Richard Barnes, Mozilla's head of security, announced on Twitter ότι ο Firefox θα ξεκινήσει το μαρκάρισμα ιστοσελίδων που φιλοξενούν log-ins με πρωτόκολλο HTTP σαν “επισφαλείς” και θα εμφανίζει το αντίστοιχο εικονίδιο για να προειδοποιήσει τους users for the risk.
Let's see what and how:
Thus the Mozilla foundation takes an important step for the security of the World Wide Web, because as you know even if the login page uses HTTPS to submit data, attackers can still use malicious JavaScript code to intercept passwords before they are even sent to the secure HTTPS platform.
Technically, as Mr. Barnes explained, any HTML "login" box that acts as a password field will automatically trigger this feature.notice if the page URL is HTTP.
This means that the proalerts they will also appear on new user registration pages if the URL appears to use a simple HTTP connection.
The icon and popup that will appear for this warning will be the same as those shown for bad HTTPS certificates.
The Mozilla Foundation uses the same warnings (visually) because most Firefox users are trained and recognize them as something dangerous.
The new feature is under development, and we will see it with the release of Firefox 44, which will also bring better SSL errors.
https://twitter.com/rlbarnes/status/656554266744586240
The new feature already exists in Firefox Nightly and you can try it instantly. Simply download the pro beta version from the following ink.
