Firefox wants to block plugin
Hi.
After installing Java SE7 plugin on my Synology DS213+ NAS, Firefox has a pop up message saying the following...
https://addons.mozilla.org/en-US/firefox/blocked/p463
(Java Plugin 7 update 45 (click-to-play), Windows has been blocked for your protection.
Why was it blocked?
The Java plugin is considered unsafe to use and should not be activated unless strictly necessary.)
Is this really a risk? I access the Synology DSM (Diskstation Manager) via a Firefox webpage.
所有回覆 (3)
Hello,
You can see the complete list of blocked add-ons here:
https://addons.mozilla.org/en-US/firefox/blocked/
I do not know about this in great detail but my understanding is that historically there have been a very high number of security holes found in the Java plugin. These have been successfully exploited by hackers to gain unauthorised access to users' machines. Mozilla has taken the decision to block all versions of Java as unsafe, users are able to unblock the plugin on a case-by-case basis as they need to.
See here for more information:
https://blog.mozilla.org/security/2013/01/11/protecting-users-against-java-vulnerability/
I'm not a security expert so I can't give specific advice on your access of the Diskstation Manager. But in general I suggest not allowing the Java plugin to run unless you need to.
I hope this helps.
由 Ed 於 修改
More information about that "block" is here.
https://bugzilla.mozilla.org/show_bug.cgi?id=914690#c50
Also see here an article on Java security.