Will Mozilla's plan to implement a feature that blocks the automated display of plug-in-based content improve Firefox...
security? Or will it increase the threat posed by rogue images that install malicious files? Separately, are there any telltale signs to identify a malicious click-to-play image?
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
Mozilla's click-to-play feature has the potential to improve desktop Firefox security just as much as its NoScript plug-in extension. If the browser plug-in check feature is enabled by default, users may be able to safely click on all images, but if users are forced to manage the feature on a site-by-site basis, they might enable it on all sites, resulting in a minimal net security improvement. Employing a shared blacklist or whitelist throughout the enterprise could make the feature more effective for end users who lack the technical knowledge to manage the capability themselves, but this strategy might duplicate website blacklists and whitelists that are already implemented. Suggested features include checking a plug-in to see if it is updated before playing content (or when the browser is started) and placing all of the plug-ins (or the entire browser) in individual sandboxes. These potential features could have minimal user visibility and improve Firefox security, but the negative impact on the browser's performance may be too significant.
Potential telltale signs of a malicious click-to-play image might apply to a video on YouTube, but it can be difficult for end users to distinguish a malicious ad or embedded content from legitimate content. Mozilla's development of a browser plug-in check could make end users more vulnerable to clicking on a malicious ad not knowing if it was a legitimate ad or content on a website. The website could clearly differentiate ads from content, but users might still struggle to identify the ads. The image displayed by the click-to-play feature could provide details about the content's source and the source's reputation and ask for confirmation before playing the content. However, it should not simply ask the user to click if they want to play, as most end users will do so without giving any thought to the potential security risk.
Dig Deeper on Web Browser Security
Related Q&A from Nick Lewis
Latentbot malware has layers of obfuscation that makes it hard to detect. Expert Nick Lewis explains how its process works, beginning with a phishing...continue reading
A hard to detect type of Linux malware, Rekoobe, can download files to user systems. Expert Nick Lewis explains the malware's key functionality and ...continue reading
Pro POS, a new type of POS malware, has simple operations and is easy to obtain. How was it so successful against businesses? Expert Nick Lewis ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.