On 11/05/2013 10:39 AM, Michael Orlitzky wrote:
> On 11/05/2013 09:49 AM, mingdao wrote:
>>
>> Flameeyes wrote the following blog post concerning this issue:
>>
>> http://blog.flameeyes.eu/2012/10/may-i-have-a-network-connection-please
>>
>> and the link gives me a (Error code: sec_error_ocsp_unknown_cert).
>>
>
> You should disable OCSP anyway. In Firefox, it's under,
>
> Edit -> Preferences -> Advanced -> Encryption -> Validation
>
> The OCSP protocol is itself is vulnerable to MITM attacks, which is cute
> when you consider its purpose.
>
> Moreover, it sends the address of every website you visit to a third
> party, which is the real reason to disable it IMO.
>
>
Thanks for pointing this out! I'm a privacy-minded kind of guy and
didn't think to look there for possible violations. Do you know of any
other tips for locking down Firefox from prying eyes? I already use
NoScript and RequestPolicy, clean non-whitelisted cookies, and disabled
web forgery reporting in Preferences.
