New Firefox extension, Firekeeper, lets you surf safe

Do you trust that the Web site you're visiting is secure? By now most people know to avoid sketchy sites with complicated URLs, misspellings, or seedy graphics. But what about legitimate sites, such as the one for this year's Super Bowl, which was defaced just days before the event to include a link to a malicious Trojan horse?

In tests by CNET Reviews, we found that safe surfing tools such as the Netcraft toolbar and McAfee SiteAdvisor, while effective at stopping sites designed to be fraudulent by nature (aka phishing sites), tend to miss recently defaced legitimate sites. Newer tools like Exploit Prevention Labs Linkscanner Pro actively scan every page as it loads in your browser, blocking any the malicious components residing there, and allowing the sanitized page to display. Now the development team at Mozilla has created a new Firefox extension that also actively scans Web pages for malicious code.

The new extension is called Firekeeper and is still in development, but an alpha version is currently available for downloading and testing. We found this security extension to be very stable and useful, stopping access to at least one site known to CNET as compromised. In practice Firekeeper works like this: When malicious code is found on a site you are about to access, an alert dialog displays the URL of the site, the problem identified, references to security vulnerability reporting sites such as BugTraq, and, finally, actions you may wish to take: Block once, Allow once, Whitelist, or Blacklist. The configuration option allows you to add manually sites to the white or black lists.

[jture]

drove me crazy on a local news site

Firekeeper questioned virtually every element of boston.com, a portal site owned by the Boston Globe. More than 50 alerts popped up, for everything from graphics to CSS stylesheets, before I was allowed to view the homepage in peace. I finally had to disable the extension altogether. But I'm perfectly willing to admit the possibility that the problem was an unskilled end-user rather than the extension itself.

[royauty]

Yes, but for good reason!

I also regularly read Boston.com, which has particularly intrusive advertising software. Every time you load a new page, a new piece of adware will be loaded onto your machine! If you want evidence, simply run ad-aware and/or spybot on your machine. Then open Boston.com and surf for a few pages. Now close your browser and re-run the same software and be amazed at all the stuff that you have to re-clean! My guess is that the reason this extension is driving you crazy is that it's picking all this stuff up...

[jture]

drove me crazy on a local news site

Firekeeper questioned virtually every element of boston.com, a portal site owned by the Boston Globe. More than 50 alerts popped up, for everything from graphics to CSS stylesheets, before I was allowed to view the homepage in peace. I finally had to disable the extension altogether. But I'm perfectly willing to admit the possibility that the problem was an unskilled end-user rather than the extension itself.

[royauty]

Yes, but for good reason!

I also regularly read Boston.com, which has particularly intrusive advertising software. Every time you load a new page, a new piece of adware will be loaded onto your machine! If you want evidence, simply run ad-aware and/or spybot on your machine. Then open Boston.com and surf for a few pages. Now close your browser and re-run the same software and be amazed at all the stuff that you have to re-clean! My guess is that the reason this extension is driving you crazy is that it's picking all this stuff up...