User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a4) Gecko/20040915 Firefox/0.9.1+ Build Identifier: Currently TB has several settings for security and privacy, but most users does comprehend how settings add to security and privacy. My request is an enhancement to put all the current and several new security and privacy features in different zones. I've made an example in HTML, which I'll attach shortly. Reproducible: Always Steps to Reproduce: 1. Open preferences 2. Go through all sections Actual Results: You'll see different security and privacy settings, not grouped together. Expected Results: All security and privacy settings should be grouped in zones.
Created attachment 159191 [details] Different security and privacy zones (Restricted, Safe but usable, Insecure and Custom)
typo: most users does comprehend should offcourse be: most users don't comprehend
This is an automated message, with ID "auto-resolve01". This bug has had no comments for a long time. Statistically, we have found that bug reports that have not been confirmed by a second user after three months are highly unlikely to be the source of a fix to the code. While your input is very important to us, our resources are limited and so we are asking for your help in focussing our efforts. If you can still reproduce this problem in the latest version of the product (see below for how to obtain a copy) or, for feature requests, if it's not present in the latest version and you still believe we should implement it, please visit the URL of this bug (given at the top of this mail) and add a comment to that effect, giving more reproduction information if you have it. If it is not a problem any longer, you need take no action. If this bug is not changed in any way in the next two weeks, it will be automatically resolved. Thank you for your help in this matter. The latest beta releases can be obtained from: Firefox: http://www.mozilla.org/projects/firefox/ Thunderbird: http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html Seamonkey: http://www.mozilla.org/projects/seamonkey/
Still, I think this could feature could be very useful.
I just added a fairly detailed comment to bug 169106 (Network "zone" manager), which I interpreted as being similar to this one. The bottom line is: Without such facilities, a lot of FF's perceived security advantages over IE will evaporate if MS makes IE's security settings distinguish between scripting for DHTML (the worst this can do is push ads) and scripting for HTAs (which have been used to install malware). If MS separates DHTML and HTAs while FF does not provide something like zones, MS can claim that IE offers security / privacy facilities which are easier to manage and therefore safer for the user.
Is this then not a dupe of 169106? It pretty much covers both.
(In reply to comment #6) > Is this then not a dupe of 169106? It pretty much covers both. I'd say related, not a dupe, because this RFE is really about the Mail / News component, rather than the Network component. I'd like to see some zones implemented that regulate the handling of messages rather than "some sections of the Internet". Wouldn't it be a good idea to derive different RFEs for mail / news (this bug) and websites from bug 169106, because the are essentially different?
Brian any thought on what is proposed here ?
Generally speaking I don't think security zones are going to be usable for the average person. If someone sends you an attachment and you want to see it but your security zone settings don't allow it you'll just change the settings. This tends to negate the value of the settings as it just becomes the bar you keep lowering to do what you want. Much of this needs to be done in a larger vision taking into account the impact on the user interface and not just settings. However unless this were implemented as an extension or some kind of patch to work it with it is hard to see the benefits and trade offs that would occur with this design. I have to mark this WONTFIX for the project to note that we're not going to work on it, however reopen the bug if you have an extension or working patch toward this goal.