More must have Firefox add-ons

Add-on recommendation #1: Conspiracy

There’s been a lot of discussion recently about the Certificate Authority (CA) paper, “Detecting and Defeating Government
Interception Attacks Against SSL”
that was published.  It turns out governments could compel CA’s to issue the them(or any law enforcement body) an intermediate CA certificate.  This then allows that body to trivially perform a man in the middle attack (MitM) against any client with any server (Google, Microsoft, insert your bank here).

In case you don’t enjoy reading 20 page white papers, besides the brief summary above, you want to check out the experimental Firefox add-on ‘Conspiracy‘.  It was written by the authors of the paper and it displays the country name/flag of the CA for the current page you’re on.  If you’re visiting your bank or web-mail client and notice you’re trusting a Chinese or Russian CA you might want to think twice before entering your credentials.  You can get the add-on here: https://addons.mozilla.org/en-US/firefox/addon/107867

Add-on recommendation #2: Request Policy

This morning I was listening to the most recent Pauldotcom security podcast.  They interviewed RSnake who is an expert regarding web security.  He mentioned a great Firefox addon which helps create rules to block cross site requests.  This is more fine grained control than running NoScript.  You can grab the add-on here: https://addons.mozilla.org/en-US/firefox/addon/9727

2 thoughts on “More must have Firefox add-ons”

  1. Hi, I’m very interested in Linux but Im a Super Newbie and I’m having trouble deciding on the right distribution for me (Havent you heard this a million times?) anyway here is my problem, I need a distribution that can switch between reading and writing in English and Japanese (Japanese Language Support) with out restarting the operating system.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s