Category: Firefox

No More Than 10 Days To Release Critical Patch

By | August 8, 2007 | 2 Comments

“Ten Fuc*ing Days”. That’s what Mozilla said.

That’s right, they’ve said that they can release any critical patch within 10 days or faster. Firefox 2.0.0.6 was released even faster than 10 days (after security flaws were discovered). So they are not just using some tricks (or do they?), it’s already proven, we will see how fast they will release next one.

In my point of view, before using such statements they should also fix other security vulnerabilities. Even if they are not the most critical ones.

10 Days
Picture Source.

Unpatched 43% (6 of 14 Secunia advisories)
Most Critical Unpatched
Secunia Security Stats.

Details About IronMonkey And ScreamingMonkey

By | August 8, 2007 | 0 Comments

Hello everyone,
Sorry for not writing anything interested in a past few days, I was in some kind of not planned vacation. Anyways, time for the news.

Mozilla team updated us by providing more details about IronMonkey and ScreamingMonkey. Here are some quotes from their post.

The critical, core, component of this is the Tamarin virtual machine (which is an Open Sourced version of the ActionScript Virtual Machine that powered the Adobe Flash Player). Tamarin already supports ECMAScript 3 (and, thusly, JavaScript, ActionScript, and JScript) and parts of the upcoming ECMAScript 4 specification.

JavaScript will no longer be the only viable scripting language in browsers that use that Tamarin engine. At the very least, there’ll be two more languages to work with.

ScreamingMonkey is the effort, being led by Mark Hammond, to allow the Tamarin engine to run within non-Mozilla browsers, starting with Internet Explorer.

ScreamingMonkey Planning Notes.

That’s a brief, here’s a full story to read (if you want to).

Firefox 3 Alpha 7 Released

By | August 4, 2007 | 0 Comments

Yet again, we have a new Firefox 3 version: Firefox 3 Alpha 7.

What’s new in it? There are some great stuff like zoom and that’s not all. Here’s a complete list of changes and fixes:

  • Support for Mac OS X 10.3 (Panther) has been removed. Gecko 1.9 will no longer build or run on Mac OS X 10.3
  • Default visited pages history size 9 to 180 days
  • Full page zoom of images, layout and text
  • Many fixes for context menus, clipboard, and drag services on Mac OS X
  • Reworking of XUL menus and popups
  • document.all now returns a NodeList of elements
  • Several new clipboard events
  • A class of wrappers to mediate access between web pages from different origins
  • Cross site XMLHttpRequest specification implemented
  • A method for opening modal dialogs from content
  • Color profile support
  • Text in canvas

Here’s what I got after trying to run Firefox 3 Alpha 7:

Firefox 3 Alpha 7 Screenshot

Oh well… I will wait for Firefox 3 Milestone 8 then, it will be released in the middle of September.

Release Notes
Download Firefox 3 Alpha 7:
Windows
Mac OS X
Linux

Firefox 2.0.0.6 Released

By | July 31, 2007 | 0 Comments

Finally, some new version of web browser, as I was geting bored.

Firefox 2.0.0.6 fixes the following security issues:

  • Unescaped URIs passed to external programs
  • Privilege escalation through chrome-loaded about:blank windows

Every web browser update is important and I strongly advice you to update your Firefox to the newest one. If you can increase your security level for free, why not to do that?

Download Firefox 2.0.0.6

What’s New In The Next Firefox 3 Release?

By | July 26, 2007 | 2 Comments

So there will be few more new things in the next Firefox 3 release. First of all, it’s a page zoom (like Opera’s one).

New “google-safe-browsing” protocol and better scripting support.

That’s all what I read so far, let’s wait for more news.

Increase Your Security And Privacy With Firefox Add-Ons

By | July 26, 2007 | 0 Comments

Is there anything wrong this week? Waiting for some new releases and just interesting news, but nothing happens. Anyways…

Sean P. Aune wrote a nice article and listed over 50 add-ons for Firefox, which should help you to increase your security and privacy level.

50+ Firefox Add-ons For Security and Privacy.

Enjoy.

Mozilla To Develop A New JavaScript Engine (ActionMonkey)

By | July 24, 2007 | 0 Comments

It seems that Mozilla Devs ain’t sleeping. They are going to develop a brand new JavaScript engine called “ActionMonkey“.

ActionMonkey is the code-name for the project to integrate Tamarin and SpiderMonkey as part of Mozilla 2.

Stage 0 of this project is underway. What they are going to do now is to replace SpiderMonkey’s GC (jsgc) with Tamarin’s GC (MMgc).

Their new efforts will boost performance for sure and I am waiting for more news from ActionMonkey blog.

Over 40 Firefox Add-Ons For Bloggers

By | July 19, 2007 | 0 Comments

Sean P. Aune wrote a great article “40+ Firefox Add-ons for High Speed Blogging“.

If you are using Firefox and blogging, feel free to read that. Great stuff posted.

Firefox 2.0.0.5 Released

By | July 18, 2007 | 0 Comments

So I was surfing the internet today and got a pleasant notice about an installed update. That’s right, Firefox 2.0.0.5 was just released.

According to Mozilla.org, Firefox 2.0.0.5 fixes the following vulnerabilities:

  • XPCNativeWrapper pollution
  • Unauthorized access to wyciwyg:// documents
  • Remote code execution by launching Firefox from Internet Explorer
  • File type confusion due to %00 in name
  • Privilege escallation using an event handler attached to an element not in the document
  • Frame spoofing while window is loading
  • XSS using addEventListener and setTimeout
  • Crashes with evidence of memory corruption

Release notes.

Download here.

And by the way, I love the way how Firefox is being updated.

Firefox 3 Alpha 7 Pre. Anti Fraud Feature

By | July 12, 2007 | 3 Comments

It’s not a big secret, every web developer wants to have fastest and most secure web browser, which not only should have all the security issues fixed, but also it should help novice user to understand the risks and help him/her to avoid that.

Firefox 3 Alpha 7 (Pre) got one more feature which should help users to avoid fake domain names. See this picture.

Firefox 3 Alpha Pre URL

It highlights domain name (well… actually makes other text light grey) so users could take a look at it and make sure it’s a correct domain name. Not really usefull, isn’t it?

That’s not all, according to Arstechnica,

FF3 Alpha 7 also incorporates a domain translator that changes an address that’s encoded in non-standard ASCII (such as a percentile-encoded address) into standard text. Again, this is a change aimed at making domain addresses easier to read by stripping out the non-standard characters a phisher might use to confuse a potential target.

There’s also an add-on for Firefox 2. Not perfect, but if you don’t want to use Firefox 3 Alpha 7 to test this one, feel free to use Locationbar2 add-on.