Firefox Secretly Loads Webpages On Hover

Posted on by Security Zap

New “bug” was discovered in Mozilla’s very own browser Firefox, which loads webpages upon hovering on link. Most modern browsers use prefetching method (loading webpages in cache before user actually visits a website) in order to load pages faster, however requesting a website content by just hovering on it endangerous many users.

Firefox Problem

 

Hackers often redirect users to malicious URL-s in order to gain access to victims computers. Cyber criminals host malware on servers and if user does not have a required protection, upon requesting a specially crafted link, server will issue malicious code and thus infect a computer.

Meaning that if user visit a legitimate webpage that has links to malicious software, users device will be compromised with a single hover.

As it appears this “bug”  is a result of Mozilla’s new connect API. According to Mozilla Developer blog this is not a “bug” but a “feature”, because it makes browsing experience faster and easier.

nsISpeculativeConnect lets the networking layer begin setting up TCP and, if appropriate, SSL handshakes to save time when the connection is actually opened later.

Solution

We recommend to disable this feature in order to protect your privacy. Here is how to do it:
  1. Open Firefox
  2. Type about:config in URL field
  3. If you receive a notification pop-up click yes
  4. In the search bar write network.http.speculative-parallel-limit
  5. Double click a line that appears or right click and choose modify
  6. Change the value to 0
  7. Click OK

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.