Will Mozilla's plan to implement a feature that blocks the automated display of plug-in-based content improve Firefox security? Or will it increase the threat posed by rogue images that install malicious files? Separately, are there any telltale signs to identify a malicious click-to-play image?
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
Mozilla's click-to-play feature has the potential to improve desktop Firefox security just as much as its NoScript plug-in extension. If the browser plug-in check feature is enabled by default, users may be able to safely click on all images, but if users are forced to manage the feature on a site-by-site basis, they might enable it on all sites, resulting in a minimal net security improvement. Employing a shared blacklist or whitelist throughout the enterprise could make the feature more effective for end users who lack the technical knowledge to manage the capability themselves, but this strategy might duplicate website blacklists and whitelists that are already implemented. Suggested features include checking a plug-in to see if it is updated before playing content (or when the browser is started) and placing all of the plug-ins (or the entire browser) in individual sandboxes. These potential features could have minimal user visibility and improve Firefox security, but the negative impact on the browser's performance may be too significant.
Potential telltale signs of a malicious click-to-play image might apply to a video on YouTube, but it can be difficult for end users to distinguish a malicious ad or embedded content from legitimate content. Mozilla's development of a browser plug-in check could make end users more vulnerable to clicking on a malicious ad not knowing if it was a legitimate ad or content on a website. The website could clearly differentiate ads from content, but users might still struggle to identify the ads. The image displayed by the click-to-play feature could provide details about the content's source and the source's reputation and ask for confirmation before playing the content. However, it should not simply ask the user to click if they want to play, as most end users will do so without giving any thought to the potential security risk.
Dig Deeper on Web browser security
Related Q&A from Nick Lewis
Enterprises have many options for email security best practices, ranging from deploying email security protocols to educating end users on the ... Continue Reading
Cyberattacks often begin with a port scan attack, which attackers use to find exploitable vulnerabilities on targeted systems. Learn how they work ... Continue Reading
Monitoring process memory is one way to combat fileless malware attacks. Here's what you can do to protect your network against these campaigns. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.