Alexander’s Blog

The other day, while working at a client on a consulting assignment, I was using my Firefox browser and going through my client’s proxy server. I was able to connect to most sites but not all. For example, I wasn’t able to get to a KB article that I needed on Microsoft’s Web site.

When I entered the proxy server address in Internet Explorer (IE) and tried to connect to the sites that I couldn’t connect in Firefox, I was able to connect just fine. Then I switched to Firefox and was able to connect to all the sites that I couldn’t connect earlier. So what I discovered is this. When you use Firefox’s IE Tab Add-on (that lets you run the IE engine in a Firefox tab) it doesn’t just mimic IE behavior, it actually uses IE settings as well, such as the proxy server settings that are configured in IE. Hope this helps you if you run into this situation some day.

As you may know Mozilla Foundation started in 2003 after Netscape closed it’s browser division on July 15. If you type about:mozilla in the address box you well see the following subliminal message from Mozilla that refers to fire (Firefox) and thunder (Thunderbird) from the so-called The Book of Mozilla, 7:15. The numbers 7:15 refer to the date Netscape ceased to exist and Mozilla was born.

Microsoft is providing a free virtual PC hard disk image containing a pre-activated Windows XP SP2, and either IE6 or IE7 and the IE7 Readiness Toolkit to help facilitate your testing and development. The image is time bombed and will no longer function after a specific date. At the time I wrote this blog the Virtual PC image was set to expire on December 7, 2007. The previous image expired on April 1, 2007. Chances are that Microsoft will continue to extend this deadline. According to Microsoft Product Manager Pete LePage, Microsoft hopes to continue to provide these images in the future as a service to Web developers. As Pete LaPage explains in his blog, you don’t even have to buy an additional Windows license.

These images are supported on Windows Server2003, Windows Vista, and Windows XP operating systems.

Click here to download these free image.

Mozilla has taken another security blow with the discovery that Google user accounts can be accessed through a dangerous Firefox exploit.

The vulnerability, which is still in the wild some 10 days after its discovery on gnucitizen.org, allows hackers to access Google accounts, including Gmail, with cross-site scripting attacks.

A client or server-side exploit can be inserted into .zip files via open document formats from Microsoft Office 2007 and OpenOffice, and uploaded to a server where the Firefox JAR protocol extracts the compressed data.

While Mozilla has not issued a solution to the problem, application firewalls and proxy servers can be used to block Windows Universal Resource Identifiers (URIs) that contain the JAR protocol, while Web administrators can use a reverse proxy to prevent malicious content from being uploaded.

Users can download a NoScript add-on for Firefox to block JavaScript and executable content from untrusted Web sites, and can secure their Google accounts by remaining signed out whenever possible.

Read this entire story as reported by PC World.

Mozilla Firefox can protect your saved certificates and passwords with a master password. If you want to reset the master password, you can simply provide the current password and reset it to a new one. However, if you forget your master password then you are in trouble and will not have the option to change the existing password.

You can reinstall Firefox over an existing version, or you can even remove Firefox completely and reinstall a fresh copy, you still will not be able to reset the master password. But here’s a method that you can use to reset the master password in Firefox. Type the following command in the address box in your browser and then click the reset button in the lower right corner, as shown in the graphic.

chrome://pippki/content/resetpassword.xul

If you run into a situation where the above method does not work, then you may need to hack the password using a Firefox master password recovery tool, such as FireMaster.