Showing questions tagged: Show all questions

fake site not detected

Hello, I have the current Firefox version (93.0) running on XUbuntu 20.04.03 LTS. Accidentally pasted the URL of a known phishing site (obtained from Phishtank) into the … (read more)

Hello,

I have the current Firefox version (93.0) running on XUbuntu 20.04.03 LTS. Accidentally pasted the URL of a known phishing site (obtained from Phishtank) into the address bar instead of a VirusTotal search box, and it browsed to the site. Verified in https://transparencyreport.google.com/safe-browsing/search?url=https:%2F%2Fdocs.google.com%2Fforms%2Fd%2Fe%2F1FAIpQLSeAhelw8U_QuFyvJDmAn4aYM-H6QXYahD7ZjaFXC6CdyuxaNQ%2Fviewform%3Fusp%3Dsend_form&hl=en that the site is blacklisted.

I thought that Google Safebrowsing is enabled by default? (Checked about:config and saw that the "safebrowsing" settings that are bold are the ones with timestamps e.g. lastupdatetime and nextupdatetime.)

Asked by 4232jl 3 days ago

Last reply by jonzn4SUSE 10 hours ago

Firefox Updates

My personal computer in 'About Firefox" now shows the message 'Updates disabled by your systems administrator'. It's my machine; I'm the administrator but it won't allow … (read more)

My personal computer in 'About Firefox" now shows the message 'Updates disabled by your systems administrator'. It's my machine; I'm the administrator but it won't allow me to update Firefox. Current Version 92.01 running on Windows 7 (64-bit)

Asked by t.zuchowski 4 days ago

Last reply by cor-el 12 hours ago

On my bank account the information for password does not display

I signed up for online access to one of my bank accounts and thought Firefox would remember my log-in information, but it does not display. Instead all it shows is •••. H… (read more)

I signed up for online access to one of my bank accounts and thought Firefox would remember my log-in information, but it does not display. Instead all it shows is •••. How can I see my information?

Asked by chenderson2 1 day ago

Last reply by jscher2000 1 day ago

Firefox 93.0 update - Secure Connection Failed

After updating to Firefox 93.0 , I'm getting this error constantly when trying to access my Ubiquiti wireless equipment: Secure Connection Failed An error occurred duri… (read more)

After updating to Firefox 93.0 , I'm getting this error constantly when trying to access my Ubiquiti wireless equipment:


Secure Connection Failed

An error occurred during a connection to 10.1.0.1:8xxx. Certificate key usage inadequate for attempted operation.

Error code: SEC_ERROR_INADEQUATE_KEY_USAGE

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem.'


Everything worked fine before update, and still works fine on Chrome etc.

I've tried turning off all security settings (I think), but nothing seems to help.

I understand some security changes were included in this update. How do I reverse them, or even better downgrade, without losing all my windows, tabs etc (I run 3 windows and 100's a tabs 24/7, not keen to lose progress, or have to start using a new browser).

Thank you in advance.

Asked by craigrjones78 2 days ago

Last reply by FredMcD 2 days ago

How to get the plaintext of a Secret Key Entry in Mozilla NSSDB PKCS11?

I have a mozilla NSSDB PKCS11, it includes one of three things. Certificates, keys, and SecretKeyEntry. I would like to know the content of a SecretKeyEntry with the alia… (read more)

I have a mozilla NSSDB PKCS11, it includes one of three things. Certificates, keys, and SecretKeyEntry. I would like to know the content of a SecretKeyEntry with the alias "StoreXKey". Firstly, is extracting the plaintext of a SecretKeyEntry possible? I seem to think so because of links: https://technosock.blogspot.com/2007/12/token-knowledge.html and https://docs.oracle.com/javase/8/docs/api/java/security/KeyStore.SecretKeyEntry.html#getSecretKey

First link gives a way to do it ( which doesn't work for me ) the second link gives us a few methods, namely .getEncoded() which can supposedly be called on a SecretKeyEntry to get the byte array information.

Here is my code thus far, all results hit a null pointer exception when using the getEncoded message. I am sure the SecretKeyEntry exists in the NSSDB.

String configFile = "config.cfg"; Provider provider = Security.getProvider("SunPKCS11"); // I am confused on how to incorporate the config file as well. /* provider = provider.configure(configFile); // Does not work */ Security.addProvider(provider);

String defaultPIN = "--.--.--.--.----.-...-.--"; try{

  KeyStore ks = KeyStore.getInstance("PKCS11");
  ks.load(null, defaultPIN.toCharArray());
  KeyStore.SecretKeyEntry skEntry = (KeyStore.SecretKeyEntry) ks.getEntry("StoreXKey",null); // Do I need a password protector here?
  System.out.println(new String(skEntry.getSecretKey().getEncoded())); <-- Error is thrown here. 

}catch (Exception e){

  e.printStackTrace();

} Any help / advice or links are appreciated.

Asked by az19agent 2 days ago

Last reply by jscher2000 2 days ago

Recaptcha and communication with Paypal has stopped working for my website, but only for Firefox

I run my church's website and I noticed recently that all the pages using Google recaptcha and thouse connecting to paypal have stopped working, but only when the user u… (read more)

I run my church's website and I noticed recently that all the pages using Google recaptcha and thouse connecting to paypal have stopped working, but only when the user uses firefox with the container option. Here's one page https://ststephensaz.org/parish-life/prayer-request/ on this page is a plugin that creates the form and it connects to the google recaptcha to keep bots out, but on the FF browser the google recaptcha never returns a green check or the visual verification popup. This used to work, but when firefox instituted the container security they stopped. This page works fine for all other browsers...

Asked by msowards 4 days ago

Last reply by FredMcD 4 days ago

Autofill personal details

Is it possible to autofill personal details on websites I have looked in the privacy and security settings and every thing seems to specifically refer to en us users. I a… (read more)

Is it possible to autofill personal details on websites I have looked in the privacy and security settings and every thing seems to specifically refer to en us users. I am an en gb user

Nightly

   Address Autofill: Available for all users in en-US builds (with US/CA/DE addresses [see extensions.formautofill.supportedCountries]).

Beta

   Address Autofill: Available for users using an en-US build and located in the US with US addresses.

Release

   Address Autofill: Rolled out to users using an en-US build and located in the US with US addresses.
   Credit Card Autofill: Not available.

Asked by Malcolm George 4 days ago

Last reply by jscher2000 4 days ago

HTTPS-Only Mode Exemptions

Hi all. Trying to be safer on the web I use the Https- Only Mode all windows, though some trusted web sites I will allow to be exempted. One is the Australian weather bu… (read more)

Hi all.

Trying to be safer on the web I use the Https- Only Mode all windows, though some trusted web sites I will allow to be exempted.

One is the Australian weather bureau website which recently stopped being a Https site. (www.bom.gov.au)

I have entered the following addresses into exemptions *Image 1 attached

http://bom.gov.au http://www.bom.gov.au https://bom.gov.au https://www.bom.gov.au

However on opening a new tab in a private window ... and type "bom.gov.au" *image 2 attached.

I'm taken to an error page (http://www.bom.gov.au/akamai/https-redirect.html) saying that the web site no longer is Https. (I tried entering that full address in exemptions but only shortens it back to bom.gov.au)

Interesting the tab still shows the little padlock that indicates the tab is still requesting Https Only Mode?

If I turn that to Off, I proceed to the site and then if I look into the Exemptions the following has been added to my list *image 3 attached.

http://www.bom.gov.au^privateBrowsingid=1 set to "Off Temporary"

(I tried deleting that full address line and re-entering it to set it to "Turn Off" but its fails)

Is there a permanent workaround ???

Asked by Greg 1 month ago

Last reply by jscher2000 5 days ago

A deceptive site no way Im in google my Business someone is reporting it fraugently

hello My site has no 3rd party ads and I'm not going to have ads only the Business and news nothing else someone is Jealous or Vindictive for reporting all my websites My… (read more)

hello My site has no 3rd party ads and I'm not going to have ads only the Business and news nothing else someone is Jealous or Vindictive for reporting all my websites

My website and I don't have 3 party ads working with google

Asked by ZarMan 6 days ago

Last reply by FredMcD 5 days ago

Searchbaron highjacking Firefox every Monday morning

Every Monday morning Firefox is highjacked by Searchbaron replacing my default Google search engine with a fake Google browser. I have tried several options suggested onl… (read more)

Every Monday morning Firefox is highjacked by Searchbaron replacing my default Google search engine with a fake Google browser. I have tried several options suggested online but no success. Any "latest tips " for this problem? Much appreciated.

Asked by jeremyborthwick 6 days ago

Last reply by FredMcD 6 days ago

History and Deletion

Hello, Is there a way on Firefox Browser to permanently delete a URL from my History and have it not record future searches for that URL? Example: I delete URL on Histor… (read more)

Hello, Is there a way on Firefox Browser to permanently delete a URL from my History and have it not record future searches for that URL?

Example: I delete URL on History. I search for that URL again. I look back in my History and find that URL not recorded in the History. In other words, no matter how many times I use that URL, it will not pop in my History ever, that being a selective, automatic URL deletion from the web History for all future searches of that URL.

Thanks, Austin Reynolds

Asked by austindavidr 6 days ago

Last reply by cor-el 6 days ago

primary password

I testd my My primary password security after powering up my PC and access can be had to my PC by cancelling the primary password box. In other words, it is ineffective a… (read more)

I testd my My primary password security after powering up my PC and access can be had to my PC by cancelling the primary password box. In other words, it is ineffective and can be overrided. How do I correct that? Thanks

Asked by martinferreira 6 days ago

Last reply by jscher2000 6 days ago

Enabling addons on per website basis

Hi, I found some discussion related (https://discourse.mozilla.org/t/disable-add-ons-on-specific-website/33693) but no solution yet. This is imho a big flaw in the privac… (read more)

Hi,

I found some discussion related (https://discourse.mozilla.org/t/disable-add-ons-on-specific-website/33693) but no solution yet.

This is imho a big flaw in the privacy of users.

There are trivial cases, for example if I use a YouTube downloader plugin, I obviously want it to monitor my browsing ONLY when I'm on youtube.com...

And there are some critical cases: when I browse my web banking, or when I go on some trading website, I don't want my financial operations to be at risk because of an add-on that is very useful everywhere but on those site.

However, I don't want to exclude all the add-ons for those website too, that would be just too much.

I think there's already a coding base in place, since you can disable each add-on when using private windows. This could be enhanced by having a system of whitelist/blacklist instead. And this feature would actually make more sense than using a private window.

Another way would be to have this feature on per container, instead of per website, than would work well too.

People have different activities, and some requires useful plugins, that are very specific. I mean Keepass's add-on (for example) is useful everywhere, but many add-ons are related to one activity at a time.

For example, if I'm a marketer and want to analyze website, I'll use add-ons for having stats on metadata or keywords or even real time reports from Alexa or from AliExpress, etc...

But when I'm reading my email, I'm not happy those add-ons can see my data.

That would be tedious to disable all those plugins every time I change activity, especially since we are productive humans so obviously we need to alternate those activities doing multitask all the time.

And the private window option is not flexible enough for that kind of multitasking, when containers are.

I hope this helps everyone understand clearly why I think my request is not only a real user need, but also currently a flaw in users privacy since most people will not trade the comfort of their add-ons for some privacy concern they don't always understand...

I know this is some kind of feature request more than ask for help, but https://qsurvey.mozilla.com/s3/FirefoxInput/ is out of service so I don't know where to address my concern here.

Thanks for helping me pushing this idea forward.

Asked by Stopi 1 week ago

Last reply by Seburo 1 week ago

I want my logged session password.

@mozilla Only Firefox browser is logged in my Facebook account. Login and password are not saved. If I loose session, account is gone. Please help view and save my pass… (read more)

@mozilla

 Only Firefox browser is logged in my Facebook account. Login and password  are not saved. If I loose session, account is gone. Please help view and save my password.

Asked by MSolar 1 week ago

Last reply by cor-el 1 week ago