X
Tap here to go to the mobile version of the site.
Scheduled maintenance: Monday, March 30, between 3:30pm and 5:30pm UTC. This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn’t solve your issue and you want to ask a question, we have our support community waiting to help you at @firefox on Twitter

Support Forum

followed Mozilla's instructions to disable encryption warning prompts but they still keep appearing

Posted

Ecryption warning boxes keep appearing despite having followed Mozilla's instructions on how to disable these prompts! Can anyone help please.

Ecryption warning boxes keep appearing despite having followed Mozilla's instructions on how to disable these prompts! Can anyone help please.

Chosen solution

This particular Security Warning dialog can't be disabled - see the image I uploaded. But you can "Continue" by clicking the Enter key on the keyboard, instead of clicking on the "Continue" button in that dialog box, so you don't have to use the mouse and take a hand off the keyboard.

If you wonder why Mozilla shows that message and doesn't provide a method to disable it, do a search for "Firesheep" and "Blacksheep". Users on wireless connections are especially vulnerable to having their communications intercepted when the data stream is not encrypted. There is an illusion of security by a website having an encrypted connection for logging into a website, but the cookie (that retains that login information) the website sets is "out in the open" when the connection switches to unencrypted when leaving that login page.That cookie can be used to impersonate you and gives the user access to your account.

That's like a bank having a vault with a foot thick steel door, but the walls of the vault are made of wallboard instead of foot thick concrete. The door is secure, but anyone can punch thru the wallboard to access the contents of the vault.

https://www.eff.org/pages/how-deploy-https-correctly

Read this answer in context 3

Additional System Details

Installed Plug-ins

  • Default Plug-in
  • Shockwave Flash 10.0 r42
  • 4.0.50917.0
  • Office Authorization plug-in for NPAPI browsers
  • The plug-in allows you to open and edit files using Microsoft Office applications
  • NPWLPG
  • Google Update
  • Adobe PDF Plug-In For Firefox and Netscape "9.4.0"

Application

  • User Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12

More Information

Ecryption warning boxes keep appearing despite having followed Mozilla's instructions on how to disable these prompts! Can anyone help please.

cor-el
  • Top 10 Contributor
  • Moderator
17849 solutions 161543 answers

What kind of encryption warnings do you get and on which websites?

What kind of encryption warnings do you get and on which websites?

Question owner

Words to the effect that I am about to view an encrypted page that third parties may be able to read and inviting me to either continue or cancel. As far as I have noticed this only seems to happen (not every time) after I have first turned on my computer and click onto my hotmail or Mozilla (MSN) homepage.

Words to the effect that I am about to view an encrypted page that third parties may be able to read and inviting me to either continue or cancel. As far as I have noticed this only seems to happen (not every time) after I have first turned on my computer and click onto my hotmail or Mozilla (MSN) homepage.
the-edmeister
  • Top 25 Contributor
  • Moderator
5433 solutions 40562 answers

Chosen Solution

This particular Security Warning dialog can't be disabled - see the image I uploaded. But you can "Continue" by clicking the Enter key on the keyboard, instead of clicking on the "Continue" button in that dialog box, so you don't have to use the mouse and take a hand off the keyboard.

If you wonder why Mozilla shows that message and doesn't provide a method to disable it, do a search for "Firesheep" and "Blacksheep". Users on wireless connections are especially vulnerable to having their communications intercepted when the data stream is not encrypted. There is an illusion of security by a website having an encrypted connection for logging into a website, but the cookie (that retains that login information) the website sets is "out in the open" when the connection switches to unencrypted when leaving that login page.That cookie can be used to impersonate you and gives the user access to your account.

That's like a bank having a vault with a foot thick steel door, but the walls of the vault are made of wallboard instead of foot thick concrete. The door is secure, but anyone can punch thru the wallboard to access the contents of the vault.

https://www.eff.org/pages/how-deploy-https-correctly

This particular Security Warning dialog can't be disabled - see the image I uploaded. But you can "Continue" by clicking the Enter key on the keyboard, instead of clicking on the "Continue" button in that dialog box, so you don't have to use the mouse and take a hand off the keyboard. If you wonder why Mozilla shows that message and doesn't provide a method to disable it, do a search for "Firesheep" and "Blacksheep". Users on wireless connections are especially vulnerable to having their communications intercepted when the data stream is not encrypted. There is an illusion of security by a website having an encrypted connection for logging into a website, but the cookie (that retains that login information) the website sets is "out in the open" when the connection switches to unencrypted when leaving that login page.That cookie can be used to impersonate you and gives the user access to your account. That's like a bank having a vault with a foot thick steel door, but the walls of the vault are made of wallboard instead of foot thick concrete. The door is secure, but anyone can punch thru the wallboard to access the contents of the vault. https://www.eff.org/pages/how-deploy-https-correctly

Question owner

Thanks for enlightening me. Have googled Firesheep, still in the process of researching - reading all the 'for' and 'against' blogs - but not sure I will install it. Nevertheless, very interesting and something to think about. Once again, thanks for your help.

Thanks for enlightening me. Have googled Firesheep, still in the process of researching - reading all the 'for' and 'against' blogs - but not sure I will install it. Nevertheless, very interesting and something to think about. Once again, thanks for your help.
Allen Clark 0 solutions 3 answers

Helpful Reply

If Firefox provides a function to disable security warnings, that function should work, and it has in the past. "This particular Security Warning dialog can't be disabled..." is an unacceptable response.

This security warning can be and has been disabled in the past; the question is why is it now reappearing? In my case, it seems to be because I added the EFF plug-in for HTTPS Everywhere. Even though I uninstalled it, I still get the security warning every time I go to the Washington Post website, which I do every day. There's clearly an association here, and the resulting dysfunction needs to be addressed by Mozilla.

If Firefox provides a function to disable security warnings, that function should work, and it has in the past. "This particular Security Warning dialog can't be disabled..." is an unacceptable response. This security warning can be and has been disabled in the past; the question is why is it now reappearing? In my case, it seems to be because I added the EFF plug-in for HTTPS Everywhere. Even though I uninstalled it, I still get the security warning every time I go to the Washington Post website, which I do every day. There's clearly an association here, and the resulting dysfunction needs to be addressed by Mozilla.

Question owner

Thanks for your reply. I still get this security warning practically every time I click onto my MSN homepage. I just put up with it now but if you ever discover the secret of how to disable it, please let me know, it would be much appreciated.

Thanks for your reply. I still get this security warning practically every time I click onto my MSN homepage. I just put up with it now but if you ever discover the secret of how to disable it, please let me know, it would be much appreciated.
cor-el
  • Top 10 Contributor
  • Moderator
17849 solutions 161543 answers

You can avoid it by not logging in via the MSN home page but by going directly to the https://login.live.com page to login. That way you avoid the switch from a secure to an insecure connection by clicking a link on the MSN page. It is caused by getting redirected back to a http page after you have logged on or visited a web page via a secure https connection and POST data or cookies are send to that page.

You can avoid it by not logging in via the MSN home page but by going directly to the https://login.live.com page to login. That way you avoid the switch from a secure to an insecure connection by clicking a link on the MSN page. It is caused by getting redirected back to a http page after you have logged on or visited a web page via a secure https connection and POST data or cookies are send to that page.
OrsonJoseph 0 solutions 1 answers

Helpful Reply

Well, I'm still confused. Do you go under Tools - Advanced - Encryption & change to the option that says don't notify me every time (or something to that effect) vs. the one that say to notify me every time? Is it okay to go from encrypted FireFox to unencrypted sites? I'm getting this message whenever I log into Yahoo, FaceBook, Google, anything that seems legit & not some email spam scam attachment or obviously questionable sites. Are most internet providers & websites unencrypted?

Well, I'm still confused. Do you go under Tools - Advanced - Encryption & change to the option that says don't notify me every time (or something to that effect) vs. the one that say to notify me every time? Is it okay to go from encrypted FireFox to unencrypted sites? I'm getting this message whenever I log into Yahoo, FaceBook, Google, anything that seems legit & not some email spam scam attachment or obviously questionable sites. Are most internet providers & websites unencrypted?

Question owner

I still get this encryption messages appears when I log onto my MSN homepage after first switching on my laptop, even if I log in via the https://login etc. link as was suggested by cor-el. After that it behaves when I log in and out until the next time I shut down and then switch on again. It only happens with my MSN homepage, no other sites. I wonder if it has anything to do with the country you are in. I'm in the UK. Maybe it behaves differently in the US; I notice adcva has trouble with the Washington Post. I've tested this and no trouble my end! Also no trouble with Yahoo, Facebook and Google - are you in the US OrsonJoseph?

I still get this encryption messages appears when I log onto my MSN homepage after first switching on my laptop, even if I log in via the https://login etc. link as was suggested by cor-el. After that it behaves when I log in and out until the next time I shut down and then switch on again. It only happens with my MSN homepage, no other sites. I wonder if it has anything to do with the country you are in. I'm in the UK. Maybe it behaves differently in the US; I notice adcva has trouble with the Washington Post. I've tested this and no trouble my end! Also no trouble with Yahoo, Facebook and Google - are you in the US OrsonJoseph?
KarensCousin 0 solutions 4 answers

When the Alert "you are about to view an encrypted page, etc." appears, at the bottom of that same warning is a box you can uncheck to stop getting this warning. I just unchecked it and hope it will work.

When the Alert "you are about to view an encrypted page, etc." appears, at the bottom of that same warning is a box you can uncheck to stop getting this warning. I just unchecked it and hope it will work.

Question owner

Sorry, but no such 'uncheck box' appears at the bottom of my encryption Alert warning...but thanks for trying!

Sorry, but no such 'uncheck box' appears at the bottom of my encryption Alert warning...but thanks for trying!
daneyuleb 0 solutions 2 answers

Still doesn't explain why an exception list can't be made.

It silly that major, major sites like my.msn.com, which many use as a home page, generate a warning on first use..every...freaking....time.

Despite numerous complaints of 3.x, behold...the same exact crap with 4.

Chrome. Chrome. Chrome. Chrome.

Still doesn't explain why an exception list can't be made. It silly that major, major sites like my.msn.com, which many use as a home page, generate a warning on first use..every...freaking....time. Despite numerous complaints of 3.x, behold...the same exact crap with 4. Chrome. Chrome. Chrome. Chrome.