Warning Dialogs in Firefox 2.0.0.13
Why is security in browsers so important? Because many attacks are now designed to exploit the flaws in the browsers we use. Spoofing, cross-site scripting, and malicious code installation are some of the results of these exploits. So when a browser releases a new update, it is usually done to try to fix these kinds of holes where attacks can be made.
In the recent release of Firefox 2.0.0.13, users will notice the abundance of warning dialogs. Firefox 2.0.0.13 changed the default behavior of personal certificates to prompt the user each time a web site requests a certificate. The old behavior, of not prompting a user, made it easier for malicious web sites to track users' activities by requesting the client certificate, even though they were from a different domain. To get past this warning, you will need to select "OK" in response to this message when visiting MIT pages that require a personal certificate.
Is this going to be tedious after a while? It may be. Nonetheless, it is important to stay aware of what you are doing when on the Web. (Vista and IE7 users will already be familiar with this type of security behavior.)
The Help Desk has written a stock answer on Firefox's new default behavior. You can also find tips on securing your web browser on the web site of the US Computer Emergency Readiness Team.
|
