Tiny Deathstars of Foulness

Firefox describes their malware posture at which heavily leverages Google SafeBrowsing, as do many a browser. Settings for SafeBrowsing are set in the browser.safebrowsing.downloads.remote.enabled pref. To lock this pref, you would need to create an autoconfig.js file in 

/Applications/ that points to a firefox.cfg file with a lock pref in it. To do so, create the autoconfig.js file and paste in these settings:

// Configure SafeBrowsing
pref("general.config.filename", "firefox.cfg");
pref("general.config.obscure_value", 0);

Then create the firefox.cfg file and paste in these settings:

// Configuring SafeBrowsing
lockPref("browser.safebrowsing.downloads.remote.enabled", TRUE)

Live Firefox preferences can be seen at /Users/charles.edge 1/Library/Application Support/Firefox/Profiles/*.default. Because SafeBrowsing is enabled by default, you shouldn’t see it listed unless it’s been disabled. But you can confirm it’s doing its thing by parsing the contents of these settings:

user_pref("browser.safebrowsing.provider.google4.lastupdatetime", "1537457871853");
user_pref("browser.safebrowsing.provider.google4.nextupdatetime", "1537459685853");
user_pref("browser.safebrowsing.provider.mozilla.lastupdatetime", "1537457872202");
user_pref("browser.safebrowsing.provider.mozilla.nextupdatetime", "1537461472202");

September 21st, 2018

Posted In: Mac OS X, Mac Security

Tags: , , ,