Firefox3.6/Plugin Update Awareness Security Review: Difference between revisions

Jump to navigation Jump to search

Firefox3.6/Plugin Update Awareness Security Review (view source)

Revision as of 21:16, 2 November 2009

96 bytes added ,  2 November 2009
→‎Review comments
Line 91: Line 91:


is the blocklist transferred to users in a way that's authenticated, or it is vulnerable to MITM?
is the blocklist transferred to users in a way that's authenticated, or it is vulnerable to MITM?
* The default plugins.update.url is on https://www.mozilla.com/, but who knows what Ubuntu's is


since the warning is an infobar, can users tell the difference between our feature (sending them to adobe.com) and a malicious advertisement (sending them elsewhere)?
since the warning is an infobar, can users tell the difference between our feature (sending them to adobe.com) and a malicious advertisement (sending them elsewhere)?
Jesse
Confirmed users
729

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/180111"

Navigation menu