Alan Baxter wrote:Glad you found a way to fix your "laggy DNS results" problem. I haven't had any vague hangs, so it's not a problem for me.
Linux, or more precisely Ubuntu has some dns quirks that I haven't encountered before in either OS X or XP - and I haven't time right now to delve into the mechanics of it all. This XP machine hasn't hung at all over the same period as the little Ubuntu one, so I'm betting it's the linux dns differences at least partly responsible.
I don't recall ABE providing protection against a man-in-the-middle attack like Perspectives does.
Well, I'm guessing until a few power users get cracking with it to show the way, but I imagine that ABE will allow much more precise https forcing, and I'm hoping that it will allow a very shut down set of pages when I want to visit a particular domain - so no bastard of a mitm can get a look in. Just guessing so far from the rules I've skimmed. Being more like Sargeant Schulz - I know nothing. Yet.
Will changing the browser.identity pref provide any additional protection against a man-in-the-middle attack?
That one with a 2 value puts a big coloured field up next to any https url, with the owner of the certificate's details in full. Thus giving a good visual reinforcement of the credentials of the url. And hopefully ringing a big buzzer if it doesn't agree with a hijacked url. I think it was discussed in the hackademix post on "sslStrip" - no time to even look for that right now. Spending all day cleaning all the gutters on my water catchment after a very long drought, and falling asleep when I sit at the desk doesn't help either
I suppose that kind of attack isn't possible unless your DNS can be compromised, and unlikely in any event. I guess you're safe enough without Perspectives.
That's the thinking. I'm relying on doing all the right things like using bookmarks for https logons, and watching for browser feedback and having a separate profile for banking (making that session stay only within the bank's domain) from a couple of extensions such as ShowIp.
When the Big DNS Scare of 2008 was on, I ran exclusively with Open DNS. But I did my research on this isp and they are top of the security pops in town, so I've relaxed again and use their servers.
What I do above all is to make sure the bank manager knows me and will go in to bat for me if there's any fraud - which touch wood there hasn't yet been.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:220.127.116.11) Gecko/2009042316 Firefox/3.0.10