Firefox Will Soon Warn Users of Software That Performs MitM Attacks

The Firefox browser will soon come with a new security feature that will detect and then warn users when a third-party app is performing a Man-in-the-Middle (MitM) attack by hijacking the user's HTTPS traffic. From a report: The new feature is expected to land in Firefox 66, Firefox's current beta version, scheduled for an official release in mid-March. The way this feature works is to show a visual error page when, according to a Mozilla help page, "something on your system or network is intercepting your connection and injecting certificates in a way that is not trusted by Firefox." An error message that reads "MOZILLA_PKIX_ERROR_MITM_DETECTED" will be shown whenever something like the above happens.

Re:Okay, I'll bite

Because it contacts a third party server which also looks at the website's certificate. If the certificate that your browser is presented with has a different fingerprint than the one their server sees, an error is flagged.

See also the CheckMyHTTPS add-on for Chrome and Firefox

Re:ISPs?

[TechyImmigrant]

How does an ISP inject certs? The whole point of SSL/TLS is to stop that. Is this some new attack vector? Why aren't we just patching the flaw in TLS?

It's not mitm. That why TFA is so confusing. The attack involves changes to your trust list.

Re:Will have to be don carefully

Firefox added group policy support with the release of ESR version 60, including official templates.

You can enable enterprise roots through this, which causes firefox to read the Windows certificate store.