Avatar for Username

Sykje yn Support

Mij stipescams. Wy sille jo nea freegje in telefoannûmer te beljen, der in sms nei ta te stjoeren of persoanlike gegevens te dielen. Meld fertochte aktiviteit mei de opsje ‘Misbrûk melde’.

Mear ynfo

Dizze konversaasje is argivearre. Stel in nije fraach as jo help nedich hawwe.

how do I check if I was affected by latest security bug

  • 4 antwurd
  • 2 hawwe dit probleem
  • 3 werjeftes
  • Lêste antwurd fan Happy112

androdebugur
androdebugur
more options

I have been using firefox 48.0.2 while the latest security threat came into news. Now I have updated already, but how can I make sure that nothing happened during the period while I was using older version of firefox? I do use noscript addons.

I have been using firefox 48.0.2 while the latest security threat came into news. Now I have updated already, but how can I make sure that nothing happened during the period while I was using older version of firefox? I do use noscript addons.

Keazen oplossing

hi androdebugur, in case you are referring to the recently disclosed certificate pinning bug, eg. https://hackernoon.com/postmortem-of-the-firefox-and-tor-certificate-pinning-vulnerability-rabbit-hole-bd507c1403b4 i think it is quite improbably that it had practical implications.

for an attack to work, the attacker would need to be in a position to intercept, control and alter your network traffic and obtain a genuine trusted certificate for a mozilla.org domain - if both of these conditions applied i think there are also lots of other things to worry about, not only the integrity of addon updates...

Dit antwurd yn kontekst lêze 👍 0

Alle antwurden (4)

Happy112
Happy112
more options

Hi &nsp; !

As long as you haven't downloaded or clicked on anything suspicious,   like fake updates,  you have nothing to worry about.
You're apparantly on the alert for these kind of things:   good for you   !

philipp
philipp
  • Moderator
more options

Keazen oplossing

hi androdebugur, in case you are referring to the recently disclosed certificate pinning bug, eg. https://hackernoon.com/postmortem-of-the-firefox-and-tor-certificate-pinning-vulnerability-rabbit-hole-bd507c1403b4 i think it is quite improbably that it had practical implications.

for an attack to work, the attacker would need to be in a position to intercept, control and alter your network traffic and obtain a genuine trusted certificate for a mozilla.org domain - if both of these conditions applied i think there are also lots of other things to worry about, not only the integrity of addon updates...

androdebugur
androdebugur Fraacheigener
more options

Happy112 said

Hi &nsp; !
As long as you haven't downloaded or clicked on anything suspicious,   like fake updates,  you have nothing to worry about.
You're apparantly on the alert for these kind of things:   good for you   !

philipp said

hi androdebugur, in case you are referring to the recently disclosed certificate pinning bug, eg. https://hackernoon.com/postmortem-of-the-firefox-and-tor-certificate-pinning-vulnerability-rabbit-hole-bd507c1403b4 i think it is quite improbably that it had practical implications. for an attack to work, the attacker would need to be in a position to intercept, control and alter your network traffic and obtain a genuine trusted certificate for a mozilla.org domain - if both of these conditions applied i think there are also lots of other things to worry about, not only the integrity of addon updates...


Thank you.

Happy112
Happy112
more options

androdebugur said

Thank you.

That is so sweet and highly appreciated   !