For those that use Firekeeper, ABP and NoScript add-ons in Fx or Flock!

Hello users of in-browser security and privacy add-ons,

As I am a fervent user of Firekeeper IDS, and both ABP and NoScript I have followed the following thread with utmost interest, and I post it again here, so that others here on our forums can also learn about it.
Wladimir Palant and Giorgio Maone in a constructive discussion in the forum thread I will give the link for.
As TedNelly here would say “dook it out folks”, again polonus learned a lot.
These discussions enhance your security and privacy sensibility. Chapeau to the makers of the thread, they make out for high quality reading…
Well then here is that link: http://www.wilderssecurity.com/showthread.php?t=168176
Enjoy!

polonus

I’m a Firekeeper + ABP + NoScript user :wink:

Hi Tech,

One thing I know, Tech, you definitely are a security-aware person, good for you, and now you know why you use these extensions.

polonus

This although an interesting read it is a dead topic with the last entry in may 2007.

So FireKeeper, NoScript and ADBlock Plus have advanced somewhat from what was being discussed, the “dook it out” (as you say) has ended quietly.

I have noscript and Adblock plus, but whats a firekeeper?

Hello Husk,

Install it and you know. It is a sort of snort-ruled IDS extension to be used inside the Firefox or Flock browser.
Whenever one of the rules is violated a pop up appears and you can decide to blacklist, whitelist, ignore it once, for good etc. etc. In the report you see the rule and what violation has been made. It is an alpha-release, but it works fine, I like to have it inside the browser, as long as things are OK it sits there silently there is also a test page to test the right workings of the extension,

polonus

I’ll get it, But to be honest I hate noscript, It’s good - But that yellow bar that appears is extremely annoying…

You can configure it to not shown the bar… just the icon will show that some scripts were blocked.

What yellow bar, I don’t see one ?

David, just go to a site that you have not allowed into NoScript…

I don’t see that either only the NoScript Icon changes shows a Red Circle with Bar, this is no doubt because I have the Status Bar Label unchecked.

Obviously :wink:

Hi DavidR and Tech,

Well the link I gave is a historical one, because it was in the time that NoScript was an alpha thing, much simpler as it is now, and now it has grown into one of the main security extensions and is considered that valuable that there are serious considerations to bring it into the Firefox kernel as by default. But as you have read it you can better understand how these extensions were originally positioned.

If you put the NoScript changelog: http://noscript.net/changelog and compare it with Firefox release notes you will know why this is: http://www.mozilla.com/en-US/firefox/releases/
Now NoScript became the first and only effective protection ( http://noscript.net/features#xss )
against reflective XSS available to users, now copied by Microsoft for IE8 in a mediocre albeit flattering imitation: http://blogs.zdnet.com/security/?p=1421 (words of Mr. Maone on MozillaZine forum).
Mr. Maone became member of the Firefox Security Group: http://www.mozilla.org/projects/security/secgrouplist.html

Wladimir Palant’s add-on also went through a development, and can be used for additional security blocking as well, there are many lists to subscribe to.
But I think that ABP can be a nuisance for some users, because it can block things that you need for instance the forms to delete mails on your webmail page, so check the blockable page items once in a while to see that it does not block things it should not. Example of an malicious sites blocking list:
http://adblockplus.org/blog/blocking-malicious-sites-with-adblock-plus

Jan Wróbel’s Firekeeper is still in alpha, has a long development ahead of it, and it is not clear yet if it can incorporate more Snort-like rules specifically written for Firefox in-browser protection, and to what extent it can be circumvented because it is an in-browser IDs and not a firewall based IDS.

Together with in-browser link checking and scanning, these three extensions make the browser much more secure than the default browser could ever be,

polonus

My only concern about the link to the ‘dook it out’ topic is that far from promoting the three add-ons, because they were so early in their development, there was nothing concrete to say these are must have add-ons.

Now if this topic were to be started today it would be slightly different as there would be more concrete reasons/evidence of their worth.

Hi DavidR,

But it is to understand the standpoints of Palant versus Maone better, and they still differ until now where their general point of view is concerned, and yes this old link (the “dook it out” is a give-away that I got it from TedNelly’s) is still being used by people against NoScript and to criticize it to-day, while it developed into quite a different in-browser security extension.

Mind me not a lot of people know that NoScript has an Achilles heel, and that is the whitelist (every malcreant that knows what is in the whitelist or what sites are allowed, can circumvent the NoScript protection). That is why it is best to keep the whitelist as minimal as can be. And there are other ways to circumvent NoScript’s protection as Palant gives some examples in his exposé.

And some of the initial critique for Firekeeper in the given thread also still stands.
So I wonder, did you read the original “now somewhat dated” thread?

polonus

I think anyone that used data that is over a year old in regards to security to criticise a product, is only showing their total lack of understanding/knowledge (a year is a very long time in security applications or more importantly malware) and their argument is lost.

Yes there are no doubt ways to avoid NoScript but not having it at all means they don’t even have to avoid it, there are many pieces of malware that can avoid your anti-virus application, but I don’t see anyone saying you might as well not have one. Whilst this isn’t really a fair comparison, it is an extreme extension of the same logic.

I most certainly did read it but it did laps into a noscript really isn’t needed rather than FireKeeper’s usefulness, but still it is a year old in that regard and there is little detailed information that fully explains what firekeeper does ‘today.’ As you will remember my previous posts relating to Firekeeper where I wasn’t totally convinced about its worth, given my other add-ons and pro-active precautions.