Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

Firefox has single-handedly re-ignited the browser war, and much like an unknown presidental candidate, the open-source browser has largely received a pass from the press. (And, I might add, rightfully so. Let the development process happen.)

The free ride, though, is over. A number of news outlets, including the BBC, have noted that there are a series of critical flaws.

From the article:

The first flaw reported fools the browser into thinking software is being installed by a legitimate, or safe, website.

The second flaw happens when the software installation trigger does not properly check icon web addresses which contain JavaScript code.

A hacker could potentially take advantage of the security flaws to secretly launch malicious code or programs.

One of the most amazing aspects of this story, though, is that so far, nobody has reported any major issues because of this (and the development community is already on top of the flaws). There’s a good chance that we don’t know about hacker acts because there is no central company to report these; however, the developer community is, by and large, far more open, and my guess is that if bad things were happening, it would be posted all over the Web.

If it’s true that there haven’t been any exploited attacks, and there is no evidence right now that there have been, it should go a long way towards quelling the FUD surrounding open-source projects.

0 comments about this story. Start the discussion »

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me