Hi,
I'm in the process of updating the README of 0.5 and found the section
on securing Mozilla in need of a rewrite. I haven't found a similar
section in the 0.7 README, so the follwing information might be of
interest for 0.7, too.
I know of three Mozilla features potentially destroying your anonymity
when using FProxy:
* GoBrowsing: feeds URLs of failed requests into a search engine. This
is a well-known problem but the workaround has changed. Whereas in
older versions of Mozilla, the variable "browser.goBrowsing.enabled"
had to be set to false, now it is "keyword.enabled".
* Prefetching: loads links in a page in the background. If I understand
correctly, 0.7 already protects itself against this feature by
converting anchors to form submit buttons. This feature may be disabled
by setting "network.prefetch-next" to false.
* Safebrowsing: communicates the URL (and contents?) of each request to
a "safebrowsing provider" (Google is the default). This feature appears
to be deactivated in most, if not all, browsers by default. It may be
deactivated by setting "browser.safebrowsing.enabled" to false.
Are there other funny new Mozilla features I should include in the
security cautions section?
Jack
____________________________________________________________________________________
Never miss a thing. Make Yahoo your home page.
http://www.yahoo.com/r/hs
