dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
6
OZO
Premium Member
join:2003-01-17

OZO to BandHeight

Premium Member

to BandHeight

Re: Firefox 3 honors Windows Security Zones...

said by BandHeight:

What you say:
...
What an IT admin might say:
...
It's all about perspective, I suppose.
I agree. Then it comes to browsers's developers attitude (or their perspective). They may say - IT admin is right, and therefore has all the rights, including an IT admin wishes - "I want to know all your browsing history - past, present and future (saved links and autocompltetes)", "I need to know all your passwords that in case you forgot it I'll help you...", etc.

It's done in IE (and that's the reason why I'm looking for a substitute). If it's FF future policy as well, then well... It's good for a corporate environment, but certainly not for a private user.
- FF is really only honoring policy in regard to downloads / attachments. This may not make FF 3.0 safer, but it certainly doesn't make it any less secure, especially since it heretofore ignored the policy anyway (meaning it operated in the equivalent of the zone policy's least restrictive zone).
Do you really mean Trusted zone (or zone #2)? Do they save ADS with ZoneID=2 line?
Beyond that, FF gets some modifications to it in order for it to be portable (e.g., it gets its disk cache disabled, among other things), so the same thing would apply in regard to zone policy.
Now, that's finally the right direction to move . I mean to make FF portable. But then forget about zone configuration which is saved in registry.
BandHeight
join:2004-08-30

BandHeight

Member

said by OZO:

Then it comes to browsers's developers attitude (or their perspective).
That is most important of all. So far, I'm still okay with FF, even with the new features (or regressions, again, depending on perspective). I've worked around things I don't like and embraced the things I do like.

I have no control over developers' direction and intentions for future versions of FF. There are some things I see currently as potentially troubling indications of the direction things are heading, but I'll react when appropriate (perhaps, as you say, by switching browsers).
said by OZO:

said by BandHeight:
- FF is really only honoring policy in regard to downloads / attachments. This may not make FF 3.0 safer, but it certainly doesn't make it any less secure, especially since it heretofore ignored the policy anyway (meaning it operated in the equivalent of the zone policy's least restrictive zone).
Do you really mean Trusted zone (or zone #2)? Do they save ADS with ZoneID=2 line?
Well, by least restrictive in this context, I could have meant any of the zones that have no impact on, or relevance to, file downloads or attachments. So, looking at the table of zones:

Value    Setting
   ------------------------------
   0        My Computer
   1        Local Intranet Zone
   2        Trusted sites Zone
   3        Internet Zone
   4        Restricted Sites Zone
 

I could have been referring to anything below Zone 3.

And as far as I can tell, Zone 3 is the only identifier tagged onto files per policy as it is the only one that may require further action (e.g., prompting upon execution) once it is downloaded (see tangential note below).
said by OZO:

said by BandHeight:
Beyond that, FF gets some modifications to it in order for it to be portable (e.g., it gets its disk cache disabled, among other things), so the same thing would apply in regard to zone policy.
Now, that's finally the right direction to move :). I mean to make FF portable. But then forget about zone configuration which is saved in registry.
»portableapps.com/
»www.u3.com/

Note:

Minor points of interest:

- you can turn your list of Trusted Sites into Restricted Sites by setting "Launching applications and unsafe files" to "Disable" under the Trusted Sites tab

- you can turn your list of Restricted Sites into Trusted Sites by setting "Launching applications and unsafe files" to "Enable" under the Restricted Sites tab (this will get you a warning that "Your Security Settings Put Your Computer At Risk").