At the SecurityByte & OWASP AppSec Conference in India, Roberto Suggi Liverani and Nick Freeman offered insight into the substantial danger posed by Firefox extensions. Mozilla doesn’t have a security model for extensions and Firefox fully
trusts the code of the extensions. There are no security boundaries
between extensions and, to make things even worse, an extension can
silently modify another extension. Read the full article. [Help Net Security]
The Dangers of Firefox Extensions
Author:
Donald Sears
minute read
Share this article:
At the SecurityByte & OWASP AppSec Conference in India, Roberto Suggi Liverani and Nick Freeman offered insight into the substantial danger posed by Firefox extensions. Mozilla doesn’t have a security model for extensions and Firefox fully
trusts the code of the extensions. There are no security boundaries
between extensions and, to make things even worse, an extension can
silently modify another extension. Read the full article. [Help Net Security]