canmove, Confirmed users
1,220
edits
SecurityEngineering/Newsletter: Difference between revisions
Jump to navigation
Jump to search
add link to sha1 blog post
Ptheriault (talk | contribs) (q1 update (for real this time)) |
Ptheriault (talk | contribs) (add link to sha1 blog post) |
||
| Line 4: | Line 4: | ||
* Firefox now [https://blog.mozilla.org/security/2017/01/20/communicating-the-dangers-of-non-secure-http/ warns users] when their passwords are being sent over HTTP | * Firefox now [https://blog.mozilla.org/security/2017/01/20/communicating-the-dangers-of-non-secure-http/ warns users] when their passwords are being sent over HTTP | ||
* Firefox explicitly distrusts the use of SHA-1 signatures in TLS certificates | * Firefox [https://blog.mozilla.org/security/2017/02/23/the-end-of-sha-1-on-the-public-web/ explicitly distrusts the use of SHA-1] signatures in TLS certificates | ||
* Firefox Containers, an experimental privacy tool, is available to all users [https://testpilot.firefox.com/experiments/containers/ via test-pilot] | * Firefox Containers, an experimental privacy tool, is available to all users [https://testpilot.firefox.com/experiments/containers/ via test-pilot] | ||
* We reached another milestone in the [https://wiki.mozilla.org/Security/Sandbox Security Sandbox] project, enabling content process sandboxing on release OS X in Firefox 52. (Windows was previously enabled in Firefox 50 and Linux is enabled in Firefox 54, which is targeted for a June release) | * We reached another milestone in the [https://wiki.mozilla.org/Security/Sandbox Security Sandbox] project, enabling content process sandboxing on release OS X in Firefox 52. (Windows was previously enabled in Firefox 50 and Linux is enabled in Firefox 54, which is targeted for a June release) | ||