Mozilla’s Big Doh!!
Firefox has single-handedly re-ignited the browser war, and much like an unknown presidental candidate, the open-source browser has largely received a pass from the press. (And, I might add, rightfully so. Let the development process happen.)
The free ride, though, is over. A number of news outlets, including the BBC, have noted that there are a series of critical flaws.
From the article:
The first flaw reported fools the browser into thinking software is being installed by a legitimate, or safe, website.The second flaw happens when the software installation trigger does not properly check icon web addresses which contain JavaScript code.
A hacker could potentially take advantage of the security flaws to secretly launch malicious code or programs.
One of the most amazing aspects of this story, though, is that so far, nobody has reported any major issues because of this (and the development community is already on top of the flaws). There’s a good chance that we don’t know about hacker acts because there is no central company to report these; however, the developer community is, by and large, far more open, and my guess is that if bad things were happening, it would be posted all over the Web.
If it’s true that there haven’t been any exploited attacks, and there is no evidence right now that there have been, it should go a long way towards quelling the FUD surrounding open-source projects.
Keep Reading
Most Popular
The inside story of how ChatGPT was built from the people who made it
Exclusive conversations that take us behind the scenes of a cultural phenomenon.
ChatGPT is about to revolutionize the economy. We need to decide what that looks like.
New large language models will transform many jobs. Whether they will lead to widespread prosperity or not is up to us.
Sam Altman invested $180 million into a company trying to delay death
Can anti-aging breakthroughs add 10 healthy years to the human life span? The CEO of OpenAI is paying to find out.
GPT-4 is bigger and better than ChatGPT—but OpenAI won’t say why
We got a first look at the much-anticipated big new language model from OpenAI. But this time how it works is even more deeply under wraps.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.