blues

Emsisoft Internet Security: MITM & MITB (Firefox Extensions)

Recommended Posts

Reference the following thread:  https://support.emsisoft.com/topic/9981-emsisoft-internetsecuritypack-and-zemana-antilogger/

 

Fabian,

In light of the information you provided in the thread referenced above...given the effectiveness of EAM & OA (Emsisoft Internet Security) in protecting against Man In The Browser attacks, do you recommend Firefox browser extensions that enforce connections to SSL / HTTPS where available?  Are they needed or do they provide additional security?  

(The specific extensions I am discussing would be HTTPS-Everywhere (including its SSL Observatory) and HTTPS Finder).

Or, do those extensions provide useful protection against Man In The Middle (as opposed to MITB) attacks which Emsisoft Internet Security does not already address?

Frankly, as you recommend in the referenced thread, I'd rather pare down the potential duplication of coverage and possible conflicts when and where possible, and if these sorts of extensions are superfluous, well then they can be dispensed with.

 

The only fly in the ointment that I can see (potentially) is the failure of OA's Web Shield to function properly within Sandboxie. But I'm not sure if that would be a factor or not in your answer.

Thank you for your time and info.

Share this post


Link to post
Share on other sites
Or, do those extensions provide useful protection against Man In The Middle (as opposed to MITB) attacks which Emsisoft Internet Security does not already address?
A firewall in general is completely unable to detect all man in the middle attacks. It is just not possible, as after all the firewall just sees what is going on on your system. Your packets though will most likely pass dozens of system on their way to their destination.

HTTPS in general helps against man in the middle attacks and if you are concerned about them, using an add-on that prioritizes HTTPS over HTTP when available will certainly make your life easier. Keep in mind though that HTTPS is far from perfect and potential MITM attacks for HTTPS do indeed exist. They are rather difficult to pull of though and as a normal user you shouldn't worry to much about it, unless of course you aren't a normal user but the number one enemy of a state that operates a CA trusted by most browsers by default. Then you may want to start writing down those certificate fingerprints/hashes and compare them every time you connect through HTTPS.

Share this post


Link to post
Share on other sites

Thanks, Fabian.  The unfortunate wholesale granting of certificates without proper vetting has really broken the integrity of the system.  
It will be interesting to see how this evolves going forward.

I appreciate your willingness to discuss and share your expertise on these issues with us.  
It's certainly a fine line (for the average user like myself) to find a happy medium where security, functionality and ease of use can coexist.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.