├── plugin ├── chrome │ ├── content │ │ ├── img │ │ │ ├── bad.png │ │ │ ├── error.png │ │ │ ├── good.png │ │ │ ├── default.png │ │ │ ├── progress.gif │ │ │ └── whitelist.png │ │ ├── credits │ │ │ ├── translators.txt │ │ │ └── contributors.txt │ │ ├── css │ │ │ ├── preferences_dialog.css │ │ │ ├── perspectives.css │ │ │ └── about.css │ │ ├── info.xul │ │ ├── initialize.xul │ │ ├── firewall.xhtml │ │ ├── whitelist_dialog.xul │ │ ├── results_dialog.xul │ │ ├── help.xhtml │ │ ├── addtoolbarbutton.js │ │ ├── about.js │ │ ├── report.xul │ │ ├── about_dialog.xul │ │ ├── http_notary_list.txt │ │ ├── results_dialog.js │ │ ├── browser.js │ │ ├── init.js │ │ ├── whitelist_dialog.js │ │ ├── statusbar.xul │ │ ├── xml_notary_client.js │ │ ├── extlib │ │ │ └── spark-md5.min.js │ │ └── statusbar.js │ ├── icons │ │ └── default │ │ │ ├── certmanager.ico │ │ │ ├── certmanager.png │ │ │ ├── perspectives-about.ico │ │ │ ├── perspectives-about.png │ │ │ ├── perspectives-properties.ico │ │ │ ├── perspectives-properties.png │ │ │ ├── perspectives-whitelist.ico │ │ │ ├── perspectives-whitelist.png │ │ │ ├── perspectives-report-attack.ico │ │ │ ├── perspectives-report-attack.png │ │ │ ├── perspectives-notary-results.ico │ │ │ └── perspectives-notary-results.png │ └── locale │ │ ├── zh-CN │ │ ├── amodetails.properties │ │ ├── dialogs.dtd │ │ ├── help.dtd │ │ └── notaries.properties │ │ ├── fi │ │ ├── amodetails.properties │ │ ├── dialogs.dtd │ │ └── help.dtd │ │ ├── nl │ │ ├── amodetails.properties │ │ ├── dialogs.dtd │ │ └── help.dtd │ │ ├── en-US │ │ ├── amodetails.properties │ │ ├── dialogs.dtd │ │ └── help.dtd │ │ ├── es-MX │ │ ├── amodetails.properties │ │ ├── dialogs.dtd │ │ └── help.dtd │ │ ├── fr │ │ ├── amodetails.properties │ │ ├── dialogs.dtd │ │ └── help.dtd │ │ ├── pl │ │ ├── amodetails.properties │ │ ├── dialogs.dtd │ │ └── help.dtd │ │ ├── de │ │ ├── amodetails.properties │ │ ├── dialogs.dtd │ │ └── help.dtd │ │ └── ru │ │ ├── amodetails.properties │ │ └── dialogs.dtd ├── chrome.manifest ├── defaults │ └── preferences │ │ └── prefs.js └── install.rdf ├── .gitignore ├── licenses ├── LicensesREADME.txt └── WTFPL.txt ├── CREDITS ├── test ├── Testing Localizations.txt ├── Manual Test Cases - Disabled.txt ├── extlib │ └── localecodes.py ├── Manual Test Cases.txt └── svg_test.html ├── Makefile ├── update_howto.txt ├── TRANSLATING.md └── README.md /plugin/chrome/content/img/bad.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/content/img/bad.png -------------------------------------------------------------------------------- /plugin/chrome/content/img/error.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/content/img/error.png -------------------------------------------------------------------------------- /plugin/chrome/content/img/good.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/content/img/good.png -------------------------------------------------------------------------------- /plugin/chrome/content/img/default.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/content/img/default.png -------------------------------------------------------------------------------- /plugin/chrome/content/img/progress.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/content/img/progress.gif -------------------------------------------------------------------------------- /plugin/chrome/content/img/whitelist.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/content/img/whitelist.png -------------------------------------------------------------------------------- /plugin/chrome/icons/default/certmanager.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/icons/default/certmanager.ico -------------------------------------------------------------------------------- /plugin/chrome/icons/default/certmanager.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/icons/default/certmanager.png -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # ignore build output 2 | build/ 3 | *.xpi 4 | 5 | # ignore other types of files 6 | *.tar 7 | *.tar.gz 8 | *.zip 9 | *.pyc 10 | 11 | -------------------------------------------------------------------------------- /plugin/chrome/icons/default/perspectives-about.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/icons/default/perspectives-about.ico -------------------------------------------------------------------------------- /plugin/chrome/icons/default/perspectives-about.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/icons/default/perspectives-about.png -------------------------------------------------------------------------------- /plugin/chrome/icons/default/perspectives-properties.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/icons/default/perspectives-properties.ico -------------------------------------------------------------------------------- /plugin/chrome/icons/default/perspectives-properties.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/icons/default/perspectives-properties.png -------------------------------------------------------------------------------- /plugin/chrome/icons/default/perspectives-whitelist.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/icons/default/perspectives-whitelist.ico -------------------------------------------------------------------------------- /plugin/chrome/icons/default/perspectives-whitelist.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/icons/default/perspectives-whitelist.png -------------------------------------------------------------------------------- /plugin/chrome/icons/default/perspectives-report-attack.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/icons/default/perspectives-report-attack.ico -------------------------------------------------------------------------------- /plugin/chrome/icons/default/perspectives-report-attack.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/icons/default/perspectives-report-attack.png -------------------------------------------------------------------------------- /plugin/chrome/icons/default/perspectives-notary-results.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/icons/default/perspectives-notary-results.ico -------------------------------------------------------------------------------- /plugin/chrome/icons/default/perspectives-notary-results.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/danwent/Perspectives/HEAD/plugin/chrome/icons/default/perspectives-notary-results.png -------------------------------------------------------------------------------- /plugin/chrome/content/credits/translators.txt: -------------------------------------------------------------------------------- 1 | Edward Bassett, Patrick Storz (de) 2 | Dan Torres (es-MX) 3 | Ville Tiensuu (fi) 4 | Goofy (fr) 5 | Alf (nl) 6 | Jakub Warmuz, Sonia Bernac (pl) 7 | Alexey Vesnin (ru) 8 | Yanlin Li, Wang.H.K (zh-CN) -------------------------------------------------------------------------------- /plugin/chrome/content/css/preferences_dialog.css: -------------------------------------------------------------------------------- 1 | treechildren::-moz-tree-checkbox(checked) 2 | { 3 | /* https://developer.mozilla.org/en-US/docs/Tree_Widget_Changes#Checkbox_columns */ 4 | list-style-image: url("chrome://global/skin/checkbox/cbox-check.gif"); 5 | } 6 | -------------------------------------------------------------------------------- /plugin/chrome/content/credits/contributors.txt: -------------------------------------------------------------------------------- 1 | Matt DeMoss 2 | Dinesh Israni 3 | Ethan Jackson 4 | Goofy 5 | katmagic 6 | David Lawhon 7 | Ryan McBride 8 | Gerold Meisinger 9 | Jens Mueller 10 | Ramu Panayappan 11 | Dave Schaefer 12 | Igor Velkov 13 | Alexey Vesnin 14 | -------------------------------------------------------------------------------- /plugin/chrome/content/info.xul: -------------------------------------------------------------------------------- 1 | 2 | 3 | 5 | 6 | 7 | 8 | 9 | 12 | 13 | 14 | 15 | -------------------------------------------------------------------------------- /licenses/LicensesREADME.txt: -------------------------------------------------------------------------------- 1 | The following components are distributed under the following licenses: 2 | 3 | Perspectives code: GPL3 4 | 5 | 6 | External libraries 7 | ------------------ 8 | 9 | Located in: 10 | * plugin/chrome/content/extlib 11 | 12 | SparkMD5: WTFPL 13 | https://github.com/satazor/SparkMD5 14 | 15 | 16 | Located in: 17 | * test/extlib 18 | 19 | checkloc: GPL3 20 | https://github.com/daveschaefer/checkloc 21 | -------------------------------------------------------------------------------- /licenses/WTFPL.txt: -------------------------------------------------------------------------------- 1 | DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE 2 | Version 2, December 2004 3 | 4 | Copyright (C) 2004 Sam Hocevar 5 | 6 | Everyone is permitted to copy and distribute verbatim or modified 7 | copies of this license document, and changing it is allowed as long 8 | as the name is changed. 9 | 10 | DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE 11 | TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 12 | 13 | 0. You just DO WHAT THE FUCK YOU WANT TO. -------------------------------------------------------------------------------- /CREDITS: -------------------------------------------------------------------------------- 1 | Perspectives Client - Firefox Extension 2 | --------------------------------------- 3 | by Dan Wendlandt 4 | 5 | 6 | 7 | We would like to extend our many thanks to everyone who contributed code, ideas, bug reports, and/or translations! Thank you. 8 | 9 | To make localization of credits easier, the names of contributors and translators have been separated into two text files found at: 10 | 11 | plugin/chrome/content/credits/contributors.txt 12 | plugin/chrome/content/credits/translators.txt 13 | 14 | 15 | 16 | You can also view them by selecting 'About Perspectives' in the Perspectives context menu. 17 | -------------------------------------------------------------------------------- /plugin/chrome/content/initialize.xul: -------------------------------------------------------------------------------- 1 | 2 | 3 | 5 | 18 | 19 | 20 | -------------------------------------------------------------------------------- /test/Testing Localizations.txt: -------------------------------------------------------------------------------- 1 | To test Localizations: 2 | 3 | - In a new tab, open about:config 4 | - Find the Preference 'general.useragent.locale' 5 | - Paste your current value here to save it: 6 | - Edit the value to the Perspectives localization you wish to test 7 | - Restart Firefox 8 | - Run through the tests in 'Manual Test Cases.txt' (and of course, make sure the automated ones in test.html work too) 9 | 10 | 11 | *Important:* Even if you don't speak the language, try to run the translation files through an online translator or other tool and check that the words roughly say what they should. This is not a test to check the grammar or structure but to make sure there are no swears, racial slurs, or other malicious text that would be bad to publish. 12 | 13 | See the LOCALIZATION file for steps to complete before publishing a localization. 14 | 15 | 16 | For a list of localization targets see 17 | https://wiki.mozilla.org/Category:L10n_Teams 18 | -------------------------------------------------------------------------------- /plugin/chrome.manifest: -------------------------------------------------------------------------------- 1 | content perspectives chrome/content/ 2 | 3 | locale perspectives de chrome/locale/de/ 4 | locale perspectives en-US chrome/locale/en-US/ 5 | locale perspectives es-MX chrome/locale/es-MX/ 6 | locale perspectives fi chrome/locale/fi/ 7 | locale perspectives fr chrome/locale/fr/ 8 | locale perspectives nl chrome/locale/nl/ 9 | locale perspectives pl chrome/locale/pl/ 10 | locale perspectives ru chrome/locale/ru/ 11 | locale perspectives zh-CN chrome/locale/zh-CN/ 12 | 13 | content perspectives_main ./ 14 | 15 | # overlays for firefox 16 | overlay chrome://browser/content/browser.xul chrome://perspectives/content/statusbar.xul 17 | overlay chrome://browser/content/browser.xul chrome://perspectives/content/initialize.xul 18 | 19 | # overlays to support seamonkey 20 | overlay chrome://navigator/content/navigator.xul chrome://perspectives/content/statusbar.xul 21 | overlay chrome://navigator/content/navigator.xul chrome://perspectives/content/initialize.xul 22 | -------------------------------------------------------------------------------- /plugin/chrome/content/css/perspectives.css: -------------------------------------------------------------------------------- 1 | /* 2 | * This file is part of the Perspectives Firefox Client 3 | * 4 | * Copyright (C) 2011 Dan Wendlandt 5 | * 6 | * This program is free software: you can redistribute it and/or modify 7 | * it under the terms of the GNU General Public License as published by 8 | * the Free Software Foundation, version 3 of the License. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | 20 | /* Just a simple CSS stylesheet to make sure 21 | formatting shows up on various html pages. */ 22 | 23 | body { background-color: white; color: black; } 24 | a { color: blue; text-decoration: underline; } 25 | -------------------------------------------------------------------------------- /plugin/chrome/content/css/about.css: -------------------------------------------------------------------------------- 1 | /* 2 | * This file is part of the Perspectives Firefox Client 3 | * 4 | * Copyright (C) 2011 Dan Wendlandt 5 | * 6 | * This program is free software: you can redistribute it and/or modify 7 | * it under the terms of the GNU General Public License as published by 8 | * the Free Software Foundation, version 3 of the License. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | */ 18 | 19 | 20 | /* Hover-effect to make our links look snappy :) */ 21 | 22 | .hover-link, .hover-link:focus { 23 | color: #0000ff; 24 | text-decoration: none; 25 | cursor: pointer; 26 | 27 | } 28 | .hover-link:hover { 29 | color: #0000ff; 30 | text-decoration: underline; 31 | } 32 | -------------------------------------------------------------------------------- /test/Manual Test Cases - Disabled.txt: -------------------------------------------------------------------------------- 1 | The features or functions listed here are currently disabled. You do not need to run these tests (and probably can't without some local editing). Tests are kept here so they are not lost. They can be moved back to the main Manual Tests document once the features are re-activated. 2 | 3 | 4 | Report Attack 5 | -------------- 6 | - Should NOT let you send a report for: 7 | - HTTP website 8 | - HTTPS website, before Perspectives has finished querying 9 | - Invalid URL, such as 'aaa' or blank 10 | - file:// URL 11 | 12 | - *Should* let you send a report for: 13 | - HTTPS website, after Perspectives has finished querying 14 | 15 | Distrust All Notaries 16 | --------------------- 17 | - Does clicking the option open a prompt that warns the user? 18 | - If the user cancels, does nothing happen? 19 | - If the entered phrase doesn't match, is a message displayed and the distrust cancelled? 20 | - If there is an error, do we display it and abort the distrust? 21 | - If the phrase does match, are certs distrusted? 22 | - Does the user see a message stating the number of certs that were distrusted? 23 | -------------------------------------------------------------------------------- /plugin/chrome/locale/zh-CN/amodetails.properties: -------------------------------------------------------------------------------- 1 | #This file contains the 'description' and 'creator' strings that should be used inside install.rdf, 2 | #as well as strings used on addons.mozilla.org. 3 | #Currently there is no way to automatically put these strings into install.rdf (although we could perhaps write a build script). 4 | #However, we don't want to forget to translate these when adding a new localization. 5 | #Developers: remember to copy/paste these strings into install.rdf and addons.mozilla.org when creating a new localization. 6 | 7 | amoCreator=Perspectives Project at Carnegie Mellon Computer Science 8 | amoDescription=使用网络认证检查安全证书,从而安全地连接到 https 网站。请查看 http://www.perspectives-project.org 9 | amoMoreInfo=Perspectives is a new, decentralized approach to securely identifying Internet servers. It automatically builds a database of server identities using lightweight probing by "network notaries" - servers located at multiple vantage points across the Internet. Each time you connect to a secure website Perspectives compares the site's certificate with network notary data, and warns if there is a mismatch. This way you know if a certificate should be trusted! Using Perspectives prevents "man-in-the-middle" attacks, lets you use self-signed certificates, and helps you trust that your connections really are secure. 10 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | outfile = Perspectives.xpi 2 | buildfolder = build 3 | unittest_file = test.html 4 | unittest_source = test/$(unittest_file) 5 | unittest_dest_folder = $(buildfolder)/chrome/content/test 6 | unittest_dest = $(unittest_dest_folder)/$(unittest_file) 7 | 8 | .PHONY: plugin 9 | 10 | plugin: clean loctests setup 11 | sh -c "cd $(buildfolder)/ && zip -q -r ../$(outfile) * -x *\.svn*" 12 | rm -rf $(buildfolder) 13 | 14 | test: clean setup install-test-files plugin 15 | 16 | clean: 17 | rm -f $(outfile) 18 | rm -rf $(buildfolder)/ 19 | 20 | loctests: 21 | @# ensure localization files are valid. 22 | @# note: the next few lines use spaces instead of tabs for indentation 23 | @# just to keep them nicely formatted with the actual commands 24 | ifeq ($(shell command -v python ; echo $$?),1) 25 | @echo -e " python not installed; skipping localization tests.\n WARNING: Invalid localization files may prevent Perspectives from working.\n Install python to enable localization validation." 26 | else 27 | python test/extlib/checkloc.py plugin 28 | endif 29 | 30 | setup: 31 | rm -rf $(buildfolder)/ 32 | mkdir $(buildfolder) 33 | cp -r plugin/* $(buildfolder)/ 34 | 35 | install-test-files: setup 36 | mkdir $(unittest_dest_folder) 37 | cp $(unittest_source) $(unittest_dest) 38 | 39 | install-fx: plugin 40 | firefox $(outfile)& 41 | -------------------------------------------------------------------------------- /plugin/chrome/locale/fi/amodetails.properties: -------------------------------------------------------------------------------- 1 | #This file contains the 'description' and 'creator' strings that should be used inside install.rdf, 2 | #as well as strings used on addons.mozilla.org. 3 | #Currently there is no way to automatically put these strings into install.rdf (although we could perhaps write a build script). 4 | #However, we don't want to forget to translate these when adding a new localization. 5 | #Developers: remember to copy/paste these strings into install.rdf and addons.mozilla.org when creating a new localization. 6 | 7 | amoCreator=Perspectives Project at Carnegie Mellon Computer Science 8 | amoDescription=Connect securely to https websites by checking certificates with network notaries. See http://www.perspectives-project.org 9 | amoMoreInfo=Perspectives is a new, decentralized approach to securely identifying Internet servers. It automatically builds a database of server identities using lightweight probing by "network notaries" - servers located at multiple vantage points across the Internet. Each time you connect to a secure website Perspectives compares the site's certificate with network notary data, and warns if there is a mismatch. This way you know if a certificate should be trusted! Using Perspectives prevents "man-in-the-middle" attacks, lets you use self-signed certificates, and helps you trust that your connections really are secure. 10 | -------------------------------------------------------------------------------- /plugin/chrome/locale/nl/amodetails.properties: -------------------------------------------------------------------------------- 1 | #This file contains the 'description' and 'creator' strings that should be used inside install.rdf, 2 | #as well as strings used on addons.mozilla.org. 3 | #Currently there is no way to automatically put these strings into install.rdf (although we could perhaps write a build script). 4 | #However, we don't want to forget to translate these when adding a new localization. 5 | #Developers: remember to copy/paste these strings into install.rdf and addons.mozilla.org when creating a new localization. 6 | 7 | amoCreator=Perspectives Project at Carnegie Mellon Computer Science 8 | amoDescription=Connect securely to https websites by checking certificates with network notaries. See http://www.perspectives-project.org 9 | amoMoreInfo=Perspectives is a new, decentralized approach to securely identifying Internet servers. It automatically builds a database of server identities using lightweight probing by "network notaries" - servers located at multiple vantage points across the Internet. Each time you connect to a secure website Perspectives compares the site's certificate with network notary data, and warns if there is a mismatch. This way you know if a certificate should be trusted! Using Perspectives prevents "man-in-the-middle" attacks, lets you use self-signed certificates, and helps you trust that your connections really are secure. 10 | -------------------------------------------------------------------------------- /plugin/chrome/locale/en-US/amodetails.properties: -------------------------------------------------------------------------------- 1 | #This file contains the 'description' and 'creator' strings that should be used inside install.rdf, 2 | #as well as strings used on addons.mozilla.org. 3 | #Currently there is no way to automatically put these strings into install.rdf (although we could perhaps write a build script). 4 | #However, we don't want to forget to translate these when adding a new localization. 5 | #Developers: remember to copy/paste these strings into install.rdf and addons.mozilla.org when creating a new localization. 6 | 7 | amoCreator=Perspectives Project at Carnegie Mellon Computer Science 8 | amoDescription=Connect securely to https websites by checking certificates with network notaries. See http://www.perspectives-project.org 9 | amoMoreInfo=Perspectives is a new, decentralized approach to securely identifying Internet servers. It automatically builds a database of server identities using lightweight probing by "network notaries" - servers located at multiple vantage points across the Internet. Each time you connect to a secure website Perspectives compares the site's certificate with network notary data, and warns if there is a mismatch. This way you know if a certificate should be trusted! Using Perspectives prevents "man-in-the-middle" attacks, lets you use self-signed certificates, and helps you trust that your connections really are secure. 10 | -------------------------------------------------------------------------------- /plugin/chrome/locale/es-MX/amodetails.properties: -------------------------------------------------------------------------------- 1 | #This file contains the 'description' and 'creator' strings that should be used inside install.rdf, 2 | #as well as strings used on addons.mozilla.org. 3 | #Currently there is no way to automatically put these strings into install.rdf (although we could perhaps write a build script). 4 | #However, we don't want to forget to translate these when adding a new localization. 5 | #Developers: remember to copy/paste these strings into install.rdf and addons.mozilla.org when creating a new localization. 6 | 7 | amoCreator=Perspectives Project at Carnegie Mellon Computer Science 8 | amoDescription=Conéctese de forma segura con los sitios web que utilizan el protocolo HTTPS, validando sus certificados por medio de notarías de red. Vea http://www.perspectives-project.org 9 | amoMoreInfo=Perspectives is a new, decentralized approach to securely identifying Internet servers. It automatically builds a database of server identities using lightweight probing by "network notaries" - servers located at multiple vantage points across the Internet. Each time you connect to a secure website Perspectives compares the site's certificate with network notary data, and warns if there is a mismatch. This way you know if a certificate should be trusted! Using Perspectives prevents "man-in-the-middle" attacks, lets you use self-signed certificates, and helps you trust that your connections really are secure. 10 | -------------------------------------------------------------------------------- /update_howto.txt: -------------------------------------------------------------------------------- 1 | Here are the steps to update Perspectives: 2 | 3 | 4 | 1. Local changes 5 | 6 | - Commit, stash, or revert all of your in-progress changes 7 | - Build a test new version ('make test') 8 | - Run the in-browser tests (see the README for details) 9 | - Run the manual tests (see the tests/ directory) 10 | 11 | Once you're confident everything works: 12 | 13 | - Check: do you need to/can you increase the version compatibility in plugin/install.rdf ? 14 | - Increment the version number in plugin/install.rdf 15 | - Briefly describe the changes in the CHANGELOG file 16 | - Build a clean version ('make clean; make') 17 | - Upload your changes to github 18 | - Create a pull request to bring your changes to the main branch 19 | 20 | 21 | 2. Github 22 | 23 | Once the pull requst has been approved: 24 | 25 | - Add a tag in the official ('danwent') depo (if you're not a Perspectives maintainer, a maintainer will have to do this for you). This makes it easy to find if we ever need to republish, rebuild, or for people who build from source. 26 | - Close any github tickets/issues fixed by the current release (bonus points: add them to the correct Milestone before closing!) 27 | 28 | 29 | 3. Mozilla 30 | 31 | - Log in to https://addons.mozilla.org/ and upload the new version 32 | 33 | 34 | 4. Broadcast 35 | 36 | - Post to the Perspectives blog ( http://perspectives-project.org ) 37 | - Send an email to the mailing list ( https://groups.google.com/group/perspectives-dev 38 | 39 | -------------------------------------------------------------------------------- /plugin/chrome/locale/fr/amodetails.properties: -------------------------------------------------------------------------------- 1 | #This file contains the 'description' and 'creator' strings that should be used inside install.rdf, 2 | #as well as strings used on addons.mozilla.org. 3 | #Currently there is no way to automatically put these strings into install.rdf (although we could perhaps write a build script). 4 | #However, we don't want to forget to translate these when adding a new localization. 5 | #Developers: remember to copy/paste these strings into install.rdf and addons.mozilla.org when creating a new localization. 6 | 7 | amoCreator=Perspectives est un projet de la section programmation informatique de l'université Carnegie Mellon 8 | amoDescription=Connectez-vous de façon plus sécurisée sur les sites Internet https en vérifiant leurs certificats avec les notaires de réseau. Consultez http://www.perspectives-project.org (en anglais) pour en savoir plus. 9 | amoMoreInfo=Perspectives is a new, decentralized approach to securely identifying Internet servers. It automatically builds a database of server identities using lightweight probing by "network notaries" - servers located at multiple vantage points across the Internet. Each time you connect to a secure website Perspectives compares the site's certificate with network notary data, and warns if there is a mismatch. This way you know if a certificate should be trusted! Using Perspectives prevents "man-in-the-middle" attacks, lets you use self-signed certificates, and helps you trust that your connections really are secure. 10 | -------------------------------------------------------------------------------- /plugin/chrome/locale/pl/amodetails.properties: -------------------------------------------------------------------------------- 1 | #This file contains the 'description' and 'creator' strings that should be used inside install.rdf, 2 | #as well as strings used on addons.mozilla.org. 3 | #Currently there is no way to automatically put these strings into install.rdf (although we could perhaps write a build script). 4 | #However, we don't want to forget to translate these when adding a new localization. 5 | #Developers: remember to copy/paste these strings into install.rdf and addons.mozilla.org when creating a new localization. 6 | 7 | amoCreator=Projekt Perspectives z wydziału informatycznego Uniwersytetu Carnegie Mellon 8 | amoDescription=Łącz się bezpiecznie ze stronami HTTPS, sprawdzając certyfikaty przy użyciu sieciowych notariuszy. Sprawdź http://www.perspectives-project.org 9 | amoMoreInfo=Perspectives to nowe, zdecentralizowane podejście do bezpiecznej identyfikacji serwerów internetowych. Perspectives automatycznie buduje bazę danych tożsamości serwerów poprzez wykorzystanie lekkich sondujących "sieciowych notariuszy" - serwerów zlokalizowanych w różnych punktach obserwacyjnych rozsianych w Internecie. Za każdym razem, kiedy łączysz się z bezpieczną stroną, Perspectives porównuje certyfikat strony z danymi sieciowego notariusza i ostrzega w przypadku rozbieżności. W ten sposób wiesz, czy certyfikat powinien być zaufany! Korzystanie z Perspectives zapobiega atakom "man in the middle", umożliwia korzystanie z samo-podpisanych certyfikatów i pomaga Ci zaufać, że Twoje połączenia są rzeczywiście bezpieczne. 10 | -------------------------------------------------------------------------------- /plugin/chrome/locale/de/amodetails.properties: -------------------------------------------------------------------------------- 1 | #This file contains the 'description' and 'creator' strings that should be used inside install.rdf, 2 | #as well as strings used on addons.mozilla.org. 3 | #Currently there is no way to automatically put these strings into install.rdf (although we could perhaps write a build script). 4 | #However, we don't want to forget to translate these when adding a new localization. 5 | #Developers: remember to copy/paste these strings into install.rdf and addons.mozilla.org when creating a new localization. 6 | 7 | amoCreator=„Perspectives“ Projekt der Informatik-Fakultät der Carnegie Mellon University 8 | amoDescription=Umgeht HTTPS Sicherheitswarnungen auf sichere Weise, indem die Zertifikate mit Hilfe einer Liste von Netzwerknotaren überprüft werden. Siehe http://www.perspectives-project.org (englischsprachig). 9 | amoMoreInfo=Perspectives stellt eine neue, dezentrale Methode dar, Internet-Server sicher zu erkennen. Es baut automatisch eine Datenbank von Serveridentitäten mittels einfacher Nachfragen bei "Netzwerknotaren" auf. Diese sind rund um das Internet verbreitete Server. Jedes Mal, wenn Sie sich zu einer sicheren Website verbinden, vergleicht Perspectives das Zertifikat, das Sie vom Server bekommen, mit den Daten der Notare - und warnt Sie bei Unstimmigkeiten. So wissen Sie, ob dem Zertifikat zu trauen ist, dass Sie empfangen haben. Durch Nutzung von Perspectives können Sie Mittelsmannangriffe ("Man-in-the-Middle attack") vermeiden, selbstsignierte Zertifikate verwenden und darauf vertrauen, dass Ihre Verbindungen wirklich sicher sind. 10 | -------------------------------------------------------------------------------- /plugin/chrome/content/firewall.xhtml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 8 | 9 | %helpDTD; 10 | 11 | ]> 12 | 13 | 14 | 15 | 16 | &perspectivesFirewallHelp; 17 | 18 | 19 | 20 | 21 | 22 | 34 | 35 | 36 | 37 |

&perspectivesFirewallHelp;

38 | 39 |

&h3protocolandPorts;

40 |

&protocolandPortsAnswer;

41 | 42 |

&h3manuallyOverrideWarning;

43 |

&manuallyOverrideWarningAnswer;

44 | 45 |

&h3questionsComments;

46 | 47 | 51 | 52 | 53 | 54 | 55 | 56 | -------------------------------------------------------------------------------- /plugin/chrome/locale/ru/amodetails.properties: -------------------------------------------------------------------------------- 1 | #This file contains the 'description' and 'creator' strings that should be used inside install.rdf, 2 | #as well as strings used on addons.mozilla.org. 3 | #Currently there is no way to automatically put these strings into install.rdf (although we could perhaps write a build script). 4 | #However, we don't want to forget to translate these when adding a new localization. 5 | #Developers: remember to copy/paste these strings into install.rdf and addons.mozilla.org when creating a new localization. 6 | 7 | amoCreator=Проект Перспектив университета Карнеги Меллона, компьютерные науки 8 | amoDescription=Подключайтесь безопасно к защищенным web-сайтам по протоколу https, проверяя их сертификаты через сетевых нотариусов. Читайте подробнее на http://www.perspectives-project.org 9 | amoMoreInfo=Перспективы есть новый, децентрализованный способ удостоверения серверов сети Internet. Программа автоматически создает базу данных с проверочной информацией о цифровых подписях и сертификатах других серверов, опрашивая по облегченному протоколу так называемых "сетевых нотариусов" - сервера, расположенные в разных точках сети по всему Internet'у. Каждый раз, когда Вы соединяетесь с защищенным web-сайтом, Перспектива сравнивает данные сертификата сайта с проверочной базой "сетевых нотариусов" и проверяет, нет ли несовпадения. Если сертификат видно и из других мест точно так же, как и Вам - а он на сервере один и должен быть везде одинаковый - то ему можно доверять! Таким образом Перспектива помогает предотвратить атаки "промежуточного агента", или "по середине", полноценно использовать самоподписанные сертификаты, а также позволяет удостоверяться, что Ваше защищенное подключение действительно защищено. 10 | -------------------------------------------------------------------------------- /plugin/defaults/preferences/prefs.js: -------------------------------------------------------------------------------- 1 | // new preference should be created in the "extensions.perspectives.x" namespace 2 | // see https://developer.mozilla.org/en/Extensions/Extension_etiquette 3 | // please list alphabetically 4 | 5 | pref("extensions.perspectives.additional_notary_list", ""); 6 | pref("extensions.perspectives.check_good_certificates", true); 7 | pref("extensions.perspectives.contact_in_private_browsing_mode", false); 8 | pref("extensions.perspectives.default_notary_list",""); 9 | pref("extensions.perspectives.enable_default_list_auto_update",false); 10 | pref("extensions.perspectives.exceptions.enabled", true); 11 | pref("extensions.perspectives.exceptions.permanent", false); 12 | pref("extensions.perspectives.first_run", true); 13 | pref("extensions.perspectives.max_cache_age_sec", 10000); 14 | pref("extensions.perspectives.max_timespan_for_inconsistency_test", 7); 15 | pref("extensions.perspectives.pref_migration_needed", true); 16 | pref("extensions.perspectives.query_retries" , 2); 17 | pref("extensions.perspectives.query_timeout_ms", 5000); 18 | pref("extensions.perspectives.quorum_thresh" , 75); 19 | pref("extensions.perspectives.require_user_permission", false); 20 | pref("extensions.perspectives.required_duration", 0); 21 | pref("extensions.perspectives.security_settings", 1); 22 | pref("extensions.perspectives.show_permission_reminder", true); 23 | pref("extensions.perspectives.trust_https_with_weak_consistency", true); 24 | pref("extensions.perspectives.use_default_notary_list",true); 25 | pref("extensions.perspectives.weak_consistency_time_limit", 30); 26 | pref("extensions.perspectives.whitelist" , ""); 27 | pref("extensions.perspectives.whitelist_disabled", ""); 28 | -------------------------------------------------------------------------------- /plugin/chrome/content/whitelist_dialog.xul: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | &Whitelistmessage; 19 | 20 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 |