Welcome to Firefox for Android Add-ons.
Add extra features and styles to make Firefox for Android your own.
CloseReviews for CipherFox
33 reviews for this add-on
Rated 5 out of 5 stars
Hi,
Do you plan to make CipherFox support WebExtensions for Firefox 57+ ?
Rated 5 out of 5 stars
以前から Pale Moon、 Firefox、 SeaMonkey のそれぞれで使用しています。
しかし、リリースされて 10年ほどになるにも関わらず、意外なほどに利用者数が少なく、実利用者の評価も(★4以下が、30%+ を占め)厳しい。その実情(不当なほどの低評価ぶり)に、合点が行かない。
ブラウジング(盗聴防止、クレジットカード番号やパスワードなど第三者に傍受されてはいけないデータをやりとりする場合)での安全確保に必要な SSL / TLS を視認化する付加機能(Add-on)です。
シンプルでありながら詳細確認もでき、リソース量(CPU、RAM負荷)もゼロ同然で、非常に有益です!
最新の Firefox や Pale Moon には、同様な付加機能が実装されましたが、この Add-on では、厳密な確認が可能です。
同様な機能が未実装な SeaMonkey には、 CipherFox は必須アイテムと考えますが。
※ SSL / TLS は、サイト運営者が設定するもので、ユーザー側は、単なる受動的立場でしかありません。この Add-on の目的は、その SSL / TLS の有効性(真偽)を確認するためのものです。
SSL / TLS (https://~)は、 Netscape 社(現、Mozilla)が開発した Web ブラウザとサーバー間で安全に通信するために、データを暗号化して送受信できるプロトコル(定義)のセキュリティー機能で、「公開鍵暗号 / 共通鍵暗号」と「デジタル署名」と「デジタル証明書」技術の全てを組み合わせて、 Secure (安全)度を高めています。
SSL 対応している Web サイトであれば、ブラウザ上から SSL (サーバー)証明書を確認することができます。
SSL 証明書によって、 「SSL」を用いての通信情報暗号化/「SSL」を利用している Web サイトの運営会社(所有者)の確認/その Web サイトの運営会社(所有者)が、第三者機関(認証局)によって信頼性を証明されているかが判断できます。
CipherFox は、現在の SSL / TLS 暗号、プロトコル、証明書チェーンをアドオンバーとサイト識別ダイアログに表示します。
現在のドメインの Qualys SSL Labs サーバーテストには、メニューからアクセスすることもできます。
CipherFox をクリックすると、証明書チェーンのポップアップメニューが表示されます。 証明書をクリックすると詳細なプロパティが表示されます。 出力をカスタマイズするために、環境設定ウィンドウで変数を使用できます。
CipherFox は Firefox、 Pale Moon、 SeaMonkey で使用可能です。
Rated 4 out of 5 stars
This Extension provides comprehensive information on the host Server cipher and certificates for any Web page through TLS 1.2; I haven't seen a miss to date as of January 2017. However, the Internet Engineering Task Force is altering the protocol for TLS 1.3b15 in such a way that the "Insecure Connection" alarm this Extension sounds false positives for TLS 1.3 only; e.g., a TLS_ECDHE_ECC_WITH_AES_128_GCM_SHA256 ciphersuite reports as TLS_AES_128_GCM_SHA256 with the key exchange and certificate algorithms not reporting. (TLS 1.3 Elliptic Curve Certificates show correctly, as ECC_256_SHA256, ECC_256_SHA384, and/or ECC_384_SHA384.)
This review is for a previous version of the add-on (4.1.1).Can you provide a domain that exhibits this issue? If possible, create an issue on GitHub:
https://github.com/gavinhungry/cipherfox/issues
Rated 5 out of 5 stars
good addon,works fine
This review is for a previous version of the add-on (4.0.0).Rated 4 out of 5 stars
yes you are right, at first I could not find it. But what I miss very much: to prevent connection to sites who still use RC4. earlier there was a setting in Cipherfox for this
This review is for a previous version of the add-on (4.0.0).Firefox 48 on Linux with a clean profile, CipherFox 4.0.0: http://i.imgur.com/sg5gdDC.png
What menu are you looking in? You want to look in the expanded Site ID dialog (click the lock icon next to your URL bar).
Also, check your CipherFox settings and ensure that "Show CipherFox in Add-ons Bar" and/or "Show CipherFox in Site Identification Dialog" is enabled.
Rated 5 out of 5 stars
I love this extension for the ability to show all the neat little extra information I want to know about my SSL connection with sites where I'm using 'https'.
My only quip is that the layout should be multi-lined because I have it dump out so much information that it gets truncated in newer versions of Firefox because the layout has changed for the SSL window (when you click the padlock) in Firefox 41+.
Still an amazing extension. Power users should definitely use this!
Rated 5 out of 5 stars
Great addon!
Can you please extend the addon that it also works with Thunderbird?
(If possible with compatibilty to TB 17+ cuz I have to use still TB17 at one place.)
Many thanks.
Rated 4 out of 5 stars
It's a great idea, but doesn't actually seem to do anything - I assume because it's still written to display in the very, very ancient "status bar" widget that Mozilla eliminated a long time ago.
Incompatible with any halfway-recent build of Firefox.
EDIT: CipherFox does indeed appear in the Site ID dialog. However, it is still not visible anywhere else in the Firefox UI.
Hi,
CipherFox is compatible with at least Firefox 37.
In CipherFox preferences, make sure that it is enabled in the Site ID dialog. See the screenshots above if you're having trouble finding it.
Rated 5 out of 5 stars
Usefull good addon to provide more information about TLS (or SSL) secure connections.
This review is for a previous version of the add-on (3.10.1.1-signed).Rated 1 out of 5 stars
Just installed/restarted in FF34; no icon(s), and at addons manager the "options" box is a thin white rectangle with nothing on it. Uninstalled.
This review is for a previous version of the add-on (3.10.0.1-signed).Can you tell me more about your setup? I'm running Firefox 34.0.5 on Linux, and CipherFox 3.10.1 works fine.
EDIT: Sorry, I just noticed that 3.10.0 is still the public version (3.10.1 is in review), but there weren't any changes that should make CipherFox stop working ...
Also, for bug reports, it is more helpful to post on the CipherFox issues page on GitHub: https://github.com/gavinhungry/cipherfox/issues
Rated 5 out of 5 stars
Great! Exactly the addon I was looking for as long as bug 711816 remains unfixed. Thanks!
This review is for a previous version of the add-on (3.7.3.1-signed).Rated 5 out of 5 stars
Does exactly what I need and more. Very informative. I love the ability to directly input formatting strings. The ability to disable the insecure RC4 cipher is a welcomed touch, and the easy-access Qualys SSL test is especially handy.
This review is for a previous version of the add-on (3.7.3.1-signed).Rated 4 out of 5 stars
ESR 24... 3.7.2 - Parse Error (
This review is for a previous version of the add-on (3.7.2.1-signed).Thanks Saenko, I'll look into this. Keep an eye on this issue here: https://github.com/gavinhungry/cipherfox/issues/11
Rated 5 out of 5 stars
At the Moment the AddOn worked well and Display the information as far the FF allow this but the Add-On-Bar will be removed with V 29 (Australis). Hope this part of CipherFox will be replaced soon.
This review is for a previous version of the add-on (3.7.1.1-signed).Rated 5 out of 5 stars
Great extension. thank you for this developer
This review is for a previous version of the add-on (3.7.1.1-signed).Rated 4 out of 5 stars
In the previous version, $protocol worked well, at least for me.
This review is for a previous version of the add-on (3.7.1.1-signed).Rated 4 out of 5 stars
Why don't you show full version of the protocol? Only SSL or TLS.Can you show:SSL 3.0TLS 1.0TLS 1.1TLS 1.2
Update.
>Because that information is not yet exposed by Firefox.
Thanks for answer. I thought so.
Because that information is not yet exposed by Firefox.
Also, the PROTOCOL option is currently erroneous, and has been removed in 3.7.1. Expect it to return (with version) once the correct data is available.
Rated 5 out of 5 stars
Just updated to FF 25, Cipherfox is now gone.Btw, full ciphersuite info is still available in 25 final, so please add those details into Cipherfox.
EDIT: Thanks and I'll use GitHub in the future.
Apologies, I dragged my feet on getting that support out. I've just submitted an update, which will also expose the cipher suite.
In the future, please submit bug reports to the GitHub issues page instead:
https://github.com/gavinhungry/cipherfox/issues
Rated 4 out of 5 stars
Latest Firefox 25 nightly builds show the full TLS ciphersuite name (like TLS_ECDHE_RSA_WITH_RC4_128_SHA) in the Page Info window; however, this might be an unintended change — it is not mentioned in the commit changelog, so it might still be reverted if someone decides that it breaks too much other code:
https://bugzilla.mozilla.org/show_bug.cgi?id=820887#c12
However, the CipherFox addon does not work in those nightly builds at all — the configuration dialog can be displayed, but the actual button with popup does not appear in the site information or addon bar.
Rated 4 out of 5 stars
I second bjacke: taking into account and displaying the key exchange protocol and whether Perfect Forward Secrecy (PFS) was used would be great.
Actually, I might be wrong but I think there is currently no way in Firefox to show which key exchange protocol was used. This information is available on vanilla chromium, for instance.
To create your own collections, you must have a Mozilla Add-ons account.