Mozilla Firefox will soon warn the users if they are visiting a compromised website, a similar feature to Google which shows “this site may be hacked” alert when a request for hacked website is made.
To implement this Mozilla has collaborated with the breach alerting service Have I Been Pwned to notify the users about data breached sites through the Firefox UI and offer educational information. HIBP is a popular website that allows the users to check if their email ID and passwords have been leaked by any hackers that are often sold on the dark web and Mozilla will source the site’s data to identify any data dumps by hackers.
“This is an addon that I’m going to be using for prototyping an upcoming feature in Firefox that notifies users when their credentials have possibly been involved in a data breach,” Mozilla developer Nihanth Subramanya wrote in his GitHub repository.
“I chose to make it a legacy addon to make it easy to port into Mozilla-central in the future – it will likely involve window manipulation code.” According to The Register, Subramanya said, “The feature will help expose documentation/educational information about data breaches in the Firefox UI – for example, a ‘Learn more’ link in the notification mentioned above leading to a support page.”
It will “offer a way for interested users to learn about and opt for a service that notifies them (e.g. via email) when they may be affected by breaches in the future.”
Troy Hunt, the security expert behind HIBP confirmed to Engadget that the feature is still in development. “I’m pleased to see Mozilla wanting to bring the issue of these breaches to the forefront of people’s minds, especially given the reach they have via Firefox, they have the opportunity to raise awareness at a pretty serious scale.”
“Firefox is just looking at which sites have been breached and we’re discussing other ways of using the data in the future. They’ve got a broad reach and surfacing this info via Firefox is a great way to get more exposure to data breaches,” said Hunt.
“I’ve been working with Mozilla on this, We’re looking at a few different models for how this might work, the main takeaway at present is that there’s an intent to surface data about one’s exposure directly within the browser,” he added.