SeBa - FireFox add-on to improve comprehensibility in the address bar
The address bar contains a number of useful information concerning whether or not there might be a phishing attempt or if there is a secure encryption. This add-on aggregates all those information and puts them in an easily assessable toolbar.
Unfortunately, the Add-On is currently not available as Firefox changed the API. If you are interested in helping fixing the problems let us know. |
Working Principles
The first part contains a specification of the underlying security level. There are three different levels:
- Low (http): Data is transferred in an insecure (unencrypted) way. Server (Host) identity is not verified.
- Medium (https): Data is transferred in a secure (encrypted) way. Server identity is not substantially verified.
- High (https): Data is transferred in a secure (encrypted) way. Server identity is verified.
We recommend not to enter any data if the security level is low. You can attempt to manually change the security level of a webpage by adding the letter “s” to “http” in the address-bar and pressing “enter”.
Additionally the toolbar displays Information about the Host of the webpage you are actually visiting. To be safe against phishing attacks you can validate which page you are on by checking this information.
Follow these steps for validation:
- Validation is important especially on low and medium security level.
- It is important to compare letter by letter (therefore we chose a straightened out notation). Otherwise it might be hard to spot errors, e.g. “Mircosoft” (the letters “r” and “c” are swapped).
- If you are not sure whether the host is correct you should enter the address manually in the address-bar.
Das Add-On needs Firefox Version 23 or later.
If you have any Problems or Criticism please feel free to contact website(a-t)secuso.org.