusted CAs. Like other browser vendors, Mozilla has a lengthy policy that sets out the requirements for CAs to […]
Will people always ignore security warnings?
How much of people’s willingness to ignore security warnings is down to their brains?
The post Will people always ignore security warnings? appeared first on We Live Security.
Mozilla Adds Opportunistic Encryption for HTTP in Firefox 37
Mozilla has released Firefox 37, and along with the promised addition of the OneCRL certificate revocation list, the company has included a feature that enables opportunistic encryption on connections for servers that don’t support HTTPS. The new feature gives users a new defense against some forms of monitoring and doesn’t require any setup from users. When […]
Google Adds Deceptive Software to Safe Browsing API
Google is continuing to refine its Safe Browsing API and now is giving users warnings about not just malicious software on sites they’re attempting to visit, but also about unwanted software. Google’s Safe Browsing API is designed to help protect users from a variety of threats on pages across the Internet. The functionality is built into […]
Firefox 36 Arrives With Patches For Three Critical Flaws
Mozilla has patched 16 security vulnerabilities in Firefox, including three critical flaws in the browser. One of the critical vulnerabilities patched with the release of Firefox 36 is a buffer overflow in the libstagefright library that can be exploitable under some circumstances. “Security researcher Pantrombka reported a buffer overflow in the libstagefright library during video […]
Chrome 40 Patches 62 Security Vulnerabilities, Pays Bounties Aplenty
Google released version 40 of the Chrome browser, patching 62 vulnerabilities, including close to two-dozen critical memory corruption flaws.
Mozilla 1024-Bit Cert Deprecation Leaves 107,000 Sites Untrusted
Data compiled from Rapid7’s Project Sonar scan found 107,000 websites running 1024-bit CA certificates that will soon be untrusted as Mozilla announces it will no longer support the shorter, weaker keys.