SIMonline

Service receive & sending SMS

Firefox 68, fixed TLS issues

113   |     /   Programs
Firefox 68, fixed TLS issues
Mozilla said that upcoming Firefox 68 will eliminate TLS problems caused by antiviruses by automatically changing the browser configuration when it detects a Man in the middle (MITM) error.



A free virtual number for telegrams is the fastest and easiest solution to the question of how to register a telegram account without having a new SIM card at hand.

Problems began in December when Mozilla released Firefox 65. After launching this version, the organization began to significantly increase the number of TLS errors that are often caused by the interaction of security software with Firefox.

Security software in many cases must check the contents of HTTPS connections to detect threats, and does this by installing its own root certificates on the device.

Unlike other web browsers that rely on the root storage of the operating system to determine if a certificate is trusted, Firefox maintains its own list of trusted certificate authorities (CAs). This means that security solution developers must properly configure Firefox for their software in order to be able to analyze encrypted traffic.

Firefox is designed to alert users when it detects a potential MitM attack, when antiviruses increasingly launch these types of alerts, preventing users from accessing websites via HTTPS.

This problem can be solved by turning on the “corporate roots” option in Firefox, which forces the browser to import any root CAs added to the OS.

Mozilla said it originally planned to add a “Fix” button to the MitM error pages so that it would be easier for users to enable the “enterprise roots” option, but ultimately decided to add a mechanism that would automatically enable the option and reload the page whenever a MitM error was detected .

The preference will remain enabled if the problem is resolved, if the user has not manually disabled it. Mozilla also advised antivirus vendors to enable this preference on their own, instead of adding their root CA to the root storage of the browser.

This change will be implemented starting with Firefox 68, which is scheduled for release on July 9th.

Version 68 of Firefox Extended Support (ESR), which is often used in enterprise environments, will enable this default setting to make it easier for administrators who often need Firefox to recognize their organization’s own CA.

Mozilla also noted that users can see if the website is using the imported root CA certificate by clicking the lock icon in the URL bar.

“This may cause some concern for Firefox to automatically trust CAs that have not passed the audit and passed the rigorous Mozilla process,” said Wayne Thayer, CA Program Manager at Mozilla. “However, any user or program that can add CAs to the OS will almost certainly also add the same CA directly to the Firefox root store. In addition, since we only import CAs that are not included in the operating system, Mozilla supports our ability to set and apply the highest industry standards for public trusted CAs that Firefox supports by default. In short, the changes we are making are designed to make Firefox easier to use without compromising security. ”

Similar news


Caution! Amazon Alexa secretly records conversations

Two lawsuits claim class action status, claiming that Amazon records children’s conversations and stores them indefinitely.

Microsoft strengthens Wi-Fi protection

Windows 10 update that deploys unsafe Wi-Fi hotspots with new user notifications.
Microsoft began releasing its Windows 10 update in May 2019, which will mark Wi-Fi networks using outdated and insecure authentication mechanisms, Wired Equivalent Privacy (WEP) and Temporary Key Integrity Protocol (TKIP).

macOS Catalina and enhanced security

Apple introduced the latest version of its Mac operating system this week, macOS 10.15 Catalina. In addition to many feature enhancements, the latest version of MacOS introduces several significant security-related changes.



SIMONLINE.SU

This is not only a service for receiving and sending SMS messages to virtual numbers, but also a tutorial on user safety in the modern world, the latest developments in IT, social media security, fresh programs and lessons that simplify our lives. So are other issues encountered by the average user. In simple words, each user will find for themselves something interesting or answers to their questions.

SIMonline © 2020

All rights reserved