[ale] firefox question

Randy Ramsdell rramsdell at livedatagroup.com
Mon Aug 6 14:58:39 EDT 2007


Randy Ramsdell wrote:
> Greg Freemyer wrote:
>   
>> On 8/6/07, Preston Boyington <preston.lists at gmail.com> wrote:
>>   
>>     
>>> Greg Freemyer wrote:
>>>     
>>>       
>>>> All,
>>>>
>>>> With the recent release at Blackhat of the gmail hack:
>>>>
>>>> I want to configure Firefox (Linux & Windows installs) to not allow
>>>> access to http:/mail.google.com, but to allow access to
>>>> https://mail.google.com
>>>>
>>>> Note the http vs. https difference.
>>>>
>>>> Is this possible in Firefox itself?  I want to avoid using other
>>>> infrastructure due to traveling laptops running Windows etc.
>>>>
>>>>       
>>>>         
>>> I am noticing that when I now type www.gmail.com into my browser(s) I am
>>> automatically redirected to https:// login.  gmail made adjustments?
>>>     
>>>       
>> As David said (and I just verified at 1pm):
>>
>> If you enter: http://gmail.com you get redirected to a secure page for
>> login, but back to a normal http page for normal usage.
>>
>> It is on the normal usage page that the newly released hack works.
>>
>> OTOH, if you initially enter https://gmail.com, then you stay in
>> encrypted pages for the duration of your session and as I understand
>> it the new hack fails.
>>
>> Thus my desire to blacklist http://mail.google.com for all of our
>> corporate PCs, etc.
>>
>> Greg
>>   
>>     
> Why not just firewall that address? Not sure if it gets easier than that
> as long as your network is set up with a firewall.
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>   
Sorry, just read your first post and so the solution I suggested is not
really answering your question.



More information about the Ale mailing list