Hello users of in-browser security and privacy add-ons,
As I am a fervent user of Firekeeper IDS, and both ABP and NoScript I have followed the following thread with utmost interest, and I post it again here, so that others here on our forums can also learn about it.
Wladimir Palant and Giorgio Maone in a constructive discussion in the forum thread I will give the link for.
As TedNelly here would say “dook it out folks”, again polonus learned a lot.
These discussions enhance your security and privacy sensibility. Chapeau to the makers of the thread, they make out for high quality reading…
Well then here is that link: http://www.wilderssecurity.com/showthread.php?t=168176
Enjoy!
Install it and you know. It is a sort of snort-ruled IDS extension to be used inside the Firefox or Flock browser.
Whenever one of the rules is violated a pop up appears and you can decide to blacklist, whitelist, ignore it once, for good etc. etc. In the report you see the rule and what violation has been made. It is an alpha-release, but it works fine, I like to have it inside the browser, as long as things are OK it sits there silently there is also a test page to test the right workings of the extension,
Well the link I gave is a historical one, because it was in the time that NoScript was an alpha thing, much simpler as it is now, and now it has grown into one of the main security extensions and is considered that valuable that there are serious considerations to bring it into the Firefox kernel as by default. But as you have read it you can better understand how these extensions were originally positioned.
Wladimir Palant’s add-on also went through a development, and can be used for additional security blocking as well, there are many lists to subscribe to.
But I think that ABP can be a nuisance for some users, because it can block things that you need for instance the forms to delete mails on your webmail page, so check the blockable page items once in a while to see that it does not block things it should not. Example of an malicious sites blocking list: http://adblockplus.org/blog/blocking-malicious-sites-with-adblock-plus
Jan Wróbel’s Firekeeper is still in alpha, has a long development ahead of it, and it is not clear yet if it can incorporate more Snort-like rules specifically written for Firefox in-browser protection, and to what extent it can be circumvented because it is an in-browser IDs and not a firewall based IDS.
Together with in-browser link checking and scanning, these three extensions make the browser much more secure than the default browser could ever be,
My only concern about the link to the ‘dook it out’ topic is that far from promoting the three add-ons, because they were so early in their development, there was nothing concrete to say these are must have add-ons.
Now if this topic were to be started today it would be slightly different as there would be more concrete reasons/evidence of their worth.
But it is to understand the standpoints of Palant versus Maone better, and they still differ until now where their general point of view is concerned, and yes this old link (the “dook it out” is a give-away that I got it from TedNelly’s) is still being used by people against NoScript and to criticize it to-day, while it developed into quite a different in-browser security extension.
Mind me not a lot of people know that NoScript has an Achilles heel, and that is the whitelist (every malcreant that knows what is in the whitelist or what sites are allowed, can circumvent the NoScript protection). That is why it is best to keep the whitelist as minimal as can be. And there are other ways to circumvent NoScript’s protection as Palant gives some examples in his exposé.
And some of the initial critique for Firekeeper in the given thread also still stands.
So I wonder, did you read the original “now somewhat dated” thread?
I think anyone that used data that is over a year old in regards to security to criticise a product, is only showing their total lack of understanding/knowledge (a year is a very long time in security applications or more importantly malware) and their argument is lost.
Yes there are no doubt ways to avoid NoScript but not having it at all means they don’t even have to avoid it, there are many pieces of malware that can avoid your anti-virus application, but I don’t see anyone saying you might as well not have one. Whilst this isn’t really a fair comparison, it is an extreme extension of the same logic.
I most certainly did read it but it did laps into a noscript really isn’t needed rather than FireKeeper’s usefulness, but still it is a year old in that regard and there is little detailed information that fully explains what firekeeper does ‘today.’ As you will remember my previous posts relating to Firekeeper where I wasn’t totally convinced about its worth, given my other add-ons and pro-active precautions.