t z
About me
Name | t z |
---|---|
User since | March 5, 2007 |
Number of add-ons developed | 0 add-ons |
Average rating of developer's add-ons | Not yet rated |
My Reviews
Enable-Disable weak SSL ciphers
Rated 3 out of 5 stars
Doesn't seem to disable RC4 128-bit on Gmail, but I'm also running Cypherfox, so they may be stepping on each other. It is working on this page.The star appears on the Icon when it is NOT blocking the weak ciphers. I couldn't tell whether it was on or off. Maybe a big and small padlock?If these are addressed (and maybe a few other tweaks) this would be a great add-on. For now, it is ok.Interestingly, in order to post this review, I had to disable the weak cypher block (bad HMAC)?
I also don't know why, but I had to quit and restart firefox to unstick GMail's use of RC4. I suspect there is some caching going on, so maybe an option to disable the weak ciphers at startup and have it there as an override if needed. (and perhaps per-site).
Enable-Disable weak SSL ciphers
Rated 3 out of 5 stars
Doesn't seem to disable RC4 128-bit on Gmail, but I'm also running Cypherfox, so they may be stepping on each other. It is working on this page.
The star appears on the Icon when it is NOT blocking the weak ciphers. I couldn't tell whether it was on or off. Maybe a big and small padlock?
If these are addressed (and maybe a few other tweaks) this would be a great add-on. For now, it is ok.
Certificate Patrol
Rated 1 out of 5 stars
I have all CAs disabled since I don't trust them and use Perspectives so that might be affecting it - most places are already overridden by perspectives.
Almost every site pops up the notification, including this one. Actually it popped up several while I was getting to this page. The version is 2.0.6. In the configuration panel there are 4 boxes, and all of them are NOT checked. There is no apparent way to tell it NOT to pop up anything.
There is no option to have it either shut up when storing the cert the first time ("Certificate accepted and stored"), or even to have the notification bar disappear after a few seconds if it is a low-threat. On my big screen is is annoying. On my netbook that doesn't have a lot of vertical space it makes it almost useless.
I get the perspectives notification the first time and that is enough. I only want notification if there is a different certificate than stored - one that changed something significant, and maybe one that automatically disappears in 5-10 seconds if it is something like a cert expiration switch (from the same CA even though I don't trust the CAs). Alternately, you might be able to integrate with Perspectives to validate the cert and NOT pop up anything if perspectives says the cert is valid.
CookieSafe
Rated 1 out of 5 stars
The biggest problem with websites is Third party cookies. CS can only enable or disable them all - and they don't appear on the menu or block dialog. So if a site REQUIRES 3rd party cookies, they are blocked even if I have an allow exception, or I have to accept all 3rd party cookies. There is a block notification that briefly appears but there is no explanation of what or why, nor any chance to enable it (this is blogspot with cocomment)
Google SSL
Rated 5 out of 5 stars
If you're worried, just download and open with a text editor first - it is only a few lines. Very simple, it just uses https://
NoRedirect
Rated 5 out of 5 stars
This fills in an important gap in taking control of my browsing.
There are other things including the builtin all-or-none "warn when redirect" which can intercept some redirection and blocking, but this seems to do it all, at least everything outside of javascript (I have various javascript blockers for that). And it is flexible enough that I can choose based on sites.
To create your own collections, you must have a Mozilla Add-ons account.