Hackers detail Firefox flaw, calling the browser a "complete mess"
Hacker conferences are so much fun. Case in point: San Diego's ToorCon conference on Saturday, when engineers Mischa Spiegelmock and Andrew Wbeelsoi (what names!) took the stage and called the increasingly popular Firefox Web browser a "complete mess." The duo detailed to the world a security flaw in Firefox, which afflicts the browser's handling of Javascript. As if that weren't painful enough, Spiegelmock and Wbeelsoi also said the glitch was probably "impossible to patch."
"Internet Explorer, everybody knows, is not very secure," said Spiegelmock. "But Firefox is also fairly insecure." Naturally, Firefox officials were none too happy, reports CNET. The hard-working people from the Mozilla Foundation, which manages Firefox, had hoped for a bit more discretion. Publicizing a Firefox insecurity hurts the browser's image as the safe, spam-free alternative to Microsoft's Internet Explorer. "I think it is unfortunate because it puts users at risk, but that seems to be their goal," groused Window Snyder, head of security for Mozilla. Digg readers are having none of the Firefox bashing. When one posted: "It makes you wonder why people always say FF is the best browser," one reader was quick to fire back: "Maybe because each Firefox flaw is worthy of a news post, while Internet Explorer has so many that no one bothers to write about them anymore." There's another twist to the Firefox story that I think deserves mentioning. Firefox 2 and Internet Explorer 7 will both soon be ready for release. Internet Explorer 7 has dramatically re-invented itself and added all of the features that Firefox once boasted and a lot more. Firefox 2 is disappointing in that it is so similar to the previous version. Add to that the fact that Firefox is now reportedly fighting with Ubuntu and Debian Linux over branding, and where does that leave us? Perhaps it is time to explore alternatives to the big 2 browsers!
It always seem that when Microsoft was getting attacked by hackers and showing the flaws of thier work it was ok. Now that Firefox is getting the same treatment they are crying foul. No matter what software there is there are people who will look for holes in the software for better or worse. More times then then not it is use for the worse things hackers, crackers can do. So all you folks who praised Firefox as the safest broweser welcome to Microsofts nightmare and stop crying and belly aching.
I, along with many others, did not need two hackers to know that Firefox is seriously flawed when it comes to Javascript. Most, if not all, live scoring for fantasy sports, which I participate in, is based off of Javascript and when it does not want to work, it can be frustrating. Yes, Firefox has some sort of plug-in they have, but this does not work.
Of course, Firefox officials were unhappy, but they were the cause of it. Every piece of software has hidden vulnerabilities. These crackers are merely taking the time find them in Firefox.
When it comes to rendering web sites correctly, Firefox is unparalleled. Microsoft still cannot get it right. IE gives developeres headaches while Firefox supports and enables good design and development on the web. Whoopty do.
yeah Firefox has insecurities, and any popular browser will. The problem will always be between the keyboard and the chair. 
CNNMoney.com Comment Policy: CNNMoney.com encourages you to add a comment to this discussion. You may not post any unlawful, threatening, libelous, defamatory, obscene, pornographic or other material that would violate the law. Please note that CNNMoney.com makes reasonable efforts to review all comments prior to posting and CNNMoney.com may edit comments for clarity or to keep out questionable or off-topic material. All comments should be relevant to the post and remain respectful of other authors and commenters. By submitting your comment, you hereby give CNNMoney.com the right, but not the obligation, to post, air, edit, exhibit, telecast, cablecast, webcast, re-use, publish, reproduce, use, license, print, distribute or otherwise use your comment(s) and accompanying personal identifying information via all forms of media now known or hereafter devised, worldwide, in perpetuity. CNNMoney.com Privacy Statement.
|
|
| 
