July 5, 2016 By Larry Loeb 2 min read

The Tor project works to preserve anonymity for users browsing the net, and it has instituted some recent upgrades to its security to further this effort. Now Mozilla is returning the favor by expanding its Firefox security options — and its taking some cues from Tor.

GHacks noted that the nightly build channel of Firefox 50 has started adding features that Tor originated. Mozilla will probably integrate more measures into the standard version Firefox in the coming weeks, but a few changes have materialized and are already available for privacy-conscious users.

About the Firefox Security Measures

The first patch rolled out aims to reduce fingerprinting, which involves getting the characteristics of a specific browser being used to view information. According to GHacks, Firefox does this by blocking the reading of plugins and MIME types supported by the browser.

Softpedia noted that the second patch will also keep the user’s browser orientation a secret even when sites or applications request the information. This request is often a part of fingerprinting as well.

The third patch removes the “open with” option in the download menu. Again, this sort of behavior can be diagnostic for a specific browser’s use.

While these privacy measures are slowly being integrated into Firefox security, they are not enabled by default. In the current nightly builds, they must be expressly set by the user before they become effective. GHacks outlined how to turn on these settings.

Uplifting Tor

Mozilla named this overall privacy effort the Tor Uplift project. It is tracking the specific status of the privacy-enhancing changes it has planned, so it’s a useful resource for users who want to understand what Firefox security improvements are on the horizon.

Most of the changes are grouped under the core preference privacy.resistFingerprinting, which has been around since Firefox 41. This is the central repository for Tor-related settings being implemented in the Firefox browser, but it’s not the only location where these changes are found.

While this preference covers many Tor settings that are being implemented in the Firefox browser, some — such as the “open with” option — are available under other preferences.

These changes to Firefox will be welcomed by any users concerned about their privacy — even if they are not using Tor.

More from

What is the Open-Source Software Security Initiative (OS3I)?

3 min read - The Open-Source Software Security Initiative (OS3I) recently released Securing the Open-Source Software Ecosystem report, which details the members’ current priorities and recommended cybersecurity solutions. The accompanying fact sheet also provides the highlights of the report. The OS3I includes both federal departments and agencies working together to deliver policy solutions to secure and defend the ecosystem. The new initiative is part of the overall National Cybersecurity Strategy.After the Log4Shell vulnerability in 2021, the Biden-Harris administration committed to improving the security of…

Widespread exploitation of recently disclosed Ivanti vulnerabilities

6 min read - IBM X-Force has assisted several organizations in responding to successful compromises involving the Ivanti appliance vulnerabilities disclosed in January 2024. Analysis of these incidents has identified several Ivanti file modifications that align with current public reporting. Additionally, IBM researchers have observed specific attack techniques involving the theft of authentication token data not readily noted in current public sources. The blog details the results of this research to assist organizations in protecting against these threats. Key Findings: IBM research teams have…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today