TECH.BLORGE.com
VISTA.BLORGE.com
MAC.BLORGE.com
GAMER.BLORGE.com

February 13, 2007 |

Mozilla does some spring cleaning on Firefox extensions, while anti-phishing flaw goes unpatched

By George Gardner





Mozilla does some spring cleaning on Firefox extensions, while anti-phishing flaw goes unpatchedIt’s the hard truth that extensions for Firefox have played the largest role in the browser’s growth and popularity; yet, Mike Shaver, Mozilla’s technology strategist says, “We’re trying to tighten up the extensions, especially for new first-time users.”  

This week, Mozilla reworked their Firefox add-ons site by reducing the amount of available extensions from a couple thousand to a couple hundred. The site will loose all marginal add-ons, extensions that are not maintained by their creators, and those that are not updated for the browsers currently used.

 I’ll admit that there are many extensions that do not deserve to be in the list; but there are many that do, and I know they add up to more than 200.

Shaver decided, in this case, to let the users decide which extensions will come and go. Users will be able to nominate extensions for promotion from the “sandbox” to the public site. ”Some extensions will be in the sandbox for a while, some will be moved to the public site,” said Shaver.

Shaver’s goal is to make it easier for new Firefox users to quickly locate the best and most meaningful add-ons for the popular browser.

Sadly, Shaver noted, “We’ve always looked to extensions as a test bed,” making the impression that he’s ready to do away with extensions all together. You can rest assured that Mozilla’s sponsor, Kodak, will not loose their free plug-in; maybe this move by Firefox is to clear the path for a long list of sponsored add-ons.

The new add-on site will also feature better support for international users, and provide new tools for user-to-user discussions.

While Mozilla was busy remodeling the add-ons site, SecuriTeam, a security alert site maintained by Beyond Security, pointed out that an extra forward slash in the suffix of the domain, within the URL, could allow attackers to disable the browser’s anti-phishing filter. It would look similar to this: http://www.tech.blorge.com//.

The issue is currently unpatched but Mozilla is surely aware of it, and has given us no clue as to when we will see a fix. In the mean time, users should never click on links from non-trusted sources; even if their phishing filter is on. One could examine the links to make sure there is not a double forward slash after the domain name as well.

Related:

  • Mozilla Preps A Mobile Version Of Firefox
  • Firefox 3.0 Beta leaks out a few days early
  • Website wages war on "Why Firefox is blocked" site
  • Firefox – no longer the safer alternative to IE?
  • Mozilla: Firefox 3 "almost ready," due for final release in June




    • Sign up for the BLORGE daily email newsletter

    Entry was posted on Tuesday, February 13th, 2007 at 5:11 am under Uncategorized.

    Read more entries by George Gardner.
    StumbleUpon Toolbar Stumble It!

    One Response to “Mozilla does some spring cleaning on Firefox extensions, while anti-phishing flaw goes unpatched”

    1. mozila firefox:
      March 14th, 2007

      Right now you can speed up Firefox by 50 %. Read here: speed up Firefox.
      Also you can remove all ads: Ads free internet . Once you start surfing without ads, your browsing won’t be the same :)

    Leave a Reply:

    Copyright © 2008 Engaging and compelling blogs that entertain and inform