Mozilla has always tried to find different ways to keep Firefox users safer when browsing the Internet. Over the years it has gotten progressively better at accomplishing this goal, but there is always room for improvement. Recently, Mozilla announced Firefox Breach Alerts, a new security measure that more or less turns an optional function into a permanent one.
Firefox Breach Alerts, currently an early development add-on, warns users when they have visited a known hacked website. As reported by Catalin Cimpanu of Bleeping Computer, the add-on, whose code is available on GitHub and is currently compatible only with Firefox Developer Edition, is being integrated as a permanent feature to Firefox in the near future.
Breach Alerts utilizes data compiled by Australian cybersecurity expert Troy Hunt’s website Have I Been Pwned. According to the Bleeping Computer report, Troy Hunt has confirmed that he is working with Mozilla to round out Breach Alerts’ early-status rough edges. In an interview with Cimpanu, Hunt stated the following:
I’ve been working with Mozilla on this… we’re looking at a few different models for how this might work, the main takeaway at present is that there’s an intent to surface data about one’s exposure directly within the browser.
As Cimpanu emphasizes, it is not enough to point out that a user is visiting a hacked website. Instead, he suggests that “Mozilla needs to pay close attention to the language and manner it shows these notifications to users.” By this he means that the company must definitively tell users to change credentials in case of coming into contact with compromised web pages.
The hope is that users will be able to see, with the assistance of Breach Alerts, not only that they are in danger, but also see what accounts of theirs have been put at risk or breached. This add-on’s development will be monitored and reported on as new data comes out about it.
Photo credit: Mozilla
