Monday, October 02, 2006
Hackers detail Firefox flaw, calling the browser a "complete mess"
Hacker conferences are so much fun. Case in point: San Diego's ToorCon conference on Saturday, when engineers Mischa Spiegelmock and Andrew Wbeelsoi (what names!) took the stage and called the increasingly popular Firefox Web browser a "complete mess." The duo detailed to the world a security flaw in Firefox, which afflicts the browser's handling of Javascript. As if that weren't painful enough, Spiegelmock and Wbeelsoi also said the glitch was probably "impossible to patch."
"Internet Explorer, everybody knows, is not very secure," said Spiegelmock. "But Firefox is also fairly insecure."
Naturally, Firefox officials were none too happy, reports CNET. The hard-working people from the Mozilla Foundation, which manages Firefox, had hoped for a bit more discretion. Publicizing a Firefox insecurity hurts the browser's image as the safe, spam-free alternative to Microsoft's Internet Explorer. "I think it is unfortunate because it puts users at risk, but that seems to be their goal," groused Window Snyder, head of security for Mozilla.
Digg readers are having none of the Firefox bashing. When one posted: "It makes you wonder why people always say FF is the best browser," one reader was quick to fire back: "Maybe because each Firefox flaw is worthy of a news post, while Internet Explorer has so many that no one bothers to write about them anymore."
Hackers detail Firefox flaw, calling the browser a "complete mess"
Hacker conferences are so much fun. Case in point: San Diego's ToorCon conference on Saturday, when engineers Mischa Spiegelmock and Andrew Wbeelsoi (what names!) took the stage and called the increasingly popular Firefox Web browser a "complete mess." The duo detailed to the world a security flaw in Firefox, which afflicts the browser's handling of Javascript. As if that weren't painful enough, Spiegelmock and Wbeelsoi also said the glitch was probably "impossible to patch."
"Internet Explorer, everybody knows, is not very secure," said Spiegelmock. "But Firefox is also fairly insecure."
Naturally, Firefox officials were none too happy, reports CNET. The hard-working people from the Mozilla Foundation, which manages Firefox, had hoped for a bit more discretion. Publicizing a Firefox insecurity hurts the browser's image as the safe, spam-free alternative to Microsoft's Internet Explorer. "I think it is unfortunate because it puts users at risk, but that seems to be their goal," groused Window Snyder, head of security for Mozilla.
Digg readers are having none of the Firefox bashing. When one posted: "It makes you wonder why people always say FF is the best browser," one reader was quick to fire back: "Maybe because each Firefox flaw is worthy of a news post, while Internet Explorer has so many that no one bothers to write about them anymore."