Author Topic: In 2009 Firefox will have its internal firewall module!  (Read 13144 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
In 2009 Firefox will have its internal firewall module!
« on: December 20, 2008, 11:32:39 PM »
Hi malware fighters,

The maker of the popular Firefox plugin NoScript next year will launch a module that will function as kind of an internal firewall inside the opensource browser. Application Boundaries Enforcer (ABE) module is a  "firewall-like component" that sets and checks boundaries for important web applications for users, like Internet banking and webmail. NoScript already can put a halt to a variety of problems like cross-site scripting, CSRF and ClickJacking all being caused by a lack of isolation on web application level.
Read about the project here: http://www.nlnet.nl/project/noscriptabe/

And that is a fundamental problem, according to NoScript-developer Giorgio Maone. "The web has never been invented as an application platform, it therefore lacks important modules to regulate application security. There is no definition of what a "web application" is, or set up boundaries when they run within various domains, a scenario that is quite common through "mash-ups" and "social media."

Just like as with a firewall the rules that ABE handles can be changed quite easily. For the most popular web applications there will be rules available that can be installed automatically. Maone expects his Firefox firewall to be launched during the first quarter of the year 2009: http://hackademix.net/2008/12/20/introducing-abe/
« Last Edit: December 21, 2008, 12:29:04 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: In 2009 Firefox will have its internal firewall module!
« Reply #1 on: December 20, 2008, 11:51:31 PM »
Very interesting. I'm looking forward to this addition.  :)
If it's as good as the no-script plug in for FF, they'll have another winner.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: In 2009 Firefox will have its internal firewall module!
« Reply #2 on: December 21, 2008, 12:10:54 AM »
Hi bob3160,

Yes you make the right observation here. Personally I think ABE will be a step in the right direction where the security of Internet transactions is concerned. It is a good idea to tackle security at the application (process) level, and put full emphasis on checking the integrity of various sources.
These are no half measures, and if this can be combined with a decent identity authentication, one could realize quite an advancement in in-browser security, and that is what this is all about,

polonus

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline alanrf

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3870
  • Just an avast user
Re: In 2009 Firefox will have its internal firewall module!
« Reply #3 on: December 21, 2008, 12:17:00 AM »
I look forward to checking this out next year.

Quote
For the most popular web applications there will be rules available that can be installed automatically.

This feature will be the big plus that could lead to mass adoption.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: In 2009 Firefox will have its internal firewall module!
« Reply #4 on: December 21, 2008, 01:00:37 AM »
Hi alanrf,

This project is specifically focused on developing a new web browser component called ABE, aimed to mitigate or defeat Cross Site Request Forgery (CSRF) attacks against sensitive web applications. This component will be built on the existing request interception, tracing and blocking framework of NoScript, and it will be integrated in NoScript's broader web security infrastructure, together with whitelist-based scripting, active content execution policies, anti-XSS filters, ClearClick anti-ClickJacking protection and HTTPS/Secure Cookies enhancements. After a working ABE implementation as a NoScript component gets completed, a refactoring and repackaging activity to deploy it as a separate “ABE Firefox Add-On” will be done. At the moment there are some 2.000.000 users of NoScript,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline alanrf

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3870
  • Just an avast user
Re: In 2009 Firefox will have its internal firewall module!
« Reply #5 on: December 21, 2008, 01:17:17 AM »
I wonder how the number of active users (as opposed to downloads) is tracked - do you know?

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: In 2009 Firefox will have its internal firewall module!
« Reply #6 on: December 21, 2008, 01:32:52 AM »
Hi alanrf,

Well this info was found here: http://www.nlnet.nl/project/noscriptabe/ so you should address your question there as how they reached that number or what their source was to reach that number of active users?
As servers record the status of the browser with the NoScript extension running, I think it is actually not too difficult to make a fair estimate. As almost every click of a browser lands into a click-stream somewhere, then also browser configurations must not be too difficult to analyze. So the actual number might be slightly more, considering the number of users with Tor, proxified browsers etc. We live in the era of the transparent user, you know,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

TheSpirit

  • Guest
Re: In 2009 Firefox will have its internal firewall module!
« Reply #7 on: December 21, 2008, 07:57:21 AM »
I wonder how the number of active users (as opposed to downloads) is tracked - do you know?
When you install NoScript, you are connected to a congratulations page at NoScript.net with information about your new and previous version of NoScript. Clever.  Maybe this has something to do with it. Didn't you notice?

Hard_ROCKER

  • Guest
Re: In 2009 Firefox will have its internal firewall module!
« Reply #8 on: December 21, 2008, 07:59:21 AM »
I wonder how the number of active users (as opposed to downloads) is tracked - do you know?
When you install NoScript, you are connected to a congratulations page at NoScript.net with information about your new and previous version of NoScript. Clever.  Maybe this has something to do with it. Didn't you notice?

How could he notice that if he doesn't use NoScript ?

TheSpirit

  • Guest
Re: In 2009 Firefox will have its internal firewall module!
« Reply #9 on: December 21, 2008, 08:04:20 AM »
How could he notice that if he doesn't use NoScript ?

True. But in that case, he has no good reason not to use it since he never tried it.  ;)

Hard_ROCKER

  • Guest
Re: In 2009 Firefox will have its internal firewall module!
« Reply #10 on: December 21, 2008, 08:15:37 AM »
He did try as far as i've been able to tell from his posts it's just that i guess he feels like me in this case. Which is it's not worth the hassle. I am sorry but for many of us NoScript is just too big of a pain to use. With the amount of websites i go to it's a real pain to have to allow every one of them. And i have to allow them since those scripts are there for a reason aren't they and without them the functionality of the site breaks. Besides how are you supposed to tell which script is bad or is not bad other than by reviewing it yourself which is quite a time consumer not to mention you have to be a coder to understand it. And how are you supposed to tell that one of your favorite sites which you put on the whitelist isn't infected aswell ? How will NoScript protect you then ? See my point ? NoScript is useless for the average Joe in my opinion and i wouldn't recommend it to a non-geek user.


EDIT: I think i might have mistakenly mixed up the posts of alanrf and FWF in my mind, i know FWF doesn't use NoScript but i am not sure about alanrf. Sorry alanrf if you do actually use NoScript and my post is not correct ...  :)
« Last Edit: December 21, 2008, 08:23:32 AM by darth_mikey »

TheSpirit

  • Guest
Re: In 2009 Firefox will have its internal firewall module!
« Reply #11 on: December 21, 2008, 08:21:04 AM »
Which is it's not worth the hassle. I am sorry but for many of us NoScript is just too big of a pain to use.
Did you think that security comes free without any effort? In that case your time on this forum has been wasted.

Maybe other forums about reckless downloading are more suitable for you?

Hard_ROCKER

  • Guest
Re: In 2009 Firefox will have its internal firewall module!
« Reply #12 on: December 21, 2008, 08:27:01 AM »
Which is it's not worth the hassle. I am sorry but for many of us NoScript is just too big of a pain to use.
Did you think that security comes free without any effort? In that case your time on this forum has been wasted.

Maybe other forums about reckless downloading are more suitable for you?

What does reckless downloading have to do with NoScript and my opinion on it ?
How do you know what i have learned here or that my time has been wasted ?
What makes you think that NoScript is the savior of the planet ?
Who are you to tell me where i should spend my time ?

Hard_ROCKER

  • Guest
Re: In 2009 Firefox will have its internal firewall module!
« Reply #13 on: December 21, 2008, 08:58:37 AM »
What are you chickening out *again* ? C'mon let's hear you answer the questions from both of my posts. Don't know the answers do you ?


BTW you guys that use NoScript could once in a while mention that NoScript does protect you from XSS and Clickjacking attacks even if you have the all scripts allowed globally setting turned on.
« Last Edit: December 21, 2008, 09:07:13 AM by darth_mikey »

TheSpirit

  • Guest
Re: In 2009 Firefox will have its internal firewall module!
« Reply #14 on: December 21, 2008, 09:05:29 AM »
C'mon let's hear you answer the questions from both of my posts.
Who are you to suggest how I should use my time?   8)