|31 Jul 2010||#1|
| || |
Tighter security coming in Firefox 4
Mozilla Security Program Manager Brandon Sterne demonstrated on Wednesday how this ostensibly dull code, which is part of Firefox 4's new Content Security Policy, will make the next-generation browser safer.
One of the biggest fixes that's been implemented in the Firefox 4 beta (Windows | Mac | Linux) repairs a hole that affects all browsers, a decade-old vulnerability that was mentioned in the documentation for CSS2. The exploit is a CSS sniffing history attack, where malicious code can gain access to your browser history by manipulating link appearance and style. What made the bug so difficult to repair is that the simplest solution, to prevented all link style manipulation, would be like throwing the baby out with the bathwater said Firefox's director of development, Jonathan Nightingale. Changing an already-visited link's colors is one the most-used features of the Web, and it would be catastrophic to prevent that.
Tighter security coming in Firefox 4 | The Download Blog - Download.com
|My System Specs|
|Similar help and support threads for2: Tighter security coming in Firefox 4|
|Firefox 4.0 Beta 2 Coming Soon||Browsers & Mail|
|Firefox 3.6 Final Coming Right Up||Browsers & Mail|
|Firefox 3.6 Final coming on Thursday||Browsers & Mail|
|Firefox 3.6 - Coming soon.||Browsers & Mail|
|Firefox 3.6 Beta 5 Coming Right Up.||Browsers & Mail|
|Multi-processor support coming for Firefox||News|
|Firefox 'firedrill' critical fix coming next week||News|