Firefox Hacks

posted by abennett
Be the first to comment | I like it!
More »
on this topic
April 25, 2005, 02:25 PM —  O'Reilly — 


This book provides tips and tools for customizing

Firefox's deployment, appearance, features, and

functionality. The chapter excerpted here describes

how to change the security defaults in Firefox.

Author: Nigel McFarlane

ISBN: 0-596-00928-3

Posted with permission of O'Reilly. Click here

for a detailed description and to learn how

to purchase this title.



Chapter 2: Security

Hacks 11-21


This chapter describes how to change the default security
arrangements in Firefox. Security is a big subject, and it has plenty
of baggage all of its own. One person's safety is
another's prison. One person's
privacy is another person's isolation. Changing
security options amounts to changing who you are or
aren't willing to deal with. It also amounts to
deciding how much you're willing to let third
parties know when you're browsing the Web.

When you install Firefox, the default
security settings give you a safe web
browser. It is quite hard to create large holes by accidentally
changing options. Firefox has also been closely inspected for
internal problems. As a result, the browser and its underlying
Mozilla technology have an excellent security track record. Rarely is
a new security problem uncovered. When that happens, it is usually
fixed within a day. The Firefox Update Manager informs you of new
security patches, if any are made available.

If you don't care about security at all, you can
simply remove many of the hurdles that Firefox puts in your way.
Security is a complex matter, though. Sometimes, doing away with
security means just that: leaving the browser's
resources open to any exploitation. Some security regimes, however,
don't give you that option. In such cases, the best
you can do is reply "I don't
care" every time you're engaged
over security. There are even rare cases in which
there's nothing at all that you can do to escape
security limitations. It's a case-by-case
environment.

Security concerns and installation processes are two related but
different things. This chapter discusses security only. Chapter 3 describes gritty modifications to the
Firefox install process. Chapter 7 and
Chapter 8 describe a form of programming
that's also a blend of installation and security.
See those chapters to go further with the chrome.

Drop Miscellaneous Security Blocks

If your computing environment is secure, then
Firefox's own security is of limited use.

To systematically address every single security restriction,
you'll have to read all the hacks in this chapter;
it's just too complex for one hack. This hack
describes many common quick fixes. You might also want to read [Hack #7].

Supply Passwords Automatically

You don't need to constantly reassert your login
credentials; you can get Firefox to do it for you. NTLM and dial-up
passwords are described in [Hack #14] and [Hack #26] respectively; here, we cover
web form passwords and cookies.

The Password Manager is turned on
automatically when Firefox starts; all you get is a first-time
warning when you use it. Setting a master password serves no purpose
if you're trying to defeat security, so the Password
Manager saves you that hassle by default. You can stop the remembered
passwords from ever expiring by setting this
preference:

security.password_lifetime /* set to 0 (days), default is 30 (days) */

Session IDs are like passwords: they're sent by web
sites that want to keep track of you as you move between web pages.
Usually they're stored

I like it!
Post a comment
The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
Free books

Essential JavaFX
Get started building rich Web apps quickly with an introduction to the power of JavaFX key features -- scene node graphs, nodes as components, the coordinate system, layout options, colors and gradients, custom classes with inheritance, animation, binding, and event handlers.Enter now!

The Nomadic Developer
Consulting can be hugely rewarding, but it's easy to fail if you are unprepared. To succeed, you need a mentor who knows the lay of the land. Aaron Erickson is your mentor, and this is your guidebook. Enter now!

Featured Sponsor
Case Study: AISO grows its "green" business

AISO founders envisioned a Web hosting company that was environmentally friendly. While the company employed energy-efficient innovations like solar panels, its infrastructure produced unacceptable power and cooling requirements. Find out how AISO leveraged AMD technology to overcome their challenge in this case study white paper.

Download this white paper »
Myth of the Million Dollar Database

In this whitepaper, Scalar explores the opportunity to change the landscape with respect to mission critical databases built around Oracle. Leveraging technologies such as Linux, high-end commodity processing power and Oracle RAC technology to architect, design, build and maintain database infrastructure that delivers maximum availability, reliability and performance at a fraction of traditional cost.

Download this white paper »
Success Story: Weather.com handles whatever nature serves up

On a typical day, weather.com, the Web site for The Weather Channel in Atlanta, serves up between 15 million and 20 million page views. But in September 2004, when back-to-back hurricanes ransacked Florida, the peak traffic on one day more than tripled: over 70 million page views by more than 7 million unique visitors. Read the full success story now.

Download this white paper »
Marketplace