t z

About me

Developer Information
Name t z
User since March 5, 2007
Number of add-ons developed 0 add-ons
Average rating of developer's add-ons Not yet rated

My Reviews

Enable-Disable weak SSL ciphers

Rated 3 out of 5 stars

Doesn't seem to disable RC4 128-bit on Gmail, but I'm also running Cypherfox, so they may be stepping on each other. It is working on this page.The star appears on the Icon when it is NOT blocking the weak ciphers. I couldn't tell whether it was on or off. Maybe a big and small padlock?If these are addressed (and maybe a few other tweaks) this would be a great add-on. For now, it is ok.Interestingly, in order to post this review, I had to disable the weak cypher block (bad HMAC)?

I also don't know why, but I had to quit and restart firefox to unstick GMail's use of RC4. I suspect there is some caching going on, so maybe an option to disable the weak ciphers at startup and have it there as an override if needed. (and perhaps per-site).

This review is for a previous version of the add-on (withIcons.1-signed.1-signed).  This user has a previous review of this add-on.

Enable-Disable weak SSL ciphers

Rated 3 out of 5 stars

Doesn't seem to disable RC4 128-bit on Gmail, but I'm also running Cypherfox, so they may be stepping on each other. It is working on this page.

The star appears on the Icon when it is NOT blocking the weak ciphers. I couldn't tell whether it was on or off. Maybe a big and small padlock?

If these are addressed (and maybe a few other tweaks) this would be a great add-on. For now, it is ok.

This review is for a previous version of the add-on (withIcons.1-signed.1-signed). 

Certificate Patrol

Rated 1 out of 5 stars

I have all CAs disabled since I don't trust them and use Perspectives so that might be affecting it - most places are already overridden by perspectives.

Almost every site pops up the notification, including this one. Actually it popped up several while I was getting to this page. The version is 2.0.6. In the configuration panel there are 4 boxes, and all of them are NOT checked. There is no apparent way to tell it NOT to pop up anything.

There is no option to have it either shut up when storing the cert the first time ("Certificate accepted and stored"), or even to have the notification bar disappear after a few seconds if it is a low-threat. On my big screen is is annoying. On my netbook that doesn't have a lot of vertical space it makes it almost useless.

I get the perspectives notification the first time and that is enough. I only want notification if there is a different certificate than stored - one that changed something significant, and maybe one that automatically disappears in 5-10 seconds if it is something like a cert expiration switch (from the same CA even though I don't trust the CAs). Alternately, you might be able to integrate with Perspectives to validate the cert and NOT pop up anything if perspectives says the cert is valid.

This review is for a previous version of the add-on (2.0.6.1-signed.1-signed). 

CookieSafe

Rated 1 out of 5 stars

The biggest problem with websites is Third party cookies. CS can only enable or disable them all - and they don't appear on the menu or block dialog. So if a site REQUIRES 3rd party cookies, they are blocked even if I have an allow exception, or I have to accept all 3rd party cookies. There is a block notification that briefly appears but there is no explanation of what or why, nor any chance to enable it (this is blogspot with cocomment)

Google SSL

Rated 5 out of 5 stars

If you're worried, just download and open with a text editor first - it is only a few lines. Very simple, it just uses https://

NoRedirect

Rated 5 out of 5 stars

This fills in an important gap in taking control of my browsing.

There are other things including the builtin all-or-none "warn when redirect" which can intercept some redirection and blocking, but this seems to do it all, at least everything outside of javascript (I have various javascript blockers for that). And it is flexible enough that I can choose based on sites.

This review is for a previous version of the add-on (1.2.4).