Firefox Expert Gives Advice on Staying Safe Online

Recently, we asked Michael Coates, the Director of Security Assurance at Mozilla (the makers of Firefox) a few questions about keeping users safe on Firefox. His goal is to protect users, their privacy and Mozilla’s applications, services, systems and reputation. (Read more from the Security Assurance team on their blog.)

Q. What do you see as the biggest challenge that Internet users face to stay safe online?

Michael’s answer: The biggest challenge for internet users is to ensure their browser and plugins are up to date. One of the most common ways malware infects users on the internet is through outdated browser plugins.

Q. What is a potential solution for that challenge?

Michael’s answer: Mozilla has created a website to help users check if their plugins are out of date and need to be updated. Users should regularly visit this page to ensure the are using the most current versions of all plugins.

Q. What is your favorite Firefox security feature?

Michael’s answer: My favorite security feature of Firefox is one that we’ve recently shipped, and that we are still improving. The feature, called Click to Play, helps protect users against attacks targeting outdated plugins. Unfortunately a compromised website may contain malware that attempts to compromise a user’s machine via an outdated plugin. In many cases the website has no normal need to use this plugin at all. The click to play security feature helps protect users by not enabling these outdated plugins by default. Instead these plugins are only activated when a user intentionally takes an action like clicking on a dialogue box in the browser. In the end this new security control helps protect users against a common type of attack on the web.

Thanks to Michael for his insights!

Here are some other security tips from Firefox.

  1. Use a super strong password. If your password is 1234, you’re probably more vulnerable to being hacked. Use a phrase with numbers and special characters. For example, “_pe4reSP” is a strong password.
  2. Know if a site is secure before entering personal information. There are two quick and easy security things to look for when on a site. First, does the URL start with HTTPS (instead of HTTP)? And second, is there a “lock” icon on the URL bar that shows that you are on a secured website?
  3. Use the latest version of Firefox. This is maybe the most important tip. 🙂 With every update comes more security. If you’re using an older browser, you’re putting yourself at greater risk. An update is so simple – here’s how to do it.