X
Tap here to go to the mobile version of the site.

Support Forum

How can I Remove Firefox Hello in a high-security environment?

Posted

Hi,

After a recent Firefox update in a test environment for a high-security environment (I'm not at liberty to disclose the nature of this environment, sorry. Let's just say we have to disable Firefox from contacting Mozilla's servers and further disable Google's "Safe Browsing" due to possibility of inadvertent unauthorized disclosure) We have noticed a feature: "Firefox Hello", this feature causes Firefox to violate strict policy as it transforms it from being classified as strictly a "Web Browser" (which is permitted) to a "Chat Application", all of which are completely banned. Simply disabling Hello is not a sufficient option as Firefox still contains the code to run Hello, which still constitutes it a "Chat Application" as per policy. We have the capability to edit out unauthorized code from open source software internally, but we don't know where to start to remove this code from the Firefox codebase as Hello seems pretty well integrated.

Currently I only have two options, both of which do not please me as for me personally, (I really like Firefox and have fought to include it in any environment I can):

1. Discontinue permanent use of Firefox.

2. Discontinue updating Firefox permanently or until Hello is removed as a non-modular element. This is unacceptable as it'd mean we can't keep it secure, which causes us to fall back to (1).

I would graciously like any third option. Internet Explorer seems to be the only browser that provides sufficient enterprise-level control without extraneous features at the moment with the addition of Hello to Firefox. We have banned Chrome from our environment due to how tightly bound it is with Google's "Cloud" services and hope that Firefox isn't becoming a "Cloud" browser for Mozilla, Sync has already placed Firefox under the microscope as it is.

Thank you.

Hi, After a recent Firefox update in a test environment for a high-security environment (I'm not at liberty to disclose the nature of this environment, sorry. Let's just say we have to disable Firefox from contacting Mozilla's servers and further disable Google's "Safe Browsing" due to possibility of inadvertent unauthorized disclosure) We have noticed a feature: "Firefox Hello", this feature causes Firefox to violate strict policy as it transforms it from being classified as strictly a "Web Browser" (which is permitted) to a "Chat Application", all of which are completely banned. Simply disabling Hello is not a sufficient option as Firefox still contains the code to run Hello, which still constitutes it a "Chat Application" as per policy. We have the capability to edit out unauthorized code from open source software internally, but we don't know where to start to remove this code from the Firefox codebase as Hello seems pretty well integrated. Currently I only have two options, both of which do not please me as for me personally, (I really like Firefox and have fought to include it in any environment I can): 1. Discontinue permanent use of Firefox. 2. Discontinue updating Firefox permanently or until Hello is removed as a non-modular element. This is unacceptable as it'd mean we can't keep it secure, which causes us to fall back to (1). I would graciously like any third option. Internet Explorer seems to be the only browser that provides sufficient enterprise-level control without extraneous features at the moment with the addition of Hello to Firefox. We have banned Chrome from our environment due to how tightly bound it is with Google's "Cloud" services and hope that Firefox isn't becoming a "Cloud" browser for Mozilla, Sync has already placed Firefox under the microscope as it is. Thank you.

Modified by ZRXXX

Additional System Details

Application

  • User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:37.0) Gecko/20100101 Firefox/37.0

More Information

Standard8 38 solutions 212 answers

Are you not concerned about WebRTC in general in this situation? This is part of Firefox, Chrome and a few other browsers. Visiting a simple website would turn the browser into a "Chat Application" (e.g. https://talky.io/).

There's various ways you can turn off parts of Firefox, in a way that if properly configured, the user wouldn't be able to turn them back on, even though the code is there. Here's the starting link for how to set up those configuration options:

https://developer.mozilla.org/Firefox/Enterprise_deployment

You'd want to turn off various prefs, for webrtc I think you'd be looking at:

media.getusermedia.browser.enabled media.peerconnection.enabled

For Firefox Hello, its:

loop.enabled

If disabling them in the way described isn't enough, then you'll probably need to modify the source and maintain it.

There's a --disable-webrtc build option. Hello itself doesn't have a build option, it only has the preference. The main part of the code for it lives in brower/components/loop.

Are you not concerned about WebRTC in general in this situation? This is part of Firefox, Chrome and a few other browsers. Visiting a simple website would turn the browser into a "Chat Application" (e.g. https://talky.io/). There's various ways you can turn off parts of Firefox, in a way that if properly configured, the user wouldn't be able to turn them back on, even though the code is there. Here's the starting link for how to set up those configuration options: https://developer.mozilla.org/Firefox/Enterprise_deployment You'd want to turn off various prefs, for webrtc I think you'd be looking at: media.getusermedia.browser.enabled media.peerconnection.enabled For Firefox Hello, its: loop.enabled If disabling them in the way described isn't enough, then you'll probably need to modify the source and maintain it. There's a --disable-webrtc build option. Hello itself doesn't have a build option, it only has the preference. The main part of the code for it lives in brower/components/loop.
cor-el
  • Top 10 Contributor
  • Moderator
17786 solutions 160898 answers

You can set loop.enabled to false and possibly loop.server to an empty String.

//
lockPref("loop.enabled", false);
lockPref("loop.server", "");

You can use a mozilla.cfg file in the Firefox program folder to lock prefs or specify new (default) values.

Place a local-settings.js file in the defaults\pref folder where also the channel-prefs.js file is located to specify using mozilla.cfg.

pref("general.config.filename", "mozilla.cfg");
pref("general.config.obscure_value", 0);

These functions can be used in the mozilla.cfg file:

defaultPref();	// set new default value
pref();		// set pref, allow changes in current session
lockPref();	// lock pref, disallow changes

See:

You can set loop.enabled to false and possibly loop.server to an empty String. <pre><nowiki>// lockPref("loop.enabled", false); lockPref("loop.server", "");</nowiki></pre> ---- You can use a mozilla.cfg file in the Firefox program folder to lock prefs or specify new (default) values. Place a local-settings.js file in the defaults\pref folder where also the channel-prefs.js file is located to specify using mozilla.cfg. pref("general.config.filename", "mozilla.cfg"); pref("general.config.obscure_value", 0); These functions can be used in the mozilla.cfg file: defaultPref(); // set new default value pref(); // set pref, allow changes in current session lockPref(); // lock pref, disallow changes See: *http://kb.mozillazine.org/Locking_preferences *http://mike.kaply.com/2012/03/16/customizing-firefox-autoconfig-files/ *http://mike.kaply.com/2014/01/08/can-firefox-do-this/

Question owner

We have WebRTC traffic blocked (We have a setup that audits SSL traffic before it leaves or enters the network).

Our primary issue with Hello is that policy classifies the actual code used to run it as being very much like an Easter Egg, code that was inserted that goes beyond the spec of being a web browser and thus difficult to audit. It's easy to block services in general, but when an a single unauthorized service becomes a core feature and has code strapped to the browser, that throws up red flags that Mozilla is moving Firefox away from being a organization-managable browser and more toward an exclusively mozilla-managed "Cloud" browser, where there is a possibility that Mozilla will seek more control over user experience that will increase attack surface.

It's reasons like this we decline to install Chrome into our environment, because Google has several services built-in to the core of their browser and do not leverage their extensions capabilities, but rather mandates that these features "must be installed" and that users can only toggle them off.

It's easy to uninstall an extension or to recompile with a flag, but it's hard when a vendor makes decisions for you and tells you "This is good for you, you must embrace it" irrespective of policy of organizations or even individual users wishes.

Thank you all for this information, it will help our future audits and help determine if Firefox is right for our needs.

Unfortunately I can't mark this thread as "Solved" since the root issue is still not solved (Mozilla's development practices making something that should be an extension, a core aspect of the browser), so marking it solved would be a lie. But thank you both nonetheless.

We have WebRTC traffic blocked (We have a setup that audits SSL traffic before it leaves or enters the network). Our primary issue with Hello is that policy classifies the actual code used to run it as being very much like an Easter Egg, code that was inserted that goes beyond the spec of being a web browser and thus difficult to audit. It's easy to block services in general, but when an a single unauthorized service becomes a core feature and has code strapped to the browser, that throws up red flags that Mozilla is moving Firefox away from being a organization-managable browser and more toward an exclusively mozilla-managed "Cloud" browser, where there is a possibility that Mozilla will seek more control over user experience that will increase attack surface. It's reasons like this we decline to install Chrome into our environment, because Google has several services built-in to the core of their browser and do not leverage their extensions capabilities, but rather mandates that these features "must be installed" and that users can only toggle them off. It's easy to uninstall an extension or to recompile with a flag, but it's hard when a vendor makes decisions for you and tells you "This is good for you, you must embrace it" irrespective of policy of organizations or even individual users wishes. Thank you all for this information, it will help our future audits and help determine if Firefox is right for our needs. Unfortunately I can't mark this thread as "Solved" since the root issue is still not solved (Mozilla's development practices making something that should be an extension, a core aspect of the browser), so marking it solved would be a lie. But thank you both nonetheless.

Modified by ZRXXX