asked on

Any FireFox Send security concerns in the community?

Looking for comments on the overall security of FireFox Send (send.firefox.com). My understanding is that all of the security tasks regarding the file (encryption, link generation, decryption) take place on the client side. However, also received some sage advice that what a provider 'says' and what they 'do' (federal FISA warrant) can be two different things.

I've done some basic searching online; have found some tutorials and an explanation by Mozilla on how the system works. Really looking for some independent, third party vetting results. I have looked on Git Hub, but didn't see anything that conclusively stated FF Send meets standard xxxxx or is xyz compliant, etc.

Is there any documentation out there verifying Mozilla's security claims and does anybody have any concerns with using this product when sharing PII (e.g. name, address, health status, income, etc)?

ASKER CERTIFIED SOLUTION

McKnife

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

David Favor

+1 for McKnife's comment.

Never trust anyone with your data... or passwords... or anything important...

SOLUTION

Arana (G.P.)

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Natty Greg

Hey the above mentioned is correct, just to add Firefox also collects telemetry data, even though they say that they don’t. I caught the flow throw my router a while back and blocked it. Can’t be trusted

Comm_Guy

ASKER

McKnife - any recommendations on encryption software that is easy for a "non-technical" person to use? A lot of the staff I work with are good at what they do but some need quite a bit of help when it comes to technology.