FireFox is making up ground

Because FF had Noscript and ADblock the general opinion was that FF was the safest browser. On FF boards IE was always bashed because it interacted directly with the OS (see Note).

Form a software architecture point of view FF is (was) a Swiss cheese (security wise) with some counter measures (Noscript and Addblock) to compensate for these holes.

But the good news is FireFox is improving and making up ground:

- Cross site scripting protection thumb: implemented in 3.6, now finally on par with IE8 )

- Sandboxing plug-ins called Electrolyses (or out of process plugins as it is called at dev board of mozziila), to be implemented soon so plug-ins like Adobe reader, Flash etc become safer. Google for electrolyses and firefox , hopefully simular to Chrome with --safe-plugins switch

- FF offers several ways of writing plug-ins/extentions which all are installed in the admin space. In this blog http://adblockplus.org/blog/adblock-for-internet-explorer-is-not-an-option The writer of addblock provides all the arguments why the FF implementation is such a bad idea

Google for FireFox and Malware, when your browser bites you for an explanation. Hope FF also restrict user written extentions etc to mitigate security problems in a simular way they are planning for plug-ins. EDIT this is not likely see post #4

- Correct Mime type sniffing and enforcing. The devs of FF luckily have made a 180, until this is implemented in 3.6 https://developer-stage.mozilla.org/en/Incorrect_MIME_Type_for_CSS_Files I advise FF users to allways use Addblock (becasue it filters vulnarable mime types). I am happy to see FF meets IE8 security on this aaspect.


Conclusion

It is good to see that FireFox is reducing its security lag with major browsers and is picking up from open source competition as Mozilla's Director of Firefox, software designer tells in interviews.

Regards Kees


Note
Microsoft made a capital mistake with Active X trying to offer an alternative for java applets. Problem with active X is simular to FF extentions installing in admin space. Luckily Active X can be restricted (siging, trick bits filter etc). This stupid action of Microsoft was the number one reason why IE4 through IE6 were browsers with more security holes than an average secundary road in central Africa has pot holes

 

You mean like how the NPAPI plugin architecture works?

Code:

method onEvent(plugin.vulnerability);
if(browser=Internet.Explorer) {
	blame(Internet.Explorer);
}
else {
	blame(third.party.plugins);
}

 

Eice

Neat coding example

Well amongst others, also the fact that early IE releases relied solely on the intellect of the user http://www.cs.princeton.edu/sip/java-vs-activex.html with so many users running Admin it opened doors in early IE versions http://www.computerbytesman.com/acctroj/axcheck.htm

I agree that plug-in developers should take responsibility themselves like Foxit http://www.zdnet.com/blog/security/foxit-adds-safe-mode-to-counter-pdf-attacks/6390

 

Nice read on FF 4, pity the sandboxing beyond plug-ins and jetpack is addressed as risk/gap for development

http://www.zdnet.com/blog/btl/firefox-4-can-it-become-super-duper-fast/34295?tag=nl.e539

Regards Kees

 

Mhh I am silently singing "it is quiet at the other side, it is quiet at the other side" (in Dutch "Het is stil aan de overkant, het is stil aan de overkant" )


I hope with above facts, Wilders Members will check FireFox dev board before parroting that FF is the safest browser without any factual evidence (when you hate MicroSoft, dislike Google, consider Opera it really is a nice and solid alternative)


Regards Kees

 

Thanks,

Informative post, allthough I know you are allways critical towards applications you think are overrated on security (e.g. Comodo FW, Sandboxie, MBAM). I have to say you are more positive towards Sandboxie since it implemented limited rights and Comodo since it implemented the Sandbox.

Rest assure I am not using FF and lack the knowledge to counter your "facts". I first thought you changed your opinion on FF when reading the thread title, but after reading the posts it is just same old Kees telling about lacking or late implementations of features you consider important for security

When "the other side" stays quiet, I reccon it made sense

Groet

 

I'm not sure if you can call OOPP "sandboxing". AFAIK it doesn't reduce their runtime privileges at all, it just runs plugins as a separate process.

 

Absolutely correct. But putting in a seperate process is a first step to control its interfacing. OOPP certainly helps to reduce the breech surface and enhances control. FF has to create some buzz on its efforts to make up lost ground. As newby stated I want to sound positive, so FF fanboys may read it and make a better decision in keeping FF or changing browser.

 

Firefox 5

 

Why is browser usage single-pointed into security?
There are other things to consider, right?
Mrk

 

Mark,

Well this is a security enthousiasts forum and 9 out of 10 times members justify FF because of its security advantages. I have seen a lot post like "critique my setup" or "please advice" where members told us one of their first actions was to kick out IE, either for themselves of when helping friends.

The poor average PC user is used to IE (used on most offices) and has to learn how the new browser works. This learning time could be better used for laerning safe hex practise and/or using real security browser add-ons (e.g. Linkscanner, Trusteer, PevX facebook freebie, etc).

But as allways you make a valid point, Keep on publishing articles on your website

Regards Kees

 

Firefox more secure than IE 6. Many place still use IE 6. So many think IE 6 good. Catch is many place use IE 6 with SRP. Mean it is fine. But home person not so.

Maybe we tell home person to use SRP and account limited. But thank for info. My explain is that like Mark? Browser no only point of malware. SRP and account limited more useful for home person.

 

Well, look at my sig, I could not agree more with you LUA/SRP/ACL/Applocker great

 

I wonder where this leaves SeaMonkey? I often use SM 2.0.4 with SpywareBlaster, WOT & NoScript. It is worth pointing out that the only trojan I ever got (almost certainly a drive-by from an infected Russian flash advert in a Russian online journal) was while I was using SeaMonkey 1.1.12 & its translator. This was before I had heard of WOT & NoScript but I had SpywareBlaster (4.1). Luckily I had SUPERAntiSpyware to deal with the Balto-Slavic trojan!

 

However, Firefox IS the safest browser without any factual evidence. And I truly do hate Opera, especially sopranos.

But seriously... I agree with Mrkvonic. Why comment on naked browsers? With NoScript plus SafeOnline, FF is nonpareil.

 

AAAAAAAAAAAAAAAAAAAAHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH

I rest my Kees, see the parallel

Google asked FireFox lets make a better browser. No we are the mozilla knights and we are the true knights of the browsing grail. I stand and fight Microsoft. I have beaten Lynx before by crippling my browser functionality using Noscript and Addblock, so IE8 will be a piece of cake

Ahh well said Google let's go on, No said Firefox I am the black knight of the open world. I wil fight you also. .

This happened -http://www.youtube.com/watch?v=dhRUe-gz690-

I grant all FF fanboys a draw

 

If I'm running Firefox in a limited user account, what specific Firefox executables are running as admin? Or am I misunderstanding your comment?

 

It is problably my explanation. When software design principles are explained, they are over simplified and that itself causes confusion.

Adding functionality on a browser is like modifying your house. When you change something which affects the building structure, you need to apply a planning permit with drawing and calculations, so the city commission can check it is safe and it does not affect your neighbours in a negative manner (say you add two floors to your garage, they would only have shadow in thier back garden, so they would not be happy). So to change things you have to arrange something formal. On the other side of this scale when you want to redecorate the inerior of your house, there are very few regulations to deal with.

Try to picture a tabbed browser with third party plug-ins (pdf, flash, etc), dynamic content with embedded programming code in it (pages contain pictures, javascript, etc), an platform for using the browser for web based, functional etentions written by third parties and fun thing like skins etc.

Normally you want the same level of control at software, so binaries for code which affects the core of the browwser, a more IT (technical) language for extentions (e.g. XUL) and easy (end user like) cripots for user related functions.

These restrictions would also determine where these add-ons are stored/installed. For core things this would in the Program Files, for user things this could be in the My documents and Settings.


Regards Kees

 

I beg your pardon? Extensions are definitely not stored in Program Files but in your c:\Documents and Settings folder. And anyway, what do you mean with "admin space" and "user space"? What matters is that as a limited user you don't have write permission for Program Files (nor for the Windows folder). You do have as admin, though, regardless which software you execute.

I really don't know what you're trying to tell us ...

 

Firefox extensions are stored in the user's profile, which in tlu's case is somewhere in \Documents and Settings, and in my case is in a different partition than that containing \Program Files.

 

Sorry Guys,

Used the wrong terminology. I meant third party add-ons. I have not used FF for some while, but in the past Noscript installed parts in the FireFox/SeaMonkey installation directory. Also re-editing posts sometimes creates its own dynamics. When one is sharpening/spicing up the discussion, it distracts the attention from the point one is trying to make. Reading the post back now, I understand what did not made sence. I ediited that part, thanks for the correction.

Luckily the Moziilla devs are helping me out. I noticed that in the release note of 3.6.4 beta they are allready applied some form of process/data control/seperation over plug-ins, so the devs of Mozzilla defenitely have updated their view on modern software. Proces (interaction) and data (access) should be managed, open source does not mean that an add-on has access to everything (from security, performance and quality point of view). As said hope they will implement this on other forms of third party code also (and also sandbox it in future, or other forms of policy management on third party code like trusted publishers/code verification etc).

Regards Kees

PS
Lorenz was a great Dutch scientist and noble price winner ...

 

Mozilla wiki has information on the goals of Firefox Electrolysis:

As you can see, improved security isn't part of the initial goal of Electrolysis, but it's a potential future goal.

Those who have Vista or Windows 7 with UAC not disabled can alter integrity levels to achieve in Firefox something akin to Protected Mode of Internet Explorer - see http://www.victorc.org/2008/03/internet-explorer-7-protected-mode-vs.html for details. Internet Explorer running with low integrity and a medium integrity download folder should be superior to Firefox running with low integrity and a low integrity download folder in the inability of malicious browser content to modify files in the download folder - see http://msdn.microsoft.com/en-us/library/bb250462(VS.85).aspx for technical details. I recommend those using a low integrity download folder to move completed downloads to a higher integrity folder as soon as possible, because any low integrity program can write to a low integrity download folder.

Those who want certain data (e.g. your personal documents) to be unreadable by any low integrity program (e.g. Internet Explorer running in Protected Mode, or Firefox altered to run with low integrity) can do so with chml as described at http://theinvisiblethings.blogspot.com/2007/03/handy-tool-to-play-with-windows.html.

 

No, an improved software architecture is the goal. All others are the direct deratives of an improved software architecture. They have only split them up in primary and secundary goals.

Modularity
A higher modularity of a program done in the correct way (splitting it up in stateless pieces of code which perform a function which keeps the system/data in consistent state) enhances quality and makes spftware easier to maintain extend and adopt. This is often the primary goal of improving overal architecture of software, because it reduces the required man-hours in the future for software development and maintenance.

Well designed software often has a three layer (tier) approach (GUI - Process - Data) in which the process layer also has some hierarchy (in regards to its own functions, re-used objects, services and third party code) and rules for process coöperation/interaction.

As a side effect the trigger ==> code execution relation can be implemented more transparently and makes it easier for software depending on this relation. This is for instance the case with a GUI is responding to mouse clicks on buttons, scroll bars etc. So better GUI responsiveness is a direct result of this goal.

Majestic execution control
Through the tighter interfaces and refined data access control, it is easier to manage either good execution results or abnormal execution (being simple code errors or memory/data exceptions). This serves both stability and security.

Stateless (out of) process design
Allowing for stateless/asynchronious code execution (meaning module A or process A does not have to know where module B or process B in its process execution and process A can do its tasks independently of process B), increases the options for paralell processing. So a better performance on multi cores comes free with this improvement. When one of the processes (say A or B) dumps, it does not have to bring down everything (when it is monitored with majestic execution control), so enhanced stability is one of gains here also.

Rationale behind FireFox priorities
When FF is adopted from a monolith to a modern software arcihitecture, it is a lot easier to control pieces of code (processes). In reverse processes (and third party code/add-ons, extentions) are not allowed to change just everything (the current big advantage according to the writer of Addblock), they are only allowd to touch what is needed for proper process execution (with a clear border on what is shared and what is the process íts own data property). By implementing a modern architecture Firefox enhances the means to implement policy management ('sandboxing') and reduces the attack surface automatically. Therefore every hour spend on securty after the new architecture is implemented has a tenfold higher impact/result than when it should be spend now. This not only applies to security but for other aspects as well. Simply put Firefox has to adopt, otherwise it can't keep up with the competition.


Final Remarks
I never used Comodo FW 1 and 2, I posted threads on how to reduce pop-ups of CFW 3 and I am even positive about Comodo V4 with its sandbox. I prefere policy sandboxing over program virtualisation. I did not like early Sandboxie's delay when starting up a browser. Tzuk has improved these issues and I now endorse people to use SBIE (when they are allready familiar with its concept).

So it may well be that I am positive on FF 4.0 or even start using FF 5.0. I am not against certain software or blindly in favour of others (e,g. DefenseWall, Online Armour, PrevX), I am just spicing up discussion and putting overhyped qualities into perspective.

To mods: when no one reacts this thread may be closed, with over 800 views it served its purpose

Regards Kees

 

No, that's definitely wrong! I've been running my computer as a limited user for many years. As a limited user I don't have write permission for the installation folder - adding Noscript (or any other extension) simply wouldn't have been possible.

Sorry Kees - but please stop maintaining claims about things where you obviously lack sufficient knowledge.

 

Yes. Please use fact only. Confuse people only if yes.