Firefox Was the Most Attacked & Exploited Browser At Pwn2own 2014

darthcamaro writes "Though IE, Chrome and Safari were all attacked and all were exploited, no single web browser was exploited at this year's Pwn2own hacking challenge as Mozilla Firefox. A fully patched version of Firefox was exploited four different times by attackers, each revealing new zero-day vulnerabilities in the open-source web browser. When asked why Mozilla was attacked so much this year, Sid Stamm, senior engineering manager of security and privacy said, 'Pwn2Own offers very large financial incentives to researchers to expose vulnerabilities, and that may have contributed in part to the researchers' decision to wait until now to share their work and help protect Firefox users.' The Pwn2own event paid researchers $50,000 for each Firefox vulnerability. Mozilla now pays researcher only $3,000 per vulnerability."

Re:Yeah, but it's fast and it's not bloated

[lexman098]

It can actually be pretty fast if tweaked a bit.

Re:Firefox is the most unstable program in common

[ahabswhale]

That's odd, I keep literally dozens of tabs open in it all the time and haven't had it crash on me for as long as I can remember.

Re:Firefox is the most unstable program in common

[mark_osmd]

I think the 'crashy' people are installing huge numbers of questionable plugins. I have good luck with Firefox but only install a few well selected plugins (noscript, better privacy, adblock, flash block, littlefox, and self destructing cookies). Because many of those plugins block crud like flash ads I get even better stability.

No lowrights mode (not surprised)

[Billly+Gates]

Both Chrome and IE (yes slashdotters I did say IE) support lowrights mode.

This means it has no access to the file system at all, no access to processes or threads and %appdata is its prison ... assuming you are on Windows 7 or greater on Windows. XP users will get hacked regardless of browser because the OS does not support kernel level sandboxing.

I left Firefox for IE 9 in 2011 after it won rewards on tomshardware.com. Then switched to Chrome. Firefox like Netscape before it is a sad shell of its former self. I do admit the later firefox releases are much more lenient on ram usage and have improved drastically.

But I have an older Phenom II x6. Nice 6 core with virtualization support for VMWare .. but it is 2.6 ghz and is showing its age at only 2.6 ghz. My machine needs multi processing/threading apps to run close to modern and they provide greater security. One tab does not interfere with another and can be assigned for each core.

To prevent my fan from going high and causing high usage both IE 10+ and Chrome utilize my system fine and still display pages as fast as those reading this on an icore5 or later. But Firefox puts +20 tabs on one cpu with no lowrights mode and as you can image when firebug is on it slows down all the tabs and it is a security risk.

Like netscape it was the lack of funding that killed it agaisn't IE 6 onslaught. I wonder if the same is true? I used Netscape 4.7 before succumbing to IE 6 and then Firefox 1.5 to IE 9 and later Chrome today.

Re:Yes.

[vux984]

Most people don't open a lot of windows and tabs at the same time.

Define many. I routiney have 10+ windows with 20+ tabs in most of them, and another 10+ windows with 1 or 2 tabs.

I do software development; not primarily web based, but it comes up both in web apps and web services, so I'm regularly loading and debugging sites that are rendering pretty broken stuff too.

I honestly can't recall the last time FF crashed on me for any reason.

The problem is much worse when many windows and tabs are open under the Windows OS and Windows is hibernated several times.

I haven't rebooted my Mac in ages -- last time I installed an update that needed a reboot. A few months easy.

My home office win 7 destkop gets rebooted around once a month for windows updates. Sleep/hibernate/wakeups the rest of the time.

I'm not disputing your experience. But I do wonder whether your crashes are tied to a particular plugin, or are linked to some other characteristic of your system. We use FF at the office as well, on dozens of computers -- stability is NOT problem there as well. Don't know what to tell you.

Re:Firefox is the most unstable program in common

[ahabswhale]

I would recommend noscript. Firefox does have a glaring flaw in that all the tabs run in the same process so if one gets wonky, it's game over for everything. It's probably flash that's killing you. I use noscript which blocks everything (like flash) that I don't explicitly want running and it makes Firefox very stable. As a side benefit, it makes browsing much safer. I use Chrome a lot too but when I'm going to any questionable sites, I use firefox just because of noscript.

Re:Yeah, but it's fast and it's not bloated

[Jane+Q.+Public]

"Yeah, but it's fast and it's not bloated"

On my Mac, the Chrome app is 6 times the size of Firefox, and far slower. Just sayin'.

I keep them updated. I don't use Chrome except when I have to because it's too slow (with NO bookmarks or plugins) versus my Firefox (with a shitload of bookmarks and lots of plugins).

I use these things in my daily work. Or rather, I use Firefox in my daily work because Chrome and Safari are so slow. But I have to check compatibility with them so I keep them around and do use them sometimes.

That's on my Mac. YMMV on your computer or on Windows.