OCSP Stapling has landed in the latest Nightly builds of Firefox! OCSP stapling is a mechanism by which a site can convey certificate revocation information to visitors in a privacy-preserving, … Read more
Mozilla maintains a wide range of services which are secured using different solutions. For internal repositories, our Operations Security team has chosen to use the low-cost, open source and open … Read more
The lack of (or inconsistent use of) SSL puts users’ security and privacy at risk. Increasingly, popular sites require SSL not only for operations which are known to directly involve … Read more
HSTS (HTTP Strict Transport Security [1][2]) is a mechanism by which a server can indicate that the browser must use a secure connection when communicating with it. It can be … Read more
October is National Cyber Security Awareness month and we want to take the opportunity to reiterate Mozilla’s security commitment to the Web. From Firefox for Windows, Mac, Linux and Android to … Read more
We’ve decided to reorganize our security teams and as part of the change we are going to be using this blog in some new ways. The most notable change is … Read more
“The journey of a thousand miles begins with one step.” ~ Lao Tzu “If you do what you’ve always done, you’ll get what you’ve always gotten.” ~ Anthony Robbins We’ve … Read more
Privacy isn’t always easy. We’re close to landing some changes in the Firefox development tree that will fix a privacy leak that browsers have been struggling with for some time. … Read more