Forum Thread: Secunia FF Browser Add-ons Listings.

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
Para 51 Secunia FF Browser Add-ons Listings.
Member 23rd Sep, 2009 02:35
Ranking: 0
Posts: 4
User Since: 4th Sep, 2008
System Score: N/A
Location: CA
Last edited on 23rd Sep, 2009 03:02

Why does PSI have to list every damn add-on I have with FF? It makes the list go & on & on.

I have been selecting these add-ons for the Ignore list but it's the last thing on my mind to go & search through the Ignore listing to delete any add-ons I have change in my FF browser.

I know, I know, this is all a security thing but good lord, it's a bit redundant, isn't it? Is there any chance of Secunia doing something about this, like make some kind of an exception rule or making PSI Not seek & list any add-ons.

I guess I'm just getting too lazy to be bothered checking each add-on listed to see what info Secunia PSI is providing.

nag, nag, nag...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
On another note:
Why does PSI Secure Browsing, list IE7 & FF 3.5+ as Insecure, No solution and the pop up says:
This program was detected as patched. Hence, you have done all that you can to secure this program in accordance with the vendors guidelines.

Unfortunately, there are still known security problems with this program that the vendor has to fix (issue a security patch for).

Until a solution is available from the vendor, your best options are to: Uninstall, disable, or apply a workaround for this security threat.

Please note. It most likely won't be enough to simply avoid using this program, as it integrates directly with your browser and thus may be started (and exploited) automatically by simply visiting a website.

Use the Secunia Advisory criticality rating to assess the threat this program poses to you. The technical details can be found in the referenced Secunia Advisory. [These details don't tell you nothing about what exactly is Insecure!]

And under the SAID column, for IE7 - SA22628 & for FF - SA36649. The links take you to Secunia's pages that list some info about these 2 browsers as being insecure but "patched" and yet, there is no other information that clearly explains 'WHY' Secunia is targeting these 2 browsers, having problems.

This has been showing up in my PSI for about 4 months. So what gives???

Para

Slamgeden RE: Secunia FF Browser Add-ons Listings.
Member 23rd Sep, 2009 08:51
Score: 0
Posts: 181
User Since: 17th Jul 2009
System Score: N/A
Location: N/A
on 23rd Sep, 2009 02:35, Para 51 wrote:
Why does PSI have to list every damn add-on I have with FF? It makes the list go & on & on.

This has been showing up in my PSI for about 4 months. So what gives???


This is one of the best features of the PSI! Without this, you could be exposed to unpatched risks without knowing. These applications run WITH the browser, practically giving every website you visit the chance to attack them. Vulnerabilities here can be a big deal, so it's very important to have a risk-free browser.
My advice? Get rid of ALL insecure extensions. Do without them. You're exposing yourself to risk.

--
Assorted Fnords.
Was this reply relevant?
+0
-0
Para 51 RE: Secunia FF Browser Add-ons Listings.
Member 23rd Sep, 2009 22:25
Score: 0
Posts: 4
User Since: 4th Sep 2008
System Score: N/A
Location: CA
Last edited on 23rd Sep, 2009 22:29
All of the add-ons I use in my FF browser, have been verified by Mozilla 1st. I do not use any experimental or any that have a unknown users listed.

Then there must be something wrong with PSI as it does Not list all the add ons that I have installed with MS IE7. And they are only ones that are only approved by MS (which, in my opinion, doesn't say much!).

And I say again, PSI detection of ALL FF add-ons & lists them, is still redundant.] That's my story & I'm sticking to it!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

On my other Note -- Anyone care to help & explain that situation to me?

Para
Was this reply relevant?
+0
-0
Slamgeden RE: Secunia FF Browser Add-ons Listings.
Member 24th Sep, 2009 08:26
Score: 0
Posts: 181
User Since: 17th Jul 2009
System Score: N/A
Location: N/A
on 23rd Sep, 2009 22:25, Para 51 wrote:
All of the add-ons I use in my FF browser, have been verified by Mozilla 1st. I do not use any experimental or any that have a unknown users listed.

Then there must be something wrong with PSI as it does Not list all the add ons that I have installed with MS IE7. And they are only ones that are only approved by MS (which, in my opinion, doesn't say much!).

And I say again, PSI detection of ALL FF add-ons & lists them, is still redundant.] That's my story & I'm sticking to it!


"Verified my Mozilla"? This is no guarantee against security flaws. Even Firefox often has security flaws. If these things have security holes, they can pose tremendeous risk. What, you thing Mozilla reviews every plugin?

No IE addons? Why don't you just suggest them? Remember to flag them as "IE-plugin" though..


--
Assorted Fnords.
Was this reply relevant?
+0
-0

This thread has been marked as locked.