Mozilla Privacy Bug
Saturday September 14th, 2002
Yesterday, ZDNet UK News reported that Mozilla has a privacy flaw involving HTTP referers. The flaw can be exploited using the
The bug was filed in Bugzilla as bug 145579 on Sunday 19th May, with the more serious
UPDATE! Bug 145579 has now been made public.
ANOTHER UPDATE! A fix has been checked in to the trunk. A patch for the 1.0 branch will follow shortly.
YET ANOTHER UPDATE! A patch has now been checked in to the 1.0 branch.
#45 Re: Re: Re: Track Record
Tuesday September 17th, 2002 10:53 AM
You are replying to this message
Kristen has a valid point that you are missing. Mozilla does have a relatively minimal track record. It is used by a small percentage of people browsing. It is very a young and rapidly changing product. Given that, how many of the security scrutineers (black hat or white hat) have put their resources towards examining it? How many of the crackers have tried to exploit it? Someone said they used it for 1 1/2 years (I have used it longer myself) and have experienced no exploits. How would you know if you had? This current security issue only tells the site you are going to, what was the last site you visited. We are all aware of IE's and Microsoft's history. That is not at debate. The point being made is that the secureness (is that a word?) of Mozilla is unproven as of yet. That will come. We hope that the Mozilla development community is working on this as a high priority. Time will tell how well they do.