The Firefox Update Prevents MITM Attacks

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

The Mozilla Foundation has stepped up its efforts to improve browser security with the launch of Firefox 32, adding public key pinning to try and protect users from man-in-the-middle and other attacks.

Public key pinning security feature that helps ensure that people are connecting to the sites they intend. Pinning allows webmasters to specify which certificate authorities (CAs) issue valid certificates for their sites, rather than accepting any one of the hundreds of built-in root certificates that ship with Firefox.

This means pinning can be used to protect Firefox users from man-in-the-middle-attacks and rogue certificate authorities. Whether a CA mis-issues a certificate, or when the root cert for a pinned site does not match one of the known good CAs, Firefox will reject the connection.

firefox public key pinning
firefox public key pinning

Here is an example of an error message generated by the public key pinning feature in Firefox.

firefox public key pinning MITM
firefox public key pinning MITM

The change is among a number of enhancements offered in the new version, now available for Windows, Mac, Linux and Android users.

The following two tabs change content below.

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]