CFA/Security-Notes
< CFA
Jump to navigation
Jump to search
« Comparative Feature Analyses
« Security Research
Purpose
Examine a bunch of browsers, existing Firefox Add-ons, and web services to generate a report that describes:
- Which capabilities each has
- A summary of where each is different/unique
- Some conclusions about which aspects seem most innovative and interesting that we might want to consider for Firefox
Research
General capabilities
The following will be done in a table with notes and observations following as footnotes.
- - include malware detection and anti-phishing as security categories
- - identify capabilities before diving in
- - exclude "private browsing"/privacy
- -openID
- - users click through warnings dialogs, ignore security indicators, and focus on completing tasks. security indicators are out of the way and hard to interpret, terminology is confusing
- - security UI must balance obviousness with unintrusiveness, convey clarity in reasonable size, and reflect complexity with simplicity - talk to Jonathan Nightingale
- bookmarklets
- blacklisting
- whitelisting
- AJAX
- surf by ip protection
- download actions - don't downloda
- security preferences
- phishing protection
- make easier to report phishing sites
- implementing phishing filter that learns automatically - integration w/ phishTank
- script execution
- pop ups
- secure defaults/ no security pop-ups
- restricted javascript
- cookies
Malware detection
Anti-phishing
Other
Browsers to investigate
- Firefox 2
- Camino
- Flock
- iCab
- IE 7
- Maxthon
- Netscape
- OmniWeb
- Opera
- Safari
- SeaMonkey
- Shiira
Add-ons to investigate
Firefox
- Adblock
- NoScript