Firefox Browser extensions to prevent SSL Security issues

By Winsockfix | Comments (0) | Trackbacks (0) | Email This Post Email This Post

If you're new here, you may want to subscribe to Windows Reference RSS feed Thanks for visiting!

Security experts in the recent few months have been keen to exploit and bring to light issues and vulnerabilities in SSL which in itself is a secure protocol. So, what this means to ordinary users like you and me is that the confidence that we are accessing a secure webste when browsing HTTPS websites can no longer be same.

The Firefox 3.0 extensions “Perspective” & “SSL Blacklist” can protect you from SSL Man in the Middle Attacks and the recent demonstrated weakeness in MD5 algorithm for RSA signatures respectively.


Perspective Firefox 3.0 extension

When you visit a HTTPS website with untrusted certiicate (self-certified or mismatch of hostname on certificate and the actual DNS hostname of the server), firefox by default leaves you with a choice of either not visiting the website (could be a legitimate website) or allow you to manually add an exception for the website to continue to visit the website. This could lead to a “Man in the Middle” where the attack host sits between the client (you) and the server (website) and proxies the traffic between the hosts making the client and server both believe they are directly conversing to each other securely.
firefox_security
Perspective firefox extension can detect Man In the Middle Attacks by automatically building a robust database of network identities using lightweight network probing by “network notaries” located in multiple vantage points across the Internet. Perspective extension can also check the validity of the Self-signed certificates and overides the Firefox default behaviour if the certificate is valid.

perspective1

Click here to install Perspective extension for Firefox 3.0

SSL Blacklist Firefox extension

A recent practical demonstration by security experts of the weakness in MD5 algorithm means any certificate signed with MD5 algorithm could possibly be fake. SSL Blacklist extension can detect and warn about SSL Certificate chains that uses the MD5 algorithm used in the signatures.

sslblacklist

Click here to install “SSL Blacklist” firefox extension.

If you use Internet Explorer as your default browser then look here.

  • Share/Bookmark

Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically each day to your feed reader.

Tags: , , , , , , , , ,
Topics: Firefox, Security

No comments yet.

Leave a comment

Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

(required)

(required)