欢迎访问 Firefox Android 版 附加组件。

添加额外的功能和样式打造您的专属 Firefox Android 版。

关闭

随身查看?

查看我们的移动版附加组件网站

关闭

-VladV-

关于我

开发者信息
名称 -VladV-
注册时间 Jan. 25, 2009
开发的附加组件数量 0 个附加组件
开发的附加组件平均得分 尚无评分

我所发表的评价

Perspectives

评分5星,满分5星

-VladV- 发表于 Oct. 28, 2010 ·

I've checked current version (4.0), and it seems that the issues are mentioned earlier have been resolved. I don't see any unnecessary DNS lookups, and all the traffic goes via proxy if it is configured in Firefox.

Requests to Notaries stay non-encrypted, but this probably does not a pose any serious risk.

这个评论是针对附加组件的一个早期版本的(4.0)。  对这个附加组件,此用户曾发表过2个评价

Perspectives

评分5星,满分5星

-VladV- 发表于 Oct. 28, 2010 ·

I've checked current version (4.0), and it seems that the issues are mentioned earlier have been resolved. I don't see any unnecessary DNS lookups, and all the traffic goes via proxy if it is configured in Firefox.

Requests to Notaries stay non-encrypted, but this probably does not a pose any serious risk.

这个评论是针对附加组件的一个早期版本的(4.0)。  对这个附加组件,此用户的其他评论

Perspectives

评分4星,满分5星

-VladV- 发表于 March 27, 2010 ·

A great add-on to mitigate possible MITM attacks.
However, in its current implementation (version 3.0.3) it compromises user's privacy by potentially letting an adversary know what sites the user visits.

1) DNS request leaks.
The addon performs a DNS lookup when user loads an HTTPS site or (!) switches to a tab where such site is open. Which is worse, it doesn't honor FF proxy settings and performs DNS lookup directly even if a proxy supporting DNS lookups is being used (for instance, user is browsing via Tor).

2) Requests to the Network Notaries.
The addon makes requests to the Notaries to check the certificates. These requests are sent in plain text (as HTTP GET), so any adversary who can see this traffic could know what site was visited by this particular user.

这个评论是针对附加组件的一个早期版本的(3.0.3)。