Will Mozilla's plan to implement a feature that blocks the automated display of plug-in-based content improve Firefox...
security? Or will it increase the threat posed by rogue images that install malicious files? Separately, are there any telltale signs to identify a malicious click-to-play image?
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
Mozilla's click-to-play feature has the potential to improve desktop Firefox security just as much as its NoScript plug-in extension. If the browser plug-in check feature is enabled by default, users may be able to safely click on all images, but if users are forced to manage the feature on a site-by-site basis, they might enable it on all sites, resulting in a minimal net security improvement. Employing a shared blacklist or whitelist throughout the enterprise could make the feature more effective for end users who lack the technical knowledge to manage the capability themselves, but this strategy might duplicate website blacklists and whitelists that are already implemented. Suggested features include checking a plug-in to see if it is updated before playing content (or when the browser is started) and placing all of the plug-ins (or the entire browser) in individual sandboxes. These potential features could have minimal user visibility and improve Firefox security, but the negative impact on the browser's performance may be too significant.
Potential telltale signs of a malicious click-to-play image might apply to a video on YouTube, but it can be difficult for end users to distinguish a malicious ad or embedded content from legitimate content. Mozilla's development of a browser plug-in check could make end users more vulnerable to clicking on a malicious ad not knowing if it was a legitimate ad or content on a website. The website could clearly differentiate ads from content, but users might still struggle to identify the ads. The image displayed by the click-to-play feature could provide details about the content's source and the source's reputation and ask for confirmation before playing the content. However, it should not simply ask the user to click if they want to play, as most end users will do so without giving any thought to the potential security risk.
Dig Deeper on Web Browser Security
Related Q&A from Nick Lewis
The new Trochilus RAT can avoid detection in cyberespionage attacks. Expert Nick Lewis explains how it works, and if enterprises need to adapt their ...continue reading
The Asacub Trojan has new banking malware features. Expert Nick Lewis explains how it made this transition and what enterprises should be watching ...continue reading
BlackEnergy malware may have been part of the attacks on Ukrainian utility and media companies. Expert Nick Lewis explains how this malware works and...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.