歡迎來到 Firefox for Android 附加元件。

新增額外的功能與樣式自訂您的 Firefox for Android。

關閉

帶著走?

造訪我們的行動版附加元件網站

關閉

-VladV-

關於我

開發者資訊
名稱 -VladV-
加入日期 Jan. 25, 2009
參與開發的附加元件數量 0 個附加元件
此開發者的附加元件平均分數 未經評分

我所發表的評論

Perspectives

評分: 5 / 5 顆星

作者:-VladV- 於 Oct. 28, 2010 發佈 ·

I've checked current version (4.0), and it seems that the issues are mentioned earlier have been resolved. I don't see any unnecessary DNS lookups, and all the traffic goes via proxy if it is configured in Firefox.

Requests to Notaries stay non-encrypted, but this probably does not a pose any serious risk.

此意見為舊版本 (4.0) 的附加元件。  此使用者對此附加元件 曾發表過 2 筆評論

Perspectives

評分: 5 / 5 顆星

作者:-VladV- 於 Oct. 28, 2010 發佈 ·

I've checked current version (4.0), and it seems that the issues are mentioned earlier have been resolved. I don't see any unnecessary DNS lookups, and all the traffic goes via proxy if it is configured in Firefox.

Requests to Notaries stay non-encrypted, but this probably does not a pose any serious risk.

此意見為舊版本 (4.0) 的附加元件。  對於這個附加元件,此使用者的其他意見

Perspectives

評分: 4 / 5 顆星

作者:-VladV- 於 March 27, 2010 發佈 ·

A great add-on to mitigate possible MITM attacks.
However, in its current implementation (version 3.0.3) it compromises user's privacy by potentially letting an adversary know what sites the user visits.

1) DNS request leaks.
The addon performs a DNS lookup when user loads an HTTPS site or (!) switches to a tab where such site is open. Which is worse, it doesn't honor FF proxy settings and performs DNS lookup directly even if a proxy supporting DNS lookups is being used (for instance, user is browsing via Tor).

2) Requests to the Network Notaries.
The addon makes requests to the Notaries to check the certificates. These requests are sent in plain text (as HTTP GET), so any adversary who can see this traffic could know what site was visited by this particular user.

此意見為舊版本 (3.0.3) 的附加元件。