| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: raoul at elforsoft.com (Raoul Nakhmanson-Kulish)
Subject: IE is just as safe as FireFox
Hello, Danny!
> This makes sense now, thanks Raoul!
> One more question: to make things more secure, do you have any tips on
> what settings to change in the firefox.js file? It's contains a lot of
> info. :)
Very usable references here:
http://thegoldenear.org/toolbox/windows/docs/mozilla-pre-config.html
http://flii.us/myworks/phoenix/pages/user.html
http://www.guether.de/links/moz-mods.html (in German)
We have settings listed below. Not for FF but for Mozilla Seamonkey
because we use scheme described above about year in our company :)
But FF generally has same settings, if no, anybody might correct me.
----- default\prefs\browser-prefs.js -----
pref("wallet.crypto",true);
// Encrypt saved passwords by default
pref("wallet.crypto.autocompleteoverride", true);
// Ignore 'autocomplete=off' at web pages
pref("update_notifications.enabled", false);
// Turn off autoupdate: this is unusable for R/O share
pref("privacy.popups.first_popup", false);
// Turn off popup blocker welcome message
----- greprefs\all.js -----
pref("dom.disable_window_open_feature.status", true);
pref("dom.disable_window_status_change", true);
// Make status bar always visible and disable status spoofing
pref("dom.disable_window_open_feature.titlebar", true);
pref("dom.disable_window_open_feature.close", true);
pref("dom.disable_window_open_feature.minimizable", true);
// Prevent javascripts from disable titlebar, close and minimize buttons
pref("dom.disable_open_during_load", true);
// Turn popup blocker on
pref("network.image.imageBehavior", 1);
// Load images from originating server only,
// redices net traffic and privacy leaks
pref("network.proxy.autoconfig_url", "http://myproxy/autocfg.script");
// Enter URL of your proxy autoconfig here (if present)
// OR
// If you want to set up proxy manually, enter values below:
pref("network.proxy.type", 1);
pref("network.proxy.ftp", "myproxy_dns_or_ip");
pref("network.proxy.ftp_port", myproxy_port);
pref("network.proxy.gopher", "myproxy_dns_or_ip");
pref("network.proxy.gopher_port", myproxy_port);
pref("network.proxy.http", "myproxy_dns_or_ip");
pref("network.proxy.http_port", myproxy_port);
pref("network.proxy.ssl", "myproxy_dns_or_ip");
pref("network.proxy.ssl_port", myproxy_port);
pref("network.proxy.no_proxies_on", "your intranet servers list here");
pref("network.cookie.cookieBehavior", 1);
// Accept cookies from originating server only, redices privacy leaks
--
Best regards,
Raoul Nakhmanson-Kulish
Elfor Soft Ltd.,
ERP Department
http://www.elforsoft.ru/
Powered by blists - more mailing lists