New Firefox extension, Firekeeper, lets you surf safe

Criminals are defacing legitimate Web sites. Firekeeper actively scans every page before loading it into the Firefox browser

Robert Vamosi Former Editor
As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.
Robert Vamosi
2 min read

Do you trust that the Web site you're visiting is secure? By now most people know to avoid sketchy sites with complicated URLs, misspellings, or seedy graphics. But what about legitimate sites, such as the one for this year's Super Bowl, which was defaced just days before the event to include a link to a malicious Trojan horse?

In tests by CNET Reviews, we found that safe surfing tools such as the Netcraft toolbar and McAfee SiteAdvisor, while effective at stopping sites designed to be fraudulent by nature (aka phishing sites), tend to miss recently defaced legitimate sites. Newer tools like Exploit Prevention Labs Linkscanner Pro actively scan every page as it loads in your browser, blocking any the malicious components residing there, and allowing the sanitized page to display. Now the development team at Mozilla has created a new Firefox extension that also actively scans Web pages for malicious code.

The new extension is called Firekeeper and is still in development, but an alpha version is currently available for downloading and testing. We found this security extension to be very stable and useful, stopping access to at least one site known to CNET as compromised. In practice Firekeeper works like this: When malicious code is found on a site you are about to access, an alert dialog displays the URL of the site, the problem identified, references to security vulnerability reporting sites such as BugTraq, and, finally, actions you may wish to take: Block once, Allow once, Whitelist, or Blacklist. The configuration option allows you to add manually sites to the white or black lists.