Difference between revisions of "Favorite Firefox Extensions"
m (→Facebook Disconnect) |
m (→NoScript) |
||
Line 88: | Line 88: | ||
In light of recent browser hijack and malware such as the [[Internet Security 2012 Virus]] it is highly recommended that users install and learn to use this extension. It allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, guarding your "trust boundaries" against cross-site scripting attacks (XSS), cross-zone DNS rebinding / CSRF attacks (router hacking), and Clickjacking attempts, thanks to its unique ClearClick technology. It also implements the DoNotTrack tracking opt-out proposal by default. | In light of recent browser hijack and malware such as the [[Internet Security 2012 Virus]] it is highly recommended that users install and learn to use this extension. It allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, guarding your "trust boundaries" against cross-site scripting attacks (XSS), cross-zone DNS rebinding / CSRF attacks (router hacking), and Clickjacking attempts, thanks to its unique ClearClick technology. It also implements the DoNotTrack tracking opt-out proposal by default. | ||
− | ''note: | + | ''note: [http://forums.informaction.com/viewtopic.php?f=7&t=7971 incompatibility with online banking]: resolve. Issue: even with "allow scripts globally" and allowed domains many major online banking sites will not function with this extension active. <del>NoScript had to be completely disabled for online banking</del>. Resolution: Options -> Advanced - > uncheck "Turn cross-site POST requests into data-less GET requests"'' |
* Usefulness: Recommended (for security) | * Usefulness: Recommended (for security) |
Revision as of 19:22, 25 January 2012
What this is: A list of Mozilla Firefox plugin / Addon "Extensions" (specifically, what Firefox calls extensions) that we use, find useful, or once found useful.
What this is not: This isn't a comprehensive list of extensions. Extensions we don't like, don't find useful, aren't aware of, or that are total crap are not listed here. Other types of Addons such as plugins and themes are not listed here.
- Add-ons for Firefox (web site)
All addons below have been tested at one point in time. VLT - Version Last Test is the plugin version tested most recently in our lab.
Contents
- 1 Favorite Extensions
- 1.1 Facebook Disconnect
- 1.2 Flashblock
- 1.3 Flash Game Maximizer
- 1.4 Flickr Original
- 1.5 Image Toolbar
- 1.6 Java Console
- 1.7 Memory Fox
- 1.8 NoScript
- 1.9 NoSquint
- 1.10 QuickJava
- 1.11 Read Easily
- 1.12 RightToClick
- 1.13 Screengrab
- 1.14 Screenshooter
- 1.15 Secure Login
- 1.16 Toolbar Buttons
- 1.17 Web Developer
- 2 Take Back Control!
Favorite Extensions
Facebook Disconnect
A browser extension which prevents Facebook 'seeing' which other sites you visit online. Facebook is notified whenever you visit one of the more than one million sites on the web that use Facebook Connect and has a history of leaking personally identifiable information to third parties.
- Usefulness: Recommended (for security)
- Category: Security
- Side Effects: Blocks some functions of Facebook such as photo links
- VLT: 1.0.1
- Conflicts: Redundant to use with privacy/anti-tracking plugins such as Ghostery.
Flashblock
Never be annoyed by a Flash animation again! Blocks Flash so it won't get in your way, but if you want to see it, just click ...
Due to the security vulnerabilities constantly being discovered in Adobe Flash Player, it is best to have Flash disabled by default with the user having the option to execute a Flash plugin as needed. Adobe Flash is notoriously insecure, with next to no configuration options, and annoying. Take back control of your browser by controlling what Flash programs execute when you visit a web site.
- Usefulness: MUST HAVE (for security)
- Category: Security
- Side Effects: unknown
- Conflicts: If running QuickJava be sure to enable Flash via the F button on the bottom right of the browser.
- Similar Extensions: Stop Autoplay
- Read: Adobe GetPlus DLM Vulnerability before you install Adobe Flash Player - has instructions for installing Adobe Flash Player without Adobe DLM.
- VLT: 1.5.15.1
Flash Game Maximizer
Click a button or hit the hot-key to maximize (almost) any Flash content to the entire browser window. You can then enjoy your favorite games in any size you like, simply by resizing the browser window. Now with less bugs and more features...
Particularly useful when watching streamed television events from sites that do not allow flash to full screen, or sites that present the flash window with annoying advertisement overlays.
- Category: User Control
- Side Effects: unknown
Flickr Original
Useful is you download images from flickr.com. Reduces the number of clicks to download the largest possible image. Adds "View Original Flickr Image" and "Download Original Flickr Image" options to the right-click context menu. The extension extracts the url of the Flickr image you select, parses out the image id, and sends it to a simple web service that uses the Flickr API to return the original image.
- Category: Functionality
- Side Effects: unknown
- Compatibility: Tested December 2011, 100% compatible with flickr.com
Image Toolbar
Image Toolbar is a clone of one of Internet Explorer's features and provides quick and easy access to a handful of image functions in a highly customisable way. The toolbar is activated by hovering your mouse cursor over an image. It will be displayed (by default) in the top left hand corner of the image, and allows you to save the image or perform other functions.
- Category: Convenience
- Side Effects: unknown
- VLT: 0.6.9
Java Console
Java Console Extension.
The Java Console extension is not supposed to impact the functionality of Java in Firefox. It just lets you monitor and debug running applets. Unless you're developing a Java applet, you probably have little use for it.
- Category: Developer
- Side Effects: The Java Console extension is no longer supported as of JRE 1.6.0.10, this update cleans and removes the Java Console from Firefox 3.6.
Memory Fox
Attempting to reduce the browser's RAM Memory usage promoting the increase of available RAM memories for other application processes RAM memory requirements. Memory Fox constantly flushes Firefox memory.
Usefulness: moderate Category: stability Side Effects: performance related Conflicts:
NoScript
In light of recent browser hijack and malware such as the Internet Security 2012 Virus it is highly recommended that users install and learn to use this extension. It allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, guarding your "trust boundaries" against cross-site scripting attacks (XSS), cross-zone DNS rebinding / CSRF attacks (router hacking), and Clickjacking attempts, thanks to its unique ClearClick technology. It also implements the DoNotTrack tracking opt-out proposal by default.
note: incompatibility with online banking: resolve. Issue: even with "allow scripts globally" and allowed domains many major online banking sites will not function with this extension active. NoScript had to be completely disabled for online banking. Resolution: Options -> Advanced - > uncheck "Turn cross-site POST requests into data-less GET requests"
- Usefulness: Recommended (for security)
- Category: Security
- Side Effects: may conflict with other plugins.
- Conflicts: impacts but does not nullify QuickJava 1.7.5. Although it works ok with Flashblock 1.5.15.1., it is no longer necessary to use Flashblock when running NoScript (redundancy). Other similar plugins also redundancy; possibly QuickJava.
- VLT: 2.2.3
configuration tip: Goto Firefox about:config and change boolean parameter noscript.firstRunRedirection to disable annoying NoScript homepage after update (because updates are very frequent). Set noscript.firstRunRedirection to False.
NoSquint
NoSquint improves your browsing experience by giving you the tools you need to combat small fonts and unreadable colors on the web.
- Category: Aesthetics / Accessibility
- Firefox Configure: about:nosquint
- Side Effects: unknown
QuickJava
Allows quick enable and disable of Java, Javascript, Flash, Silverlight and Images from the Statusbar and/or Toolbar without having to open any dialogs!
- Usefulness: SHOULD HAVE (for security)
- Category: Security
- Side Effects: unknown
- Conflicts: If running Flashblock keep in mind Flash must be enabled via this extension's control also. There is no technical conflict with that extension.
Read Easily
Allows you to turn on or off CSS with a convenient key combinations. Instead of EDIT, VIEW, PAGE STYLE, NO STYLE, now you can simply press Cntl-Alt-Z. This is handy for web developers and for testing purposes. It is also handy for image harvesting from sites like flickr that attempt to hide images behind hidden elements.
- Category: Aesthetics / Accessibility
- Side Effects: unknown
RightToClick
Stops javascript annoyances such as forbidden right click, forbidden text selection or cascading dialog boxes. Particularly useful for web sites where the webmaster thinks a javascript will prevent you from using the right click - save image as, to copy images from the web site.
Fails in lab test on machine with FF8, Win7, Noscript, and a few other plugins when tested against flickr protected images
- Category: User Control
- Side Effects: unknown
- Conflicts: need to test with NoScript and Toolbar Buttons
- VLT: 2.8.7
Screengrab
It will capture what you can see in the window, the entire page, just a selection, a particular frame... basically it saves webpages as images - either to a file, or to the clipboard. It captures Flash too!
Update: It’s no longer supported and will not be developed any further. The last version works with Firefox 6. Announcement Some alternatives are 1) Screenshoter - which as of 1.01 works with FF 8.0 and 2) Pearl Crescent Page Saver Basic - which is reported to have some glitches.
- Category: Functionality
- Side Effects: unknown
- Compatibility: incompatible with Firefox 8.0
Screenshooter
It will capture what you can see in the window, the entire page, just a selection, a particular frame. This is being tested as a suitable replacement for the Screengrab extension due to Screengrab obsolescence.
- Category: Functionality
- Side Effects: unknown
Secure Login
Secure Login is a login extension for Mozilla Firefox integrated password manager. Its main feature is similar to Opera's (the browser) Wand login.
Opera's Wand handles saved passwords in a more logical and useful fashion than Firefox. This plugin gives Firefox that Opera behavior when it comes to saving your passwords. NEVER save passwords for online banking, credit card, or other financial web sites. This saves your passwords in a file on your harddrive, and even if encrypted, is still a risk to your security. As for other web sites, such as online forums and web based email, this extension makes logging in more convenient.
- Category: Convenience
- Side Effects: possible security considerations in regards to saved passwords
Toolbar Buttons
This extension adds buttons to the Customize Toolbar Window. To move them from there to the Toolbar you must right click the toolbar and press customize, select what buttons you want to use and drag them to the toolbar.
- Category: Aesthetics / Accessibility
- Side Effects: unknown
Web Developer
Adds various web developer tools to a browser. The extension is available for Firefox and Chrome, and will run on any platform that these browsers support including Windows, Mac OS X and Linux. Developed by Chris Pederick.
- Category: Developer
- Side Effects: unknown
- VLT: 1.1.9
Take Back Control!
The concept behind hyper text and the world wide web was to empower people, giving them access to information linked in ways and available in levels never before imagined. In the late 1990's the tide started to shift alarmingly towards limiting information, restricting access to culture and media, and replacing useful information with useless commercial advertising. Those working against the open nature of the Internet wish to restrict your ability to control what you can and can't see while browsing online. Then, taking it further, forcing you to see content that is undesired, or forcing their way into your computers and your lives. Thanks to the Mozilla Firefox plugins and extensions development community, users now have some useful tools to take back control over their web browsing experience.
The Adobe Flash Player Plugin is one of the most dominating and insecure control-ware apps that's infiltrated web development and web browsing since the popularization of the modern world wide web. It is a sad reality that so many developers have adopted its use that it has become a necessary evil for the web user. Even some online banking web sites now require Flash. It defies commonsense. Flash allows foreign code to be executed on your computer, without your permission. Flash is the security hole which can allow a virus to infect your system or a backdoor's installation allowing a stranger full access to your private computer data. But we must have Flash installed, as the end user, in order to utilize the modern web, so we need to take all reasonable precautions to reduce the threat posed by the obnoxious browser plugin.
Some of the extensions mentioned here allow you to control when the Adobe Flash Player is allowed to run. However, even updating Flash has become a security nightmare. Adobe now forces spyware onto your system during a simple Flash upgrade, known as the Adobe GetPlus DLM Vulnerability. The Mozilla Firefox web site doesn't help matters by constantly prompting you to update Flash after a browser update, which leads to the installation of Adobe's latest piece of spyware known as GetPlus.
keywords: addon add-on addons add-ons plugin plugins plug-in plug-ins extension firefox mozilla