Mozilla's engineers are working on a Firefox Alert System, which will show security warnings to users visiting websites that have infringed data.
The alert system will use the data contained in the Have I Been Pwned, One by clicking here που συμπεριλαμβάνει όλες τις γνωστές παραβιάσεις δεδομένων και διαθέτει αναζήτηση για τους χρήστες που επιθυμούν να δουν αν στις εν λόγω παραβιάσεις υπάρχουν και οι προσωπικές τους πληροφορίες (name, code access).
Work on this project has begun recently και ο πηγαίος κώδικας για την εμφάνιση αυτών των προειδοποιήσεων δεν συμπεριλαμβάνεται ακόμη και στον βασικό κώδικα του Firefox, αλλά λειτουργεί ξεχωριστά σαν πρόσθετο.
"[Breach Alerts] is an addon I'm going to use to prototype an upcoming Firefox feature that alerts users when their credentials may be involved in a data breach," said Mozilla engineer Nihanth Subramanya. description of the add-on.
The code of this add-on is available in GitHub and anyone who wants it can do a compile to get it to Firefox. Please note that only Firefox Developer Edition is currently supported.
The add-on is still in early stages of development and alerts are currently enabled when the user visits a site that is included in the Have I Been Pwned public violation list.
This new warning system will surely shake off the companies that have been tampered with. Have I Been Pwned can offer the same service, but it's not the same. It's very different to display this information from a browser that uses millions of users and shows violations that have happened years ago.
"I'm working with Mozilla on this," said Troy Hunt, the researcher behind Have I Been Pwned.
“We're looking at a few different models of how it might work, but the main takeaway is that there's an intention to show warnings about data exposed directly from the program tours,” says Hunt.
One thing is for sure that the Mozilla Foundation should pay special attention to how it will display the warnings. It should focus less on the security incident and put more emphasis on encouraging users to change their credentials on infringing websites.
See the add-on Breach Alerts