1176752 - Allow 3rd Party Security provider to integrate with Firefox for protection

Status: UNCONFIRMED

(Core :: Security, enhancement)

Description

[naer.chang]

User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36

Steps to reproduce:

This is more of a feature request. In general there are many software like SiteAdvisor ROT, and other app that provides URL/File rating and search result annotation (same as URL rating but shows the result beside each links). You may say vendors already provide this functionality - true - but it's not the best way to do it.


Actual results:

Firefox does not allow 3rd party vendor to easily provide security for the user. This is especially true for mobile (iOS is closed OS and this would solve alot of issues). This leads to alot of hacks at times (like script scanner) or alot of efforts to follow Firefox's rapid release schedule (test everything every 3 months?)


Expected results:

Firefox should provide ways for itself to be able to use 3rd party security content in order to give the user most security with best performance and stability.

Protections required (first two already exist in Firefox with Google's Safe Browsing API, unless this changed in recent years):

1) URL reputation - on main URL load validate page reputation rating
2) File reputation - at end of file download you may do reputation check (do nothing with presence of AV or allow AV vendors to take action: either file scan or reputation check).
3) IP reputation rating
4) Certificate reputation check - after server certificate has been downloaded before doing validation have opportunity to do reputation check. As we know malicious site can have valid certificate.
5) Script scan (give opportunity to scan the script before it's being converted in the state machine; if eval() is available make give opportunity to scan here very important)
6) On page load insert annotation javascript on the page (just let vendors specify annotation javascript for annotation purpose; and allow content security policy rule to have an exception). This seems dangerous but that's what vendors are doing right now (more than a dozen).
7) Password/secret protection (optional) - that's something 3rd party can't really do without binary help - for example Google's Vault microSD, Intel's SGX (memory protection), Arm's TrustedZone. Secure browsing should be truly secure in every sense of the word (secure: keyboard, screen, memory, disk, crypto lib, URL, etc). Make this optional for now.

Firefox will provide any popup or prompt and caching (have placeholder for the concept, currently I am not aware of 3rd party doing caching in this space but I know Safe Browsing has local cache, I think Firefox uses it; Chrome does definitely). 3rd party vendors will provide REST API info (standardized, and later pushed to the industry at large), annotation javascript URL, UI customization URL (define what format can be used by the browser). A good candidate to start is iOS because Apple doesn't allow browser plug-in (Android allows it) but all operating system should use this new design (default behavior can fallback to existing Firefox mechanism: URL and File reputation only). It's not mentioned but spam filtering can follow the same design.

From user's perspective. From "Security" configuration page they can customize content provider the same way they chose different search engine under "Search".

From vendor's point view this will make their life so much easier with Firefox.

From Firefox's point of view this is a step forward. With URL reputation rating in place there is an opportunity for Firefox to do parental control whenever the content supports it! There is a number rating on the reputation of the site (unknown, safe, unsafe, etc) and a category info (Ad site, porn, news, etc) Vendors will provide rating/category and string mapping for UI display, etc.