Firefox has had relatively few security holes due to buffer overflows. Most of the recent holes in Firefox have been dangling pointer dereferences or JavaScript privilege escalation bugs. The dangling pointer dereferences, in turn, have mostly been garbage collection hazards or bugs involving non-reference-counted layout data structures called "frames".
I think these names are not being added to the source code, but rather added to a page hosted on mozilla.org that will be accessible in some way from Firefox's UI.
Yahoo! used to run a service called PayDirect (along with HSBC Bank). In 2000 or 2001, it had no fees and was better than PayPal in several ways. They shut it down in November 2004.
The article says this is a stack overflow, which is a very different thing from a stack-based buffer overflow. It even links to a page correctly defining stack overflows. Stack overflows (aka crashes due to too much recursion) are not exploitable on sane architectures, while stack-based buffer overflows usually are exploitable. So I don't understand why the article claims this is exploitable.
From bug 18004 and bug 230870, it looks like this is one of the most voted-on issues, and it also looks like Mozilla developer Christian Biesinger has ideas for fixing it. Have you considered bribing him to fix it faster?
Firefox 2 won't have many performance improvements over Firefox 1.5, since Firefox 2 is a frontend release. Most of the speed improvements that have gone into the trunk since Firefox 1.5 won't be shipped to end-users until Firefox 3.
One major exception is the work on memory leaks. Firefox 1.5.0.x releases have been getting the simpler (less risky) leak fixes, and it looks like Firefox 2 will get most of the less simple memory leak fixes that are going into the trunk, including the nsIDOMGCParticipant work that fixes the large leaks with Gmail and most Greasemonkey scripts.
The Slashdot article is incorrect in describing this bug as a denial of service. It's a use of a dangling pointer in a way that we believe can cause arbitrary code execution.
However, companies using host-based IPS that rely on flaw information to build signatures are basically left at risk because of Microsoft's silent fixes.
Users who refuse to install Microsoft security patches are left vulnerable to security holes in Microsoft products they use!? Scandalous!
When I first visited the Wikipedia page yesterday, it contained the following:
Slashdot incorporated a pink "OMG!!! Ponies!!!" theme at 00:00 UTC. This girlish theme is in stark contrast for a techie website believed to be mostly frequented by male nerds. A "Special Birthday Report" [4] about Jeff "Hemos" Bates emerged in the first minutes of the day. A link to Thinkgeek's wireless extension cords has also been posted. The presence of humor on Slashdot has yet to been confirmed.
That sentence probably disappeared due to Wikipedia's NPOV policy, which makes me sad.
Apple's "solution" involves document.write, which doesn't work in XML (e.g. XHTML sent with the mimetype application/xhmtl+xml). Can I add the OBJECT tag with a DOM2 method instead of document.write, or is document.write the only way to get around this patent-induced change?
A table listing which mutation events each browser supports would be more interesting. (I believe Firefox supports DOMNodeInserted, DOMNodeRemoved, and two others.)
Because in the world of browsers, the term "plugin" has a specific meaning: a program that uses a specific API (the Netscape Plugin API) to display types of content (Flash animations, QuickTime videos, etc.) that the browser doesn't support natively.
But of course, in the USA your government does not care too much about environment so I doubt your energy bills (electricity, oil or whatever else) includes taxes used to sustain your environment.
While that might be true, it's not clear to me why a government has to "care about the environment" before it will control externalities. Even if a government don't care about the endangered animals, it should care about costs to society such as health costs associated with pollution and costs to agriculture associated with deforestation.
I agree that improving startup / wakeup time for electronics is important. I think slow startup times and lack of sleep modes are largely responsible for people not bothering to turn computers off when they're not using them.
Slashdot Mirror
A cache of the "bandwidth exceeded" page. Just what I need!
Most of those aren't funny. Can you point out the funny ones to us?
Firefox has had relatively few security holes due to buffer overflows. Most of the recent holes in Firefox have been dangling pointer dereferences or JavaScript privilege escalation bugs. The dangling pointer dereferences, in turn, have mostly been garbage collection hazards or bugs involving non-reference-counted layout data structures called "frames".
Don't hire those commie, intellectual-property-hating, "information wants to be free" Slashdot readers!
I think these names are not being added to the source code, but rather added to a page hosted on mozilla.org that will be accessible in some way from Firefox's UI.
Yahoo! used to run a service called PayDirect (along with HSBC Bank). In 2000 or 2001, it had no fees and was better than PayPal in several ways. They shut it down in November 2004.
That's just a list of security fixes. There were non-security fixes in Firefox 1.5.0.4 too.
The article says this is a stack overflow, which is a very different thing from a stack-based buffer overflow. It even links to a page correctly defining stack overflows. Stack overflows (aka crashes due to too much recursion) are not exploitable on sane architectures, while stack-based buffer overflows usually are exploitable. So I don't understand why the article claims this is exploitable.
What's broken about the option for not allowing window.status to be used in JS?
It's not revisionist history. Revisionist history is making incorrect statements about the past. It's just incorrect.
From bug 18004 and bug 230870, it looks like this is one of the most voted-on issues, and it also looks like Mozilla developer Christian Biesinger has ideas for fixing it. Have you considered bribing him to fix it faster?
Firefox 2 won't have many performance improvements over Firefox 1.5, since Firefox 2 is a frontend release. Most of the speed improvements that have gone into the trunk since Firefox 1.5 won't be shipped to end-users until Firefox 3.
One major exception is the work on memory leaks. Firefox 1.5.0.x releases have been getting the simpler (less risky) leak fixes, and it looks like Firefox 2 will get most of the less simple memory leak fixes that are going into the trunk, including the nsIDOMGCParticipant work that fixes the large leaks with Gmail and most Greasemonkey scripts.
The Slashdot article is incorrect in describing this bug as a denial of service. It's a use of a dangling pointer in a way that we believe can cause arbitrary code execution.
However, companies using host-based IPS that rely on flaw information to build signatures are basically left at risk because of Microsoft's silent fixes.
Users who refuse to install Microsoft security patches are left vulnerable to security holes in Microsoft products they use!? Scandalous!
That sentence probably disappeared due to Wikipedia's NPOV policy, which makes me sad.
Never mind, the last paragraph of this comment answered my question.
Apple's "solution" involves document.write, which doesn't work in XML (e.g. XHTML sent with the mimetype application/xhmtl+xml). Can I add the OBJECT tag with a DOM2 method instead of document.write, or is document.write the only way to get around this patent-induced change?
It looks bad on my PowerBook too, probably because it doesn't get that subpixel rendering that normal text gets.
A table listing which mutation events each browser supports would be more interesting. (I believe Firefox supports DOMNodeInserted, DOMNodeRemoved, and two others.)
That is not all submitted extensions, I know because none of the ones I submitted are shown on that page :)
It's the 100 most popular extensions on addons.mozilla.org, more or less. See the page those screenshots came from: The Superbrowser.
why are they pushing the term "extension"!
Because in the world of browsers, the term "plugin" has a specific meaning: a program that uses a specific API (the Netscape Plugin API) to display types of content (Flash animations, QuickTime videos, etc.) that the browser doesn't support natively.
Btw, you misspelled "?".
my Bathroom Monkey.
What missing features or options were you disappointed by?
But of course, in the USA your government does not care too much about environment so I doubt your energy bills (electricity, oil or whatever else) includes taxes used to sustain your environment.
While that might be true, it's not clear to me why a government has to "care about the environment" before it will control externalities. Even if a government don't care about the endangered animals, it should care about costs to society such as health costs associated with pollution and costs to agriculture associated with deforestation.
I agree that improving startup / wakeup time for electronics is important. I think slow startup times and lack of sleep modes are largely responsible for people not bothering to turn computers off when they're not using them.
I could have guessed that, and you didn't answer the second half of my question.