Security/Download Protection

< Security
Revision as of 04:08, 20 May 2015 by Fmarier (talk | contribs) (→‎Engineering: where the code is)

Description

We warn on every application download, which causes warning fatigue and doesn't help users make good decisions. We should track the reputation of download URLs and hashes.

See Security/Features/Application_Reputation_Design_Doc for implementation details.

Engineering

Most of the code lives in toolkit/components/downloads/ApplicationReputation.cpp.

QA

To turn on debugging output, export the following environment variable:

NSPR_LOG_MODULES="ApplicationReputation:5"

Documentation