Slashdot Mirror

← Back to Stories (view on slashdot.org)

Firefox Exploit Adds Fuel to Browser Security Feud

Posted by Zonk on from the patch-early-patch-often dept.

An anonymous reader writes "Washingtonpost.com is reporting that a fairly nasty exploit has been released for a security hole that Firefox patched just yesterday. This is sure to add fuel to the ongoing heated debate over whether Mozilla is any safer the Internet Explorer." From the article: "This is not your run-of-the-mill proof of concept exploit code. It appears to be quite comprehensive, and would allow any attacker to use it with only slight modifications. According to the advisory, the code is designed to be embedded in a Web site so that anyone computer visiting the evil site with Firefox or Netscape would open up a line of communication with another Internet address of the attacker's choice, effectively letting the bad guys control the victim computer from afar."

19 of 510 comments (clear)

  1. Welcome by Anonymous Coward · · Score: 2, Funny

    I for one welcome our new Firefox hacking overlords.

  2. Woo! Finally! by daniil · · Score: 5, Funny

    Firefox is finally catching up with the market leader! Woo!

    --
    Man is a slave because freedom is difficult, whereas slavery is easy.
  3. Good news! by Otter · · Score: 5, Funny
    On the plus side, the exploit is released under the GPL. This just goes to show the superiority of open-source over proprietary exploits!

    Also on the plus side, the Washington Post link crashes my IE, so I can't even read the anti-Firefox news. Score another for Mozilla!.

    --
    What I'm listening to now on Pandora...
  4. Commence the Microsoft conspiracy theories... by slashdotnickname · · Score: 5, Funny

    ...because we all know that no self-respecting hacker would attack a friend of open-source such as FireFox. These exploit discoveries are being secretly funded by Microsoft!

  5. Re:Question by tktk · · Score: 5, Funny
    Does the Washington Post, or any other mainstream media outlet, publish a story whenever an exploit is released in the wild for Internet Explorer?

    No... because it's hideously expensive to print 10lb newspapers every day.

  6. That can only mean one thing .... by photonic · · Score: 2, Funny

    Microsoft has stopped working on IE7 and has its PhD's working full-time on writing exploits for known holes...

    --
    karma police: arrest this man, he talks in maths; he buzzes like a fridge, he's like a detuned radio. [radiohead]
    1. Re:That can only mean one thing .... by sharkey · · Score: 2, Funny

      Great! Non-functional malicious code is the best kind of malicious code.

      --

      --
      "Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
  7. Re:Exploits as remote administration tool? by thedustbustr · · Score: 2, Funny

    Yup. I'm currently purposefully remote administering your machine as we speak.

    --
    This sig is false.
  8. Screw it...I'm moving to Lynx! by PenguinBoyDave · · Score: 5, Funny

    Let's see them attack my text-based browser!

    --
    I'm not a troll, but I play one on Slashdot.
  9. did anyone else notice... by advocate_one · · Score: 2, Funny

    that the actual exploit was released under the GPL... this means that anyone who takes it and modifies it has to release their improvements if they then proceed to distribute it... so if anyone does get infected, please get the person you got it from sued by Gnu for failing to make the source code available as well...

    --
    Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
  10. Well that tears it! by dpilot · · Score: 5, Funny

    I'm going to rip Linux out of all my boxes, install WinXP SP2, and do all of my web surfing on IE with ActiveX enabled, just to be safe!

    --
    The living have better things to do than to continue hating the dead.
  11. Why Firefox is still better than IE... by gsfprez · · Score: 2, Funny

    I just removed Firefox from this computer and installed Opera. No problem.

    I also just tried to remove IE... no luck.

    Firefox is still better.

    --
    guns kill people like spoons make Rosie O'Donnell fat.
  12. Re:Browser shmouser by Reglar_Joe · · Score: 3, Funny

    You talk as if penis enlargement isn't a good thing.

  13. Re:Vunerability counts say nothing. by Innova · · Score: 2, Funny

    To get security you have to spend a metric-fuckton of CPU cycles.

    How many Volkswagon Beetles does it take to carry a metric-fuckton?

    --
    See my Home Theater
  14. Re:Browser shmouser by jacksonj04 · · Score: 4, Funny

    You talk as if you need it ;-)

    --
    How many people can read hex if only you and dead people can read hex?
  15. Re:Browser shmouser by pohl · · Score: 2, Funny

    Nice link in your sig...so Linus doesn't like slashdot, but he follows it anyway. Doesn't that mean he's just like the rest of us?

    --

    The "cue the foo posts in 3, 2, 1..." posts will commence with no subsequent foo posts in 3, 2, 1...

  16. Hey, a new game! by Sialagogue · · Score: 4, Funny

    I'd like to propose a new game here on Slashdot, called "Six Degrees of Microsoft." The objective is to relate *any* story, from browser exploits, to RFID tags, to new features on Google maps back to some oversight, corruption, or other evil perpetrated by Microsoft.

    Understand, I'm not even saying I necessarily disagree with the parent post, I just think that every Slashdot post in the future should have at least one response titled "Six Degrees of Microsoft." Firefox/IE posts are easy, but "GBA SP Updated with Brighter Backlit Screen" might be a bit more of a challenge.

    Good luck...

    --
    The only acceptable defense of scientific results is to say that they were the product of the Scientific Method.
  17. Re:Question by e2d2 · · Score: 2, Funny

    No... because it's hideously expensive to print 10lb newspapers every day.

    Me thinks you've never read the print version of the washington post then.. It really _does_ weigh ten pounds already.

  18. Re:Even without root things can get nasty by Anonymous Coward · · Score: 1, Funny

    For some reason a firewall-type program for files (modification, creation and deletion) came to mind. But you'll have to ponder about this for yourself, I'm horny and need some more pr0n now.