Articles tagged: Security

1. 1
2. 2
3. Next

Found 147 documents

• Archive/Firefox_OS/Debugging/Debugging_and_security_testing This guide includes the following subsections:
• Archive/Firefox_OS/Debugging/Intercepting_traffic_using_a_proxy Working with apps that are nothing but HTML and JavaScript, you'll find that a lot of the really ...
• Archive/Firefox_OS/Debugging/Testing_in_a_privileged_context This article takes you through how to test privileged apps before they are submitted to a ...
• Archive/Mozilla/Plug-n-Hack Plug-n-Hack (PnH) is a proposed standard from the Mozilla security team for defining how ...
• Archive/Mozilla/Plug-n-Hack/Plug-n-Hack_Get_Involved While this project has been started by the Mozilla Security Team and has been validated with ...
• Archive/Mozilla/Plug-n-Hack/Plug-n-Hack_Phase1 Plug-n-Hack (PnH) phase 1 allows easier integration and defines how security tools can advertise ...
• Archive/Mozilla/Plug-n-Hack/Plug-n-Hack_Phase2 The next phase of Plug-n-Hack (PnH) is still being planned but is intended to allow browsers to ...
• Archive/Mozilla/Plug-n-Hack/Plug-n-Hack_Tools_Supported
• Archive/Security/Digital_Signatures Encryption and decryption address the problem of eavesdropping, one of the three Internet ...
• Archive/Security/Encryption_and_Decryption Encryption is the process of transforming information so it is unintelligible to anyone but the ...
• Archive/Security/Introduction_to_Public-Key_Cryptography Public-key cryptography and related standards and techniques underlie the security features of ...
• Archive/Security/Introduction_to_SSL This document introduces the Secure Sockets Layer (SSL) protocol. SSL has been universally ...
• Archive/Security/SSL_and_TLS The Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols are universally ...
• Bypassing_Security_Restrictions_and_Signing_Code Early versions of Firefox allowed web sites to segregate principals using signed scripts, and ...
• Displaying_web_content_in_an_extension_without_security_issues One of the most common security issues with extensions is execution of remote code in privileged ...
• Garbage_MixedContentBlocker Starting with Firefox 23, Firefox blocks active mixed content by default. This follows a ...
• Glossary/Certificate_authority A certificate authority (CA) is an organization that signs digital certificates and their ...
• Glossary/Certified Certified means that an application, content or data transmission has successfully undergone ...
• Glossary/CIA CIA (Confidentiality, Integrity, Availability) (also called the CIA triad or AIC triad) is a ...
• Glossary/Cipher In cryptography, a cipher is an algorithm that can encode cleartext to make it unreadable, and ...
• Glossary/Ciphertext In cryptography, a ciphertext is a scrambled message that conveys information but is not legible ...
• Glossary/Cipher_suite A cipher suite is a combination of a key exchange algorithm, authentication method, bulk ...
• Glossary/CORS CORS (Cross-Origin Resource Sharing) is a system, consisting of transmitting HTTP headers, ...
• Glossary/Cross-site_scripting Cross-site scripting (XSS) is a security exploit which allows an attacker to inject into a ...
• Glossary/Cryptanalysis Cryptanalysis is the branch of cryptography that studies how to break codes and cryptosystems. ...
• Glossary/Cryptographic_hash_function A cryptographic hash function is a cryptographic primitive transforming a message of arbitrary ...
• Glossary/Cryptography Cryptography, or cryptology, is the science that studies how to encode and transmit messages ...
• Glossary/CSRF CSRF (Cross-Site Request Forgery) is an attack that impersonates a trusted user and sends a ...
• Glossary/Decryption In cryptography, decryption is the conversion of ciphertext into cleartext.
• Glossary/Denial_of_Service DOS (Denial of service) is an attack on computers or networks that restricts or prevents ...
• Glossary/Digest A digest is a small value generated by a hash function from a whole message. Ideally, a digest ...
• Glossary/Digital_certificate A digital certificate is a data file that binds a publicly known cryptographic key to an ...
• Glossary/Distributed_Denial_of_Service A Distributed Denial-of-Dervice (DDoS) is an attack in which many compromised systems are made ...
• Glossary/DOS_attack DoS (Denial of Service) is a network attack that prevents legitimate use of server resources by ...
• Glossary/Encryption In cryptography, encryption is the conversion of cleartext into a coded text or ciphertext. A ...
• Glossary/firewall A firewall is a system that filters network traffic. It can either let it pass or block it, ...
• Glossary/https HTTPS (HTTP Secure) is an encrypted version of the HTTP protocol. It usually use SSL or TLS to ...
• Glossary/Key A key is a piece of information used by a cipher for encryption and/or decryption.
• Glossary/OpenSSL OpenSSL is an open-source implementation of SSL and TLS.
• Glossary/OWASP OWASP (Open Web Application Security Project) is a non-profit organization and worldwide network ...
• Glossary/Placeholder_names Placeholder names are commonly used in cryptography to indicate the participants in a ...
• Glossary/Plaintext Plaintext refers to information that is being used as an input to an encryption algorithm, or to ...
• Glossary/Port For a computer connected to a network with an IP address, a port is a communication endpoint. ...
• Glossary/Privileged Users are said to be privileged when they are granted additional rights to a system, or given ...
• Glossary/Session_Hijacking Session hijacking occurs when an attacker takes over a valid session between two computers. The ...
• Glossary/Signature/Security A signature, or digital signature, is a protocol showing that a message is authentic.
• Glossary/SQL_Injection SQL injection takes advantage of Web apps that fail to validate user input. Hackers can ...
• Glossary/TLS Transport Layer Security (TLS), previously known as Secure Sockets Layer (SSL), is a protocol ...
• Glossary/Validator A validator is a program that checks for syntax errors in code. Validators can be created for ...
• Learn/Drafts/website If you connect web servers to a network, you need to consider the security implications of doing ...
• Learn/Drafts/Web_security This competency demonstrates skills around the top of web security, which is a subset of ...
• Learn/Server-side/First_steps/Website_security This article has explained the concept of web security and some of the more common threats that ...
• Mozilla/Add-ons/Security_best_practices_in_extensions This document is intended as a guide for developers to promote best practices in securing your ...
• Mozilla/B2G_OS/PasscodeHelper_Internals PasscodeHelper is a Gaia helper library for modifying and checking the Firefox OS lockscreen ...
• Mozilla/B2G_OS/Security The following articles cover security-related topics about Firefox OS. This includes overall ...
• Mozilla/B2G_OS/Security/Application_security The key Web app security controls introduced by Firefox OS are:
• Mozilla/B2G_OS/Security/Security_model This document provides an overview of Mozilla's Firefox OS security framework, which is designed ...
• Mozilla/B2G_OS/Security/System_security This article provides an overview of the Firefox OS system security model; that is, it explains ...
• Mozilla/Firefox/Releases/2/Security_changes This article discusses changes that affect security in Firefox 2.
• Mozilla/Firefox/Releases/3.5/Security_changes This article covers security-related changes in Firefox 3.5.
• Mozilla/Gecko/DOM_Storage_implementation_notes This is a work in progress document at this stage helping review and land bug 600307.
• Mozilla/Gecko/Script_security Like any Web browser, Gecko loads JavaScript from untrusted and potentially hostile web pages, ...
• Mozilla/Marketplace/Publishing/Marketplace_review_criteria Here are Mozilla's expectations of what app review is and is not:
• Mozilla/Projects/Midas/Security_preferences To protect users' private information, unprivileged scripts cannot invoke the Cut, Copy, and ...
• Mozilla/Projects/NSS/Building This page has detailed information on how to build NSS. Because NSS is a cross-platform library ...
• Mozilla/Projects/NSS/JSS/JSS_Provider_Notes Newsgroup: mozilla.dev.tech.crypto
• Mozilla/Projects/NSS/Notes_on_TLS_-_SSL_3.0_Intolerant_Servers A number of Netscape 6.x/7.x and Mozilla users have reported that some secure sites -- typically ...
• Mozilla/Projects/NSS/NSS_3.16.2.1_release_notes Network Security Services (NSS) 3.16.2.1 is a patch release for NSS 3.16, based on the NSS ...
• Mozilla/Projects/NSS/NSS_3.16.2.2_release_notes Network Security Services (NSS) 3.16.2.2 is a patch release for NSS 3.16. The bug fixes in NSS ...
• Mozilla/Projects/NSS/NSS_3.16.2.3_release_notes Network Security Services (NSS) 3.16.2.3 is a patch release for NSS 3.16. The bug fixes in NSS ...
• Mozilla/Projects/NSS/NSS_3.16.5_release_notes Network Security Services (NSS) 3.16.5 is a patch release for NSS 3.16. The bug fixes in NSS ...
• Mozilla/Projects/NSS/NSS_3.16.6_release_notes Network Security Services (NSS) 3.16.6 is a patch release for NSS 3.16. The bug fixes in NSS ...
• Mozilla/Projects/NSS/NSS_3.17.1_release_notes Network Security Services (NSS) 3.17.1 is a patch release for NSS 3.17. The bug fixes in NSS ...
• Mozilla/Projects/NSS/NSS_3.17.3_release_notes Network Security Services (NSS) 3.17.3 is a patch release for NSS 3.17. The bug fixes in NSS ...
• Mozilla/Projects/NSS/NSS_3.17.4_release_notes Network Security Services (NSS) 3.17.4 is a patch release for NSS 3.17. The bug fixes in NSS ...
• Mozilla/Projects/NSS/NSS_3.18.1_release_notes Network Security Services (NSS) 3.18.1 is a patch release for NSS 3.18. The bug fixes in NSS ...
• Mozilla/Projects/NSS/NSS_3.18_release_notes The NSS team has released Network Security Services (NSS) 3.18, which is a minor release.
• Mozilla/Projects/NSS/NSS_3.23_release_notes The NSS team has released Network Security Services (NSS) 3.23, which is a minor release.
• Mozilla/Projects/NSS/NSS_Releases The current Stable release of NSS is 3.27.1, which was released on October 3, 2016. Instructions ...
• Mozilla/Projects/NSS/NSS_Sample_Code/NSS_Sample_Code_Sample_1_Hashing This is an example program that demonstrates how to compute the hash of a file and save it to ...
• Mozilla/Projects/NSS/NSS_Sample_Code/NSS_Sample_Code_Sample_2_Initialization_of_NSS This example program demonstrates how to initialize the NSS Database.  This program illustrates ...
• Mozilla/Projects/NSS/NSS_Sample_Code/NSS_Sample_Code_Sample_3_Basic_Encryption_and_MACi This example program demonstrates how to encrypt and MAC a file.
• Mozilla/Projects/NSS/NSS_Sample_Code/NSS_Sample_Code_Utililies_1 This is a library of utilities used by many of the samples.  This code shows the following:
• Mozilla/Projects/NSS/NSS_Sources_Building_Testing Getting the source code of Network Security Services (NSS), how to build it, and how to run its ...
• Mozilla/Projects/NSS/PKCS11 PKCS #11 information for implementors of cryptographic modules:
• Mozilla/Projects/NSS/PKCS11/FAQ NSS searches all the installed PKCS #11 modules when looking for certificates. Once you've ...
• Mozilla/Projects/Zest Zest is an experimental specialized scripting language (also known as a domain-specific ...
• Mozilla/Projects/Zest/Zest_runtimes As Zest is written in JSON it requires a runtime in order to be evaluated.
• Mozilla/Projects/Zest/Zest_tools The following tools currently support Zest:
• Mozilla/Projects/Zest/Zest_usecase:_Reproducing_Security_Vulnerabilities When security teams find vulnerabilities they typically describe them to developers using words, ...
• Mozilla/QA/Fuzzing Fuzzing is a technique for testing software using automated tools to provide invalid or ...
• Mozilla/Security An important aspect of developing code for any browser, including Firefox, as well as any ...
• Mozilla/Security/Exploitable_crashes This article will help you determine if a crash is exploitable, find crashes which are ...
• Mozilla/Security/Pinning_Violation_Reports If a site makes use of key pinning, and your browser sees a certificate chain for that site ...
• Mozilla/Security/Security_and_the_jar_protocol This article discusses security concerns with the jar: protocol, which only Firefox has ever ...
• Mozilla/Security/x509_Certificates X.509 (in this document referred as x509) is an ITU standard to describe certificates. This ...
• Mozilla/Signing_Mozilla_apps_for_Mac_OS_X Mac OS X's Gatekeeper functionality prevents users from launching applications that haven't been ...
• Mozilla/Tech/XPCOM/Reference/Interface/nsICRLManager Delete the crl.
• Mozilla/Tech/XPCOM/Reference/Interface/nsISecurityCheckedComponent In Gecko, a "capability" is a string identifying a set of actions that code is allowed to ...
• Mozilla/Tech/XPCOM/Using_nsIPasswordManager The code on this page will work with applications using Toolkit 1.8 and below such as Firefox ...

1. 1
2. 2
3. Next