![]() ![]() Firefox ESR And The Tor BrowserĪlong with the regular release of Firefox 52, Mozilla also announced a new Firefox ESR, which has caught up with the features of the latest mainstream version of Firefox. Mozilla also removed support for the Battery Status API, which could have been used by some services to fingerprint users, thus significantly reducing privacy on the web. Support for the Netscape Plugin API ( NPAPI) has been removed for virtually all plugins with the exception of Flash. ![]() The browser also got an “enhanced sync” feature to enable users to send and open tabs from one device to another.ĭropping NPAPI, Battery Status API Support The multi-process architecture has also been enabled for Windows users that use touchscreen devices. However, for now, Mozilla will still allow users to bypass this warning. With Google researchers proving that a collision attack on SHA-1 is now practical, there are even more reasons to avoid connections based on SHA-1 algorithms. All the major browser vendors have had plans to deprecate SHA-1 for a couple of years now. However, for now, the two companies are only warning about pages that require passwords or credit card information.Īn “Untrusted Connection” error will also appear when Firefox 52 users visit a website whose certificate is chained to a root certificate that still uses the SHA-1 algorithm (such as those imported by the user). Google and Mozilla have promised for many months a new “This connection is not secure” warning that will appear in login boxes on pages that use HTTP, rather than HTTPS.īoth Google and Mozilla will progressively ramp up their warnings until all HTTP web pages are greeted by big red notifications that they are not secure. Firefox 52 also supports Strict Secure Cookies, a policy that forbids HTTP websites from setting cookies with the “secure” attribute. ![]()
0 Comments
Leave a Reply. |