Articles in “Security”

Version 2.9 of the Mozilla Root Store Policy

Ben Wilson

September 13, 2023

Online security is constantly evolving, and thus we are excited to announce the publication of MRSP version 2.9, demonstrating that we are committed to keep up with the advancement of … Read more

Updated GPG key for signing Firefox Releases

Tom Ritter

May 11, 2023

The GPG key used to sign the Firefox release manifests is expiring soon, and so we’re going to be switching over to new key shortly. The new GPG fingerprint is … Read more

Upgrading Mozilla’s Root Store Policy to Version 2.8

Ben Wilson

May 23, 2022

In accordance with the Mozilla Manifesto, which emphasizes the open development of policy that protects users’ privacy and security, we have worked with the Mozilla community over the past several … Read more

Revocation Reason Codes for TLS Server Certificates

Kathleen Wilson

May 16, 2022

In our continued efforts to improve the security of the web PKI, we are taking a multi-pronged approach to tackling some long-existing problems with revocation of TLS server certificates. In … Read more

Preventing secrets from leaking through Clipboard

Sergey Galich

December 15, 2021

For decades users have been pressing Ctrl+C or relying on copy buttons. All these tricks and shortcuts to speed up text processing have become natural and intuitive to us. … Read more

Improving the Quality of Publicly Trusted Intermediate CA Certificates with Enhanced Oversight and Automation

Ben Wilson and Kathleen Wilson

December 9, 2021

In keeping with our commitment to the security and privacy of individuals on the internet, Mozilla is increasing our oversight and adding automation to our compliance-checking of publicly trusted intermediate … Read more

Securing the proxy API for Firefox add-ons

Rachel Tublitz and Stuart Colville

October 25, 2021

Add-ons are a powerful way to extend and customize Firefox. At Mozilla, we are committed not only to supporting WebExtensions APIs, but also ensuring the safety and reliability of the … Read more

Firefox 93 protects against Insecure Downloads

Sebastian Streich, Julian Gaibler and Christoph Kerschbaumer

October 5, 2021

Downloading files on your device still exposes a major security risk and can ultimately lead to an entire system compromise by an attacker. Especially because the security risks are … Read more

Securing Connections: Disabling 3DES in Firefox 93

Dana Keeler

October 5, 2021

As part of our continuing work to ensure that Firefox provides secure and private network connections, it periodically becomes necessary to disable configurations or even entire protocols that were once … Read more

Mozilla VPN Security Audit

Jonathan Claudius

August 31, 2021

To provide transparency into our ongoing efforts to protect your privacy and security on the Internet, we are releasing a security audit of Mozilla VPN that Cure53 conducted earlier this … Read more

Firefox 91 Introduces Enhanced Cookie Clearing

Paul Zühlcke, Johann Hofmann and Arthur Edelstein

August 10, 2021

We are pleased to announce a new, major privacy enhancement to Firefox’s cookie handling that lets you fully erase your browser history for any website. Today’s new version of Firefox … Read more

Firefox 91 introduces HTTPS by Default in Private Browsing

Christoph Kerschbaumer, Tomer Yavor, Julian Gaibler and Arthur Edelstein

August 10, 2021

We are excited to announce that, starting in Firefox 91, Private Browsing Windows will favor secure connections to the web by default. For every website you visit, Firefox will … Read more