Safer browsing and Firefox Privacy
Firefox has several security and privacy features that help to keep you safer when you are browsing the web.
Privacy Settings
To improve your experience on the internet, Firefox stores a collection of data relevant to the sites you visit. For example, Firefox may store the following information as you browse:
- Visited page history: This allows you to go back to sites you've visited.
- Form and Search Bar entries: This remembers what you've filled out in the search bar and on forms on pages.
- Logins and passwords: Firefox will never store these without asking.
- Download list: This helps you find files you previously downloaded.
- Cookies: Cookies are small bits of information that sites use to save site preferences and sessions.
- Web cache: A cache stores pages you've already visited, greatly speeding up browsing.
- Browsing sessions: This allows Firefox to restore the tabs you had open.
Private Browsing
Firefox has a feature called Private Browsing where none of the above information is saved until Private Browsing is turned off.
To start Private Browsing, go to your menu and Select File > New Private Window.
- You will then enter Private Browsing mode, and the Private Browsing information screen will appear.
-
When browsing in Private Browsing mode, the Firefox window title will show (Private Browsing) during your session.
Privacy Preferences
You can tell Firefox what type of information you'd like stored, and even default to saving no browsing history at all.
- To configure these settings go to Preferences.
- From the Dropdown menu, select from Remember history, Never remember history, or Use custom settings for history.
- Choose Use custom settings for history, this will give very fine-grained control over privacy settings.
-
You can specify how long Firefox will remember your browsing history. The default is 90 days, but it can be changed to any value.
- You can define whether the location bar will suggest from your browsing history and/or bookmarks. Choose from the dropdown menu next to Location Bar in the dialog.
- Once the preferences are to your liking, click Close.
Firefox's privacy controls do not affect the fact that website will still log requests from your computer. The pages you request may also be visible to anyone monitoring network traffic on your local network. Firefox's privacy settings only control the information stored on your computer.
The Difference between HTTP and HTTPS
The Hypertext Transfer Protocol (HTTP) is the networking protocol used by browsers that allows communication between you and a site you are visiting. Because communication is transmitted in plain text it is unsafe, especially when using wireless networks. It is like transmitting a message with personal information on a postcard.
To solve this problem the Hypertext Transfer Protocol Secure (HTTPS) was invented to provide encrypted communication and secure identification of a network web server. Most major Web sites, including Google, Wikipedia, and popular social networking platforms such as Facebook and Twitter. can also be reached via a secure connection, but not necessarily by default. Note that most sites do not provide encryption.
Site Identity Button
The Site Identity Button is another Firefox security feature that gives you more information about every site you visit. Using the Site Identity Button, you can find out who owns the website, and who verified that ownership, and if the communication channel between you and the site is encrypted via HTTPS.
The Site Identity Button is in the Location bar to the left of the web address in the location bar.When viewing a website, the Site Identity Button will display in one of three colors - gray, blue, or green. Clicking on the Site Identity Button displays more details security and identity information about the website and a gray, blue, or green "Passport Officer" icon.
Gray - No identity information
When the Site Identity button is gray, that indicates that the site doesn't provide any identity information at all.
Most websites have the gray button, because they don't involve passing sensitive information back and forth.
However, if you are sending any sort of sensitive information (bank information, credit card data, Social Security Numbers, etc.) the Site Identity Button should not be gray.
Blue - Basic identity information
When the Site Identity button is blue, that indicates that the site's domain has been verified, and the connection between Firefox and the server is encrypted and protected against eavesdroppers.
When a domain has been verified, it means that the people who are running the site have bought a certificate proving that they own the domain .
You can see more information about the site by clicking the
button on the Site Identification dialog.Green - Complete identity information
When the Site Identity button is green, that indicates that the site provides fully verified identity information about its owner, and that the connection is encrypted.
Phishing and Malware Protection
Web Forgery (also known as “Phishing”) is a form of identity theft that occurs when a malicious Web site impersonates a legitimate one in order to trick you into logging in or filling out a web form, in order to steal this information. The Stop Badware site has a good list of the symptoms you might see if you're computer has been infected by malware (http://www.stopbadware.org/home/badware_symptoms).
When you see this web page appear while surfing the web, Firefox has worked in conjunction with the Stopbadware database of bad sites to identify a site that might put you at risk.
Phishing and Malware Protection works by checking the sites that you visit against lists of reported phishing and malware sites. The Phishing and Malware Protection feature is turned on by default.
You can test to see if Phishing Protection is active by trying to visit the phishing test site (http://www.mozilla.com/firefox/its-a-trap.html) or the malware test site (http://www.mozilla.com/firefox/its-an-attack.html) to confirm that Firefox is blocking attack sites.
If you happen to own a site or blog page that was attacked and you have since repaired it, or if you feel that your site was reported in error, you can request that it be removed from the lists.