Firefox is ready to protect against potentially dangerous downloads

The internet is undeniably a dangerous place – at least potentially – and all mainstream browsers (opens in a new tab) have gradually upgraded their games in recent months to provide increasing levels of protection.

Although there has been a general and constant move towards HTTPS (opens in a new tab)this is certainly not the case everywhere.

One of the problems internet users have is visiting an HTTPS site and downloading a file, only to find that the transfers are coming from an insecure server – so-called “mixed content”. This is something that future versions of Firefox (opens in a new tab) will protect against.

Mozilla says the upcoming Firefox 92 will block downloads that are delivered over an insecure connection. The content of the download is not scanned, the mere fact that an insecure connection is used as the delivery method is cause for concern.

If you attempt to download a file that does not meet Firefox’s security standards, you will be greeted with a message stating: “File not downloaded. Potential security risk. The file is using an insecure connection. It may be corrupted or tampered with during the download process. You can search for another download source or try again later.

keep it safe

Although this feature is currently only visible in the unreleased version of Firefox 92, it looks like Mozilla will enable it by default. Clearly the idea is to improve security for all users, and that should be welcomed, but the choice is always welcome. As such, it’s possible to disable the security feature if you have a particular need, although it’s not an obvious setting to discourage occasional disabling.

If you want or need to lower your security settings for any reason, you can follow these steps:

  1. Launch Firefox and visit about: setup
  2. Click on Accept the risk and carry on if a warning message appears
  3. To research block_download_insecure
  4. Double-click the value to toggle the setting to Fake to deactivate the protection function

If you want to try out the latest Firefox features, the latest beta is available for download here (opens in a new tab).


Analysis: Copying security functions benefits everyone

Web browsers are often “inspired” from each other, borrowing features from the left, right, and center. There’s a school of thought that suggests this could ultimately lead to such a level of consistency that it doesn’t matter which browser you choose to use. Whether or not this is true is hard to say, but there is one area where copy features are welcome: security.

The problem with mixed content is that site visitors can be lulled into a false sense of security. People have gotten used to checking that a site is secure, looking for security certificates and signs of using HTTPS, but this is more difficult when it comes to downloads. While there are always those who decry software that offers hands-on of any kind, it’s clearly beneficial when it comes to security.

Feature plagiarism may be something users and developers tend to frown upon, but when it comes to making the internet safer, it’s hard to object too much.

Going through Techdows

Sam D. Gomez