[james_8970]

Chicago (IL) - According to media reports, a pair of hackers said on Saturday that the Firefox Web browser, commonly perceived as the safer and more customizable alternative to market leader Internet Explorer, is critically flawed. A presentation on the flaw was shown during the ToorCon hacker conference in San Diego.

The hackers claim that anyone running Firefox could be a victim of the flaw, which is related to the browser's handling of the Internet language JavaScript. Reportedly, someone could create a Web page with malicious JavaScript code that would specifically affect computers running Firefox browsers. The hackers, Mischa Spiegelmock and Andrew Wbeelsoi, claim that this could lead to remote control of any affected computer, including Windows, Apple, and Linux systems.

Spiegelmock reportedly said that the JavaScript implementation is a "complete mess" and that it is "impossible to patch." Upon watching a video of the presentation, Window Synder, Mozilla's security chief, said that this issue appears to be a "real vulnerability".

Reportedly, Snyder is also understandably upset about the public flow of this information, claiming that the details presented during the conference almost completely show how one could exploit the flaw. "I think it is unfortunate because it puts users at risk, but that seems to be their goal," she said.

Jesse Ruderman, another member on the Mozilla security staff, persuaded hackers to disclose any potential security holes via their "bug bounty" program, instead of maliciously exploiting them for hijacking vulnerable computers. Mozilla's bug-reporting system gives $500 to anyone who reports a vulnerability to the Firefox staff.

Firefox was originally introduced as an alternative to Internet Explorer, the browser that has long been known for easy exploiting and distribution of worms and viruses. Because Microsoft's browser contains such an enormous userbase, it has always remained the main target for hackers. However, Firefox's audience has been growing and it is becoming a viable target for hackers.

http://www.tgdaily.c...security_issue/
James

[Advertisements]

just brings up a good point...everyone assumes the firefox is more secure because it's built better....it's only more secure because it's a smaller target...it's just as buggy as I.E. (probably not just as buggy but it's got holes)...in the next few years you'll be seeing alot of "i thought firefox didn't get spyware?" questions

[dsenette]

just brings up a good point...everyone assumes the firefox is more secure because it's built better....it's only more secure because it's a smaller target...it's just as buggy as I.E. (probably not just as buggy but it's got holes)...in the next few years you'll be seeing alot of "i thought firefox didn't get spyware?" questions

[pccromeo]

Firefox is very buggy. It totally screwed my laptop so I've switched back to IE...

[james_8970]

what worry's me most about this, is that it wasn't brought to mozilla's attention till the general public got ahold of it, and there is a video that clearly shows how to do it.
James

[warriorscot]

Its not very buggy ive never seen it screw up a laptop there isn't many applications that can do that certainly not something as inoqious as Firefox. Mind you as far as windows goes i use opera i only use FF in linux now. Its got fewer bugs and because of its nature its bugs are msotly detected and fixed fairly quickly, but if you look hard enough you cna find a major flaw in most applications. Also if you use FF you should really be using a java script blocker most places do reccomend them along with FF the java problems with FF are hardly new.

FF has the advantage of being open source and have a large community that can help a great deal in fixing bugs this, its security extensions and a smaller number of users is what made FF safe. But now its more popular people will target it just the nature of the beast. I dont use FF for the security either i used it because it was a better browser, its the reason i use opera as well its even better than FF.

[Sir Grand Funk]

Firefox is very buggy. It totally screwed my laptop so I've switched back to IE...

I have been saying Firefox sucks for a long time. Opera is great.

[Sir Grand Funk]

Its not very buggy ive never seen it screw up a laptop there isn't many applications that can do that certainly not something as inoqious as Firefox. Mind you as far as windows goes i use opera i only use FF in linux now. Its got fewer bugs and because of its nature its bugs are msotly detected and fixed fairly quickly, but if you look hard enough you cna find a major flaw in most applications. Also if you use FF you should really be using a java script blocker most places do reccomend them along with FF the java problems with FF are hardly new.

FF has the advantage of being open source and have a large community that can help a great deal in fixing bugs this, its security extensions and a smaller number of users is what made FF safe. But now its more popular people will target it just the nature of the beast. I dont use FF for the security either i used it because it was a better browser, its the reason i use opera as well its even better than FF.

Opera is opensource. It is usually good to modify applications to your taste. It isn't a browser you just "Download and Go". --A lot of preferences should be tweaked.

[warriorscot]

That is operas downside it isnt very granny freindly or in my case mother freindly she is fine with firefox but opera she has bother with. Opera is open source but its not as good community wise as firefox but it seems to have alot of "old boys" in it whereas on some occasions if you go through the firefox forum you can just know that there isnt a single person their that can buy a drink. They both have advantages and disadvantages they are more or less equal in my opinion FF offers a great UI and ease of use and a bit better compatibilty where opera offers speed and better default abilities.Anything is better than IE and its infinte amount of toolbars that just appear.

[dsenette]

the firefox vulnerability apparently was a joke
http://www.computerw...p;taxonomyId=82

[pccromeo]

Its not very buggy ive never seen it screw up a laptop there isn't many applications that can do that certainly not something as inoqious as Firefox. Mind you as far as windows goes i use opera i only use FF in linux now. Its got fewer bugs and because of its nature its bugs are msotly detected and fixed fairly quickly, but if you look hard enough you cna find a major flaw in most applications. Also if you use FF you should really be using a java script blocker most places do reccomend them along with FF the java problems with FF are hardly new.

FF has the advantage of being open source and have a large community that can help a great deal in fixing bugs this, its security extensions and a smaller number of users is what made FF safe. But now its more popular people will target it just the nature of the beast. I dont use FF for the security either i used it because it was a better browser, its the reason i use opera as well its even better than FF.

How it messed up my PC is beyond me. But after attempting to repair it as told by the Mozilla website my NTFS file system was suddenly corrupt!

[warriorscot]

A repair install of FF would never corrupt a FS in fact i dont think many applications could manage that, It sounds more like the hard drive was itself on the verge of total corruption and installing FF tipped it over the edge i would definitely run HDD diagnostics on the drive it may be fine now but i would check.

[John_L]

Just a quick addition if i may? If someone can build it someone can circumvent it.

[pccromeo]

A repair install of FF would never corrupt a FS in fact i dont think many applications could manage that, It sounds more like the hard drive was itself on the verge of total corruption and installing FF tipped it over the edge i would definitely run HDD diagnostics on the drive it may be fine now but i would check.

I just found out that the problem is indeed the hard drive, and replacing it will run me about $90. But I don't get how I was able to install Freespire on the system when the hard drive is bad??!

[warriorscot]

Hard drives still continue to function with many faults however performance is degraded the longer the drive is used and the more often the FSs on the drive are corrupted, the longer you use a faulty drive the worse the performance will get, alot of people will often continue to reinstall an OS on a system with a failing drive until it just wont work anymore.