[Cialug] FF4 Cooke Management?
Josh More
MoreJ at alliancetechnologies.net
Fri Apr 8 09:56:36 CDT 2011
I just run my browser in private mode and delete all cookies when I exit. That protects against attacks of persistence.*
I then use NoScript to protect against Javascript-based attacks (XSS) and Request Policy to protect against cross site forgery (CSRF).
Lastly, I use AdBlock to prevent against malicious ad injection.
I consider that good enough for everyday non-paranoid use. (I have a much more restrictive setup for when I'm going to known-dangerous sites.)
*Mostly... you need another add on to delete flash cookies.
Josh More | Senior Security Consultant - CISSP, GIAC-GSLC Gold, GIAC-GCIH
Alliance Technologies | www.AllianceTechnologies.net
400 Locust St., Suite 840 | Des Moines, IA 50309
515.245.7701 | 888.387.5670 x7701
Blog: Don't just blame the bad guys, it's your fault too
http://www.alliancetechnologies.net/blogs/morej
How are we doing? Let us know here:
http://www.alliancetechnologies.net/forms/alliance-technologies-feedback-survey
________________________________________
From: cialug-bounces at cialug.org [cialug-bounces at cialug.org] on behalf of L. V. Lammert [lvl at omnitec.net]
Sent: Friday, April 08, 2011 09:55
To: Central Iowa Linux Users Group
Subject: [Cialug] FF4 Cooke Management?
Just started playing with FF4, and it is missing a CRITICAL feature that
has been a mainstay to me for many years - "ask on every cookie".
None of the "cookie managers" AddIns provide the functionality like FF3 -
allowing cookies for session, permanently, or none (just like NoScipt). (I
have already removed FF3 and don't recall what AddOn I had installed.)
What are other folks using for cookie management? Are we supposed to give
up on good cookie management?
Lee
_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug
More information about the Cialug
mailing list