Firefox

(get it in RSS or Atom)

Mozilla wants you to beta test this Firefox privacy enhancement

private-browsing-1200

Mozilla announced on Friday that it's released new privacy enhancements in its popular Firefox browser for pre-beta testing.

Firefox zero-day hole used against Windows and Linux to steal passwords

Poisoned ads have been helping to siphon off passwords from Windows and Linux computers in an attack apparently aimed at developers.

How your battery life could be used as an undeletable cookie

shutterstock_214328533

Researchers have discovered that unscrupulous websites could use your laptop's battery as a short-lived super cookie.

Websites can track us by the way we type - here's how to stop it

Keyboard. Image courtesy of Shutterstock.

Researchers have come up with a new Chrome extension that muffles our key-press duration and typing lags.

TLS certificate blunder revisited - whither China Internet Network Information Center?

cnnic-250

Just under three weeks ago, we wrote about a TLS certificate blunder by a Root Certificate Authority called CNNIC.

We thought we'd revisit that story today to see how the Big Four browser makers responded to the lapse...

SSCC 193 - Pick a YouTube security token, any token! [PODCAST]

Join Sophos experts Chester Wisniewski and Paul Ducklin as they dissect the latest computer security stories in their inimitable style.

Turn news into advice with the Sophos Security Chet Chat!

Firefox issues brand new update to fix HTTPS security hole in new update

ff-hhtp2-500

Firefox 37.0 added support for a security-enhancing feature in HTTP/2 known as Alternative Services.

Unfortunately, the new feature had a rather bad HTTPS security hole all of its own...

"Probably tired and shagged out after a long squawk" - 60 Sec Security [VIDEO]

Our weekly witty-but-serious video - news you can use, and it only takes a minute.

Enjoy...

SSCC 191 - Live in Ljubljana [PODCAST]

Chester is on the road again, this time to present at a conference in Slovenia.

So this episode of the Chet Chat comes to you from an al fresco café in downtown Ljubljana...

"Pwn2Own" competition pops Flash, Reader and four browsers, pays out over $550K [POLL]

Pwn2Own has become something of an institution on the North American computer security conference circuit.

Come and vote in our poll to tell us what you think of security contests like this...

SSCC 186 - Just how firm is your firmware? [PODCAST]

Here's the latest episode of our weekly security podcast - from firmware and Firefox to Project Zero and Lightning conductors.

Chet and Duck are in fine fettle as usual...enjoy!

Firefox to get a "walled garden" for browser extensions, Mozilla to be sole arbiter

Mozilla has announced that its Firefox browser is heading towards signed browser extensions only.

Even if you publish your extensions "off market," you'll have to get Mozilla to sign them first.

Anatomy of a browser dilemma - how HSTS 'supercookies' make you choose between privacy or security

biscuit-250

HTTP Strict Transport Security (HSTS) is supposed to keep you more secure online, but it could be used to track you against your will.

Mark Stockley explains...

Update Tuesday wrap-up, January 2015 - See? We didn't use the word "Patch"!

Like fingers and thumbs, not all updates are patches, even if all patches are updates.

So, here's the skinny on Update Tuesday...including the security patches, of course.

GCHQ and police team up to hunt down child abusers on the darknet

GCHQ and police teaming up to hunt down child abusers on the darknet

A major crackdown on child-abuse imagery includes a new law making it illegal for an adult to send a sexual communication to a child.

Firefox turns 10 - celebrates by helping you to forget

The Firefox browser just turned 10.

Paul Ducklin takes a trip down memory lane...

How to clear out cookies, Flash cookies and local storage

5 minute fix: how to clear out cookies, Flash cookies and local storage

This quick fix will show you how to clear out cookies and the cookie-like things that can be used to track you online.

Mozilla fixes "phishing friendly" cryptographic bug in Firefox and Thunderbird

moz-250

Mozilla just patched a bug in its cryptographic library, NSS.

The bug is rated "critical" because it could permit skullduggery in apparently secure connections.

SSCC 165 - "U2 or not U2," that is the question [PODCAST]

It's Chet Chat time!

Here's this week's episode of our news-you-can-use security podcast...

Firefox sneaks out an "inbetweener" update, with security improvements rather than fixes

Usually, if everything goes according to plan, Firefox updates appear every six weeks.

But if needs must, Mozilla delivers in-between updates, too, and that's what has happened here, bumping Firefox from version 32.0 to 32.0.1.