[Cialug] FF4 Cooke Management?
Nicolai
nicolai-cialug at chocolatine.org
Fri Apr 8 11:51:13 CDT 2011
On Fri, Apr 08, 2011 at 02:56:36PM +0000, Josh More wrote:
> I just run my browser in private mode and delete all cookies when
> I exit. That protects against attacks of persistence.*
> I then use NoScript to protect against Javascript-based attacks
> (XSS) and Request Policy to protect against cross site forgery
> (CSRF).
> Lastly, I use AdBlock to prevent against malicious ad injection.
Diddo to all of that. Another good tool is Cert Patrol, which keeps a
copy of certificates and warns on changes.
Beyond that, you can also write a little shell script to cleanse
~/.mozilla using a known good copy. It's a simple/easy way to be
reasonably sure to rid yourself of stuff like this:
http://samy.pl/evercookie/
as well as (some) backdoors. The browser is far behind the rest of the
system in terms of security so it makes sense to put extra effort
there.
BTW, is it just me or does it seem like browsers are going backwards in
terms of quality -- both in privacy capabilities and bloat?
Nicolai
More information about the Cialug
mailing list