Due to increased sophistication of methods used by cyber criminals, the prevalence of data breaches has risen considerably in recent years.
News of websites being the victims of hackers who seek to acquire their user data is quite common nowadays. The average internet user cannot be able to keep track of all the websites that have been compromised.
But, a recent development from Firefox browser seeks to address this problem.
Software engineers at Mozilla are currently developing a new feature in the Firefox browser that will warn users whenever they visit a website that has suffered a data breach.
The function will also avail information and guidance on how users can protect themselves in future. This notification system focuses on credential leaks that have occurred in the past.
The feature will utilize data provided by Have I Been Pwned?, which is a data breach alert website that indexes major data breaches.
The website documents more than four billion compromised accounts from hundreds of credentials leaks where the data is publicly available in the last five years.
Currently, an internet user can register their email address with the site to receive notifications in case their account’s security is ever compromised.
An integration of this service with Mozilla will allow the site to reach a wider audience. The project is currently in the prototype phase and is work in progress. Users can obtain and manage the code for this feature separately as an add-on.
Since the warning alert system is still in development, the code is not part of the Firefox codebase for now. But users can still access the code for the add-on on GitHub, then compile it and import it into their browsers.
This add-on is currently only supported by the Firefox Developer Edition.
The team of Firefox engineers behind the project state that the code is available only for testing the design and visualization of the feature—it’s not meant to be an official rollout by any means.
Mozilla developer Nihanth Subramanya wrote in the GitHub prototyping page that the project started as an experiment on how a browser can be beneficial in helping users keep track of data breaches and promote cybersecurity.
The system will inform users of data breaches through a notification via the Firefox User Interface (UI).
It will provide an option for the Firefox user to obtain educational information about data breaches via support pages.
Interested Firefox users will also be able to subscribe to a service where they will be notified via email in case they are victims of future breaches.
Subramanya confirmed that there are several aspects of the feature that require more work before it can be fully functional.
The project ultimately aims to create a User Interface and interaction flow in Firefox.
For instance, when a Firefox user visits a website that has been breached such as Adobe or LinkedIn, the browser presents a drop-down box. Users can then enter an email address in the input field as well as an option for email alert subscription.
One area of concern that has yet to be addressed is the issue of privacy since users will have to input their email address to receive notifications.
Users are likely to raise questions about security and data custodianship, data sharing between Firefox and Have I Been Pwned?, as well as functionality to users who do not opt for the subscription service.
Subramanya affirmed that the project plans to provide functionality while also protecting user privacy.