Will Mozilla's plan to implement a feature that blocks the automated display of plug-in-based content improve Firefox
security? Or will it increase the threat posed by rogue images that install malicious files? Separately, are there any telltale signs to identify a malicious click-to-play image?
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
Mozilla's click-to-play feature has the potential to improve desktop Firefox security just as much as its NoScript plug-in extension. If the browser plug-in check feature is enabled by default, users may be able to safely click on all images, but if users are forced to manage the feature on a site-by-site basis, they might enable it on all sites, resulting in a minimal net security improvement. Employing a shared blacklist or whitelist throughout the enterprise could make the feature more effective for end users who lack the technical knowledge to manage the capability themselves, but this strategy might duplicate website blacklists and whitelists that are already implemented. Suggested features include checking a plug-in to see if it is updated before playing content (or when the browser is started) and placing all of the plug-ins (or the entire browser) in individual sandboxes. These potential features could have minimal user visibility and improve Firefox security, but the negative impact on the browser's performance may be too significant.
Potential telltale signs of a malicious click-to-play image might apply to a video on YouTube, but it can be difficult for end users to distinguish a malicious ad or embedded content from legitimate content. Mozilla's development of a browser plug-in check could make end users more vulnerable to clicking on a malicious ad not knowing if it was a legitimate ad or content on a website. The website could clearly differentiate ads from content, but users might still struggle to identify the ads. The image displayed by the click-to-play feature could provide details about the content's source and the source's reputation and ask for confirmation before playing the content. However, it should not simply ask the user to click if they want to play, as most end users will do so without giving any thought to the potential security risk.
Dig deeper on Web Browser Security
Related Q&A from Nick Lewis, Enterprise Threats
Expert Nick Lewis explains how to avoid a detrimental VPN bypass flaw that allows malicious apps to infiltrate Android devices.continue reading
Expert Nick Lewis explains how to keep call center employees from getting duped by social engineering scams and pretexting.continue reading
Researchers reportedly succeeded in extracting decryption keys using sound-based attacks. Is this a threat enterprises should worry about?continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.