« Mobile | Main | Mozilla Thunderbird »
Wednesday, December 16, 2009
Firefox 3.5.6 Available
The latest Firefox has a slew of security and stability fixes and you should upgrade ASAP.
Okey-dokey?
| Categories: Best Practices, Mozilla Firefox
Friday, November 06, 2009
Firefox Update
Y'all better check yer Firefox to see that you are running version 3.5.5 - if you aren't then run a manual upgrade (Help - Check for Upgrades). You might also set Firefox to automagically download and install upgrades:
| Categories: Best Practices, Mozilla Firefox, Security Alerts
Sunday, November 01, 2009
Damn Yer Quiz, Facebook!
I thought Facebook was a means where by one could (virtually) keep in touch with loved ones, friends and colleagues? A place to share pictures and thoughts? Now it appears cluttered with quizzes, games and virus-filled applications. Yeech. Greasemonkey to the rescue!
What? Never used Greasemonkey? Hmmm . . . You do use Firefox, right? Check this previous post.
| Categories: Firefox Extensions, Mozilla Firefox, Privacy Issues, Software Tools
Sunday, October 18, 2009
Firefox Plugs Microsoft Security Hole
If you use Firefox (and you should, imho) you have probably already seen a pop-up alert informing you that it is blocking Microsoft`s .NET Framework Assistant and Windows Presentation Foundation add-ons that were stealthily installed by Microsoft earlier this year.
This hole was supposed to have been fixed earlier by having users edit the Windows registry - but this idea stunk because editing the registry is potentially dangerous. Microsoft later released a simple point and click removal tool - except this left behind the Windows Presentation Foundation plug-in which is what was just killed by Mozilla.
So, the confusion up to now has been addressed by both Mozilla and Microsoft to remove both nasty bits. Whew!
| Categories: Best Practices, Firefox Extensions, Mozilla Firefox, Security Alerts
Wednesday, July 15, 2009
Critical Firefox 3.5 Security Flaw
The newest Firefox, version 3.5, includes Tracemonkey, a new feature designed to speed up Javascript scripts. A flaw within Tracemonkey could allow attackers to remotely install evil software when users visit compromised Web sites.
A simple fix is available until the next patch fixes the vulnerability:
- Open up a new Firefox window and type ‘’about:config‘’ (without the quotes) in your browser's address bar
- In the ‘’filter‘’ box, type ‘’jit‘’ and a setting called ‘’javascript.options.jit.content‘’ will appear.
- If the setting is set to ‘‘true’’ it means the option is enabled.
- If it is, double-click on the setting. This should change the option to ‘’false‘’ disabling it.
| Categories: Mozilla Firefox, Security Alerts, Virus-Trojan-Worm Alerts
Tuesday, April 14, 2009
Twitter Awareness
The recent cross-scripting attack on the newest buzzword universe called Twitter is merely another bump on the rocky road through Interpipe 2.0
These XSS attacks are the bane of Web 2.0 and will cause disasters for individuals who refuse to become aware of their online surroundings. Compound this with users who remain clueless about what is running on their PC's and you have a large impediment in the push through to Web 3.0 applications.
Now add smartphones and netbooks to the mix ;(
For a fine write up on the Twitter XSS attack see: http://twittercism.com/protect-yourself-on-twitter/
Be sure to check out the fine tip from Twittercism about XSS busting using Firefox browser with the Add-on NoScript with screencaps from Better Safe Than Sorry here.
Edited on: Tuesday, April 14, 2009 12:07.58 PM EDT
| Categories: Adware/Spyware Alerts, Best Practices, Firefox Extensions, Mobile, Mozilla Firefox, Online Apps, Security Alerts, Virus-Trojan-Worm Alerts
Wednesday, December 17, 2008
The Ultimate Greasemonkey Script
Oh baby! Where have you been all my life!
Greasemonkey has always been a killer add-on for Firefox. Little scripts that work within Firefox to address many of the issues folks have with various websites. Simple things like adding easy to print pages to sites that have so many graphic ads that printing was a paper and ink nightmare.
The problem was that one had to go to the giant repository of Greasemonkey scripts at Userscripts.org search for the one that might address your specific problem and install it.
Well, a new script called Greasefire does all this for you. Once installed the Greasemonkey icon appears, in a slightly different form then you are used to, in the Firefox taskbar.
From then on if you browse to a site that any Greademonkey scripts that are related to it the icon turns a lovely shade of red.
If you then right-click on the icon it will further inform you of how many scripts are available. In this case our example shows the enormous number of scripts available at the uber-geek site slashdot.org.
Clicking on the top line (the one indicating how many scripts are available) opens up a window giving descriptions of the scripts. Clicking the giant grey button on the right towards the bottom initiates the usual Greasemonkey install routine.
So, if you have not yet installed Greasemonkey and Greasefire get thee hence to Userscript.org and help yourself to some great Add-ons.
| Categories: Firefox Extensions, Mozilla Firefox, Software Tools
Sunday, December 14, 2008
Severe IE Vulnerability
An unpatched vulnerability in Internet Explorer 7 (which also affects older versions of the browser as well) is on the loose. Microsoft has stated that IE 5.01 with SP 4, IE 6 with or without SP 1 and IE 8 (Beta 2) on all versions of the Window OS are affected. To complete the horror IE 7 on Windows XP SP 2 and 3 and Windows Vista with or without SP 1 are also vulnerable. Web sites are now actively exploiting the vulnerability. One has to merely view a Web site in order to have a Trojan horse program automatically downloaded to their machine. Once downloaded the evil doers can manipulate the rogue program to download other software which could perform actions such as sending spam emails or steal data. Since Microsoft's next patch is not due until January 13, 2009 one would be wise to use an alternative browser such as Firefox or Opera. Just sayin' . . .| Categories: Mozilla Firefox, Privacy Issues, Security Alerts, Virus-Trojan-Worm Alerts
Thursday, December 04, 2008
Firefox Greasemonkey Targeted
A new type of malware that collects passwords for banking sites is in the wild. In this instance it only targets Firefox browser through the popular Greasemonkey script. The malware uses JavaScript to identify some 100 financial web sites (including PayPal). It then harvests logins and passwords which are forwarded to a server in Russia.
So, short of disabling or uninstalling Greasemonkey your best defence is the usual: do not download anything, including Firefox add-ons, from any site other than Mozilla's, do not visit dubious sites located in dubious domains (such as .ru) and always have your firewall, anti-virus, router and brains active ;)
| Categories: Firefox Extensions, Mozilla Firefox, Virus-Trojan-Worm Alerts
Saturday, September 27, 2008
Firefox Update Available
Get it while it's hot. This update fixes one bug: ‘’where users were unable to retrieve saved passwords or save new passwords‘’.Yikes.
Click on ‘’Check for Updates‘’ from the Help menu to update and don't forget to restart Firefox for the update to take effect.
| Categories: Best Practices, Mozilla Firefox
Wednesday, May 28, 2008
Patch your Flash NOW
| Categories: Alternative Applications, Mozilla Firefox, Privacy Issues, Security Alerts, Software Tools, Virus-Trojan-Worm Alerts
Saturday, October 20, 2007
RealPlayer Exploit
User of Internet Explorer under Windows are vulnerable to drive-by downloads simply by visiting an evil Web page. As usual, it is an unknown and unpatched ActiveX component that is causing the problem. Note that both Microsoft Outlook and Outlook Express clients are also at risk. Best practices? Uninstall RealPlayer, use an alternative browser such as Firefox or Opera and use another email client such as Thunderbird or Penelope. Those who just can't part with RealPlayer should visit http://service.real.com/realplayer/security/en/ and (when available) download and install the patch. Ryan Naraine over at ZDNet.com has a great write up with info and fixes.| Categories: Adware/Spyware Alerts, Alternative Applications, Best Practices, Mozilla Firefox, Mozilla Thunderbird, Opera, Penelope Email, Privacy Issues, Security Alerts
Monday, May 14, 2007
Google: 1 in 10 Websites Unsafe
Especially if you use Internet Explorer as opposed to Firefox or Opera. The chance of being nailed by a "drive-by download" is almost non-existent when using any browser other than Internet Explorer. Do yourself a favour and try a safer alternative.
| Categories: Adware/Spyware Alerts, Alternative Applications, Headlines, Mozilla Firefox, Opera, Privacy Issues, Security Alerts, Virus-Trojan-Worm Alerts
Friday, November 24, 2006
Firefox Password Manager Compromised
It seems a flaw in the way Firefox handles passwords is enabling evil doers to create Phishing holes at sites where .html is allowed such as myspace.com - no fix has been issued but Secunia is advising users to disable the "Remember passwords for sites" option in Firefox preferences.| Categories: Best Practices, Mozilla Firefox, Security Alerts
Tuesday, October 24, 2006
Firefox 2.0 Released
All the downloads are here: http://www.mozilla.com/en-US/firefox/all.html.| Categories: Headlines, Mozilla Firefox
Friday, July 21, 2006
MySpace.com + IE Flaw + Known Exploit = Chaos
It appears Internet Explorer is again being exploited by evil Windows Metafile (.WMF) images. Worse, these images reside on MySpace.com with some 50+ million users. This exploit quickly follows the most recent Microsoft Update forcing drastic action from someone.At out-of-cycle patch from Microsoft or a third-party fix from a two-person shop in Guyana all works for me. Until a fix appears use an alternative browser such as Opera or Firefox.| Categories: Adware/Spyware Alerts, Alternative Applications, Mozilla Firefox, Virus-Trojan-Worm Alerts
MS PowerPoint Attachment Trouble
If you receive an email from an unknown Gmail address and it contains an MS PowerPoint presentation then delete it.Edited on: Monday, July 31, 2006 4:27.20 PM EDT
| Categories: Adware/Spyware Alerts, Alternative Applications, Mozilla Firefox, Security Alerts, Virus-Trojan-Worm Alerts
Thursday, May 11, 2006
Firefox mailto: exploit
This exploit could cause your default email client to launch allowing spam to escape. Or it could simply slow down your PC. The quick 'n dirty fix is here.| Categories: Best Practices, Mozilla Firefox, Privacy Issues, Security Alerts
Friday, April 14, 2006
Firefox Update Available
The latest version of Firefox that includes several important security updates is available. Click Help . . . Check for Updates.| Categories: Best Practices, Mozilla Firefox, Security Alerts
Wednesday, February 01, 2006
Firefox 1.5.0.1 Update
At around 6:00 EST the following appeared on my screen:
Woo-hoo! Firefox is doing its first auto-update. I had plum forgot that it was going to happen.
After Firefox restarted the following loaded showing all is well:
Excellent!
Wednesday, December 14, 2005
The Thirty Day Rule
An old Javascriprt vulnerability in all Firefox versions prior to 1.0.5 has taken on a new life since the code to take advantage of it has been published on the web. Those of you who are still happily using older versions should upgrade. Best Practices: Always upgrade to the latest version of software at about the thirty daymark after its release because . . . a) This gives any bugs in the release time to be found by all those early adopters allowing the developers time to patch the bug. b) Not enough time has passed that evil virus writers have released exploits. c) Authors of plugins and other add-ons (such as Firefox extensions) will have had time to patch their products.| Categories: Best Practices, Mozilla Firefox, Security Alerts
Wednesday, December 07, 2005
Aardvark
| Categories: Firefox Extensions, Mozilla Firefox, Software Tools
Sunday, December 04, 2005
Phishing with Google Desktop & Internet Explorer 6
If you use Google Desktop and Internet Explorer 6 you run the risk of exposing information on your PC to evil web site operators. The details are here: http://www.theregister.co.uk/2005/12/03/google_desktop_vuln/. The solution? The usual - use Firefox or Opera ;-)| Categories: Mozilla Firefox, Opera, Security Alerts
Wednesday, November 30, 2005
Firefox 1.5 Released
The latest and greatest Firefox browser has been released. If you still use Microsoft Internet Explorer do yourself a favour and try the latest Firefox - you'll be more secure and enjoy a host of features you just don't find with IE. The download is here: http://www.mozilla.com/firefox/.Tuesday, November 01, 2005
Windows Live Accepts Reality
| Categories: Mozilla Firefox, Software Tools
Wednesday, September 21, 2005
Firefox 1.0.7 Released
It's new. It's improved. You should download it from http://www.mozilla.org/products/firefox/.Friday, September 09, 2005
Firefox Vulnerability Reported
Firefox appears to have a problem handling URLs that contain a certain character in the domain name. This can be exploited to cause a buffer overflow. This results in a possible compromised system. The only solution thus far is to "avoid untrustworthy sites". Uh-huh. You may want to switch to your install of Opera until the patch is released. What, you don't use Opera? You've never even tried it? Oh, c'mon, what are ya new? Get it at http://www.opera.com.| Categories: Alternative Applications, Mozilla Firefox, Opera, Security Alerts
Tuesday, August 09, 2005
Rogers Yahoo Software Centre
I received an email from my ISP, Rogers.com, letting me know about a new bundle of security applications that are free for subscribers. So far so good. I launch the URL and am taken to the sign-in page and finally to the welcome page, where the whole process screeches to a halt because I am using Firefox and not Internet Explorer. Not supported. You must upgrade to IE 6.
Not bloody likely am I downgrading. I use Firefox and Opera, thanks.
So, I decide to at least fire up my IE 6 (oh, yes, I have it for just these wonderous occasions) and see what Rogers-Yahoo is offering for security.
None of my business it appears! Oh, you get anti-spyware, anti pop-ups, etc but it does not say whose software. I spend my time educatng people to check that what they download is legit and not spyware or virus filled and here my own ISP is keeping its clients in the dark.
Finally, the (limited) info explains that, "As part of the installation process, we will need to check your computer to determine what Rogers Yahoo! software is currently installed."
My goodness, I don't like the sound of that. Do you suppose they may actually be checking to see if the applications on the CD they insist you install upon joining Rogers is still there?
Good intentions badly carried out.
| Categories: Best Practices, Mozilla Firefox, Opera, Privacy Issues
Wednesday, July 20, 2005
Firefox Version 1.0.6 Released
Hot on the heals of release 1.0.5 Mozilla has introduced the better, faster, stronger . . . um, actually this release merely patches the previous release which buggered a bunch of extensions. So, if after installing version 1.0.5 all your extensions failed you should upgrade.
Edited on: Wednesday, July 20, 2005 6:29.40 PM EDT
| Categories: Mozilla Firefox
Tuesday, July 19, 2005
Mandatory Greasemonkey Update
Users of Greasemonkey are strongly urged to either install Greasemonkey 0.3.5, or else disable or uninstall Greasemonkey completely. A security flaw allows any website which matches at least one user script (even * scripts) to read any local file on your machine, or to list the contents of local directories.
Edited on: Wednesday, July 20, 2005 6:30.38 PM EDT
| Categories: Best Practices, Mozilla Firefox
Thursday, July 07, 2005
Scribe Firefox Extension
Adds Word Processor like functionality to web forms, including opening and saving form entries as files.Excellent. Never again will you lose submitted data into the ether when the form you send craps out. Forgotten form data on topics of interest will be recoverable. Ah, extensions . . .
Edited on: Wednesday, July 20, 2005 6:33.46 PM EDT
| Categories: Mozilla Firefox
Thursday, May 12, 2005
Are Ya Yellow?
After upgrading your Firefox check the update icon to the right of the Help. If it is green or yellow (see below) then click it to update your extensions and/or themes.Edited on: Monday, July 25, 2005 1:29.40 PM EDT
| Categories: Mozilla Firefox
Tuesday, April 19, 2005
Software Install In Firefox
Firefox can be made to disable the installation of software, allow all software to be installed or selectively allow named web sites to install software.
In our case we assume that since you are reading this your install has failed because Firefox has software install presently disabled. We will now turn it on for this site only.
First, copy the domain address that you wish to add - "addons.update.mozilla.org" (without the quotes)
Just above the Window on the left you should see text similiar to the graphic on the left. |
At the extreme right of the text (above) you will see a button entitled "Edit Options..." similiar to the graphic on the right - Click it. |
Place a check in the box for "Allow web sites to install software" then click the "Allowed Sites" button on the right. |
Here you can see that sites may be added or removed. The safest and
easist way to surf is to disable the ablity of sites to install
software except for specific sites you know to be safe.
To access this window at other times click Options - Web Features. |
In the "Address of web site:" window paste the text you earlier
copied and click the "Allow" button.
Now click the "OK" button. |
That's it - now when you come back to this site Firefox will allow
it to install software.
When you happen upon other safe sites you can selectively add them to the list of allowed sites. |
Installing Firefox Extensions
Firefox adds to its functionality by making it possible for anyone to add what are called "extensions" to the browser. These extensions are available at the Mozilla site here - The easiest way to be informed of new extensions is to add the following feed to your RSS aggregator.
I suggest you check out the existing extensions - many are very useful for specific purposes.
On the other hand there exists the Abe Vigoda Status Extension - but who are we to judge?
Time to install Formfox - Open this link in a new tab.
About half way down the page you will see a tan box with the words Install Now - Click it. |
The Software Installation dialogue box will initially grey out the
Install Now button forcing you to consider the security implications
of what you are doing.
Since this site is known safe we will continue. Once the Install Now button turns its regular colour we can click it to continue the installation. |
The Install Now button has turned its regular colour and it has a
big green check mark so click it to continue.
The dialogue box (below) will pop up. |
To be able to use the extension you must restart Firefox as
indicated in the Extensions dialogue box.
Before you do check the last two pics below. To access this dialogue box at other times click Tools - Extensions. From here you can Update extensions, uninstall extensions and check for new extensions. |
Here we have an example of the Formfox extension at Google.ca - With the mouse hovering over the Google Search button we can see that the form will indeed be sent to http://www.google.ca/search and NOT http://www.russian-mafia.ru ! |
Every so often - and ALWAYS after upgrading Firefox itself - click
the icon to the right of the Help text button - Firefox will check
all the sources for your installed extensions and if there are
updates or newer versions it will prompt you to install them.
In some instances updates to extensions will take time and for a period after installing an updated Firefox some extensions won't work - indeed there have been extensions that have remained broken and were eventually uninstalled :-( |
Monday, April 18, 2005
Firefox Extension: Formfox
The extension is called Formfox - it's purpose is to alert you to where the information in an online form is being sent to.
This is an excellent way to prevent folks from being taken in by a fake site that asks for legitimate information that is forwarded to evildoers.
When your mouse is hovering over the button that submits a form an URL will display showing where your information is actually going. If, for example, you believe you are at the your online bank and the URL displayed by Formfox is [http://russian-mafia.ru] you may well not press that button!
| Categories: Best Practices, Mozilla Firefox
Thursday, March 24, 2005
Mozilla Firefox 1.02 Released
Time to update the 'ole browser. Click on the update button and follow the instructions.>
>
Wednesday, March 02, 2005
Merriam-Webster Firefox Tools
Edited on: Wednesday, July 20, 2005 5:38.24 PM EDT
| Categories: Mozilla Firefox
Wednesday, February 09, 2005
Firefox IDN Spoofing Flaw Fix
If you have the preferential.xpi extension installed then search for network.enableIDN and ensure the value is FALSE.
Edited on: Wednesday, July 20, 2005 5:53.12 PM EDT
| Categories: Mozilla Firefox, Security Alerts
Monday, January 17, 2005
No More Internet for Them
The article has no mention of alternatives to Windows OS, browser alternatives to Internet Explorer or email alternatives to Outlook Express.
Sigh.
Edited on: Wednesday, July 20, 2005 5:59.43 PM EDT
| Categories: Adware/Spyware Alerts, Alternative Applications, Best Practices, Concepts, Eudora Email, Mozilla Firefox, Mozilla Thunderbird, Openoffice.org, Opera, Software Tools
Monday, January 10, 2005
Internet Explorer Flaw Now 'Extremely Critical"
Edited on: Wednesday, July 20, 2005 6:02.20 PM EDT
| Categories: Mozilla Firefox, Opera, Security Alerts
Tuesday, December 21, 2004
The 10 Immutable Laws of Security
Edited on: Wednesday, July 20, 2005 6:14.29 PM EDT
| Categories: Alternative Applications, Mozilla Firefox, Opera, Security Alerts
Sunday, December 05, 2004
Portable Firefox on a USB Drive
For now the limitation of being unable to sync with your usual desktop version makes this not quite perfect but this feature is coming soon.
Also check out the same feature for your email/USENET using Mozilla Thunderbird.
Edited on: Wednesday, July 20, 2005 6:21.23 PM EDT
| Categories: Alternative Applications, Mozilla Firefox
Tuesday, November 09, 2004
MyDoom variant exploits IE flaw, again
Edited on: Wednesday, July 20, 2005 6:58.16 PM EDT
| Categories: Best Practices, Mozilla Firefox, Security Alerts, Virus-Trojan-Worm Alerts