Appreciating Firefox Security Settings And Their Impact On Browsing

Appreciating Firefox Security Settings And Their Impact On Browsing
Page content

Why Use Firefox for Testing?

Microsoft Internet Explorer has come under considerable criticism over the years due to its relative lack of security features – while recent versions might have addressed these concerns, many users still prefer to use Firefox.

Mozilla’s Firefox browser is regularly perceived as having superior features to its competitors, making it the ideal browser for testing secure websites.

However this isn’t the full story. Although adept at handling webpages in a totally secure manner for effective testing of https:// addresses, Firefox is a little bit wonky with other elements of browsing security – it is a great browser, but it isn’t perfect.

Firefox Security and Secure Websites

The latest version of Mozilla’s browser is Firefox 3.0, and this offers various improvements over both previous versions and other browsers. For instance, Firefox doesn’t support ActiveX, thereby offering users a layer of protection that isn’t found in Internet Explorer, which is routinely exploited by rogue ActiveX scripts.

Firefox also offers superior handling of digital certificates, repeatedly asking the end user to confirm if they wish to proceed on websites with bad or untrusted certificates.

Most importantly, Firefox 3.0 offers the most secure SSL/TLS (Secure Sockets Layer/Transport Layer Security) of any of the major browsers, using the strongest encryption key (256 bit versus Internet Explorer’s 128 bit). This provides the most secure experience when carrying out online transactions by credit card or an online money service.

These features are all built in to Firefox, and are among the best feature set of any of the available browsers.

Other Firefox Security Features

While the above details make Firefox the preferred browser for website security testing, there are several aspects of the browser that are less than ideal.

For instance, Firefox fails to allow the user to configure “Internet zones” in the same way that Internet Explorer does, effectively leaving the browser behind in any attempt to compete with IE in an enterprise setting. Being able to handle multiple domains with configurable settings is an increasingly common requirement.

Private browsing mode is available through Firefox, a feature that will dispose of data after the browsing session is closed, while pop-up prevention and anti-phishing filters enhance the end user experience.

Where Firefox Fails

Alter Firefox security settings in the browser window.

Despite the superior nature of Firefox security, it is important not to get carried away. Although a range of enhanced security settings are available beyond the Tools > Options menu (open a new tab and enter about:config – strictly for experienced users!) this isn’t a browser with which you can trawl the world wide web and not get bitten.

There are websites out there that can damage your browser just as they can damage Internet Explorer. One of the most common tricks to launch a stream of pop-ups – with Firefox regarded as the best blocker of pop-up windows, this should be easy for the browser to handle, but unfortunately what tends to happen is the browser locks up under the strain.

Luckily, Firefox has a Safe Mode, accessible from Start > Programs > Firefox, or by holding shift when you launch the browser.

So, Firefox is a great browser for testing secure web apps for online shopping - but don’t get over-confident…