[ale] firefox question
Greg Freemyer
greg.freemyer at gmail.com
Mon Aug 6 12:52:49 EDT 2007
On 8/6/07, Preston Boyington <preston.lists at gmail.com> wrote:
> Greg Freemyer wrote:
> > All,
> >
> > With the recent release at Blackhat of the gmail hack:
> >
> > I want to configure Firefox (Linux & Windows installs) to not allow
> > access to http:/mail.google.com, but to allow access to
> > https://mail.google.com
> >
> > Note the http vs. https difference.
> >
> > Is this possible in Firefox itself? I want to avoid using other
> > infrastructure due to traveling laptops running Windows etc.
> >
>
> I am noticing that when I now type www.gmail.com into my browser(s) I am
> automatically redirected to https:// login. gmail made adjustments?
As David said (and I just verified at 1pm):
If you enter: http://gmail.com you get redirected to a secure page for
login, but back to a normal http page for normal usage.
It is on the normal usage page that the newly released hack works.
OTOH, if you initially enter https://gmail.com, then you stay in
encrypted pages for the duration of your session and as I understand
it the new hack fails.
Thus my desire to blacklist http://mail.google.com for all of our
corporate PCs, etc.
Greg
--
Greg Freemyer
Litigation Triage Solutions Specialist
http://www.linkedin.com/in/gregfreemyer
The Norcross Group
The Intersection of Evidence & Technology
http://www.norcrossgroup.com
More information about the Ale
mailing list