Firefox security - is it safe?

  Terry Brown 11:25 14 Apr 2013

Running through the settings on Firefox, I opened the TOOLS tab and then the ADVANCED option

Scrolling down I come to : Government Root Certification Manager

This was for TAIWAN,and had the AUTHORIZATION to check my Emails, which I object to.- My emails are for my private use- not some government body to store.

I have un-clicked this option, and it does not seem to make a difference to downloading except that they download faster.

Are their other security checks you object to?.


  fourm member 12:06 14 Apr 2013

I think you need to read about site certificates.

  lotvic 12:35 14 Apr 2013

This seems to be how it was decided to include that cert in Mozilla Firefox

I don't understand it all but found this (quote is from down near the bottom of page) on Windows/

quote/"Is there a maximum number of roots that can be included in the Program? May there come a time when you don’t accept any more root certificates?

Yes. Increasing the number of root certificates made available through this Program can negatively affect Windows performance, since all root certificates are decoded into memory in every process that uses certificates. Actual performance degradation may differ based on version of Windows and type of hardware, but we consider the long-term impact of every decision to incorporate new root certificates, and new classes of CAs. We have not approached the number of root certificates where performance might be impacted, but we make individual application decisions with the long-term in mind. We reserve the right to make membership decisions in our sole discretion based on these criteria, and to change those criteria without notice in the event of any disruption to Windows performance.

Also, every additional root certificate increases the risk of a key compromise or bad certificates due to CA error for hundreds of millions of Windows users worldwide. As a result, we face increasing pressure from the worldwide security community to limit the number of root certificates we distribute for CAs. We only accept CAs that provide value to a large percentage of Microsoft Windows users worldwide or within a country or region. Going forward, we intend to work with the PKI and audit communities on audit regimes and assessor guidelines that will improve CA practices and justify our decision to admit additional CAs. "/end quote

Also I found this piece about Microsoft and Mozilla ban Dutch government root certificate on The Inquirer

  wiz-king 16:32 14 Apr 2013

I have about 25 on IE9

  Terry Brown 17:22 14 Apr 2013

Maybe I mis-understand it, but it seems possible for anyone with enough knowledge to create a root site certificate, so once it is on your system, they have access to your information.

It asks the Question:

How safe is your information?:

  1. When it is on your hard-drive ?
  2. When it is in the cloud?


  VCR97 18:20 14 Apr 2013

I can't find Government Root Certification Manager or Authorities. FF 20.0.1

  Forum Editor 18:43 14 Apr 2013

Transferred to Tech Helproom from Speakers Corner.

  lotvic 19:21 14 Apr 2013

FF 20.0.1 | Tools | Options | Advanced, Encryption tab and click on 'View Certificates' button | then click on Authorities tab. select one of them and then click on 'Edit Trust' button

  VCR97 20:32 14 Apr 2013


Thanks. I reckon I'll let sleeping dogs lie.

  hiwatt 10:12 15 Apr 2013

@Terry Brown what button did you uncheck?I can only find goverment root certification authority/Taiwan GRCA and when I edit trust settings there are three boxes?

  muddypaws 11:29 15 Apr 2013

If you highlight the 'Taiwan' entry and click edit/trust--uncheck all three boxes.

Think that is what Terry Brown means. That's what I did.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

iMac Pro review

Illustrator Charles Williams on how to create magazines and book covers

iMac Pro review

Les meilleures prises CPL (2018)