The Mozilla Foundation released on Monday a beta version of the group's latest open-source Firefox browser, rewriting parts of the code and enhancing security.
Firefox 3 Beta 1 adds anti-malware features to the browser, using a similar mechanism as the anti-phishing feature in Firefox 2, harnessing a Google-generated blacklist of sites that are hosting malicious code. The beta version of the browser also checks plugins to make sure they are compatible with the software and uses a secure download mechanism for updates.
"There is a lot of code that has changed, but I don't think there is a lot more code," Mike Schroepfer, vice president of engineering for the group, told SecurityFocus. "We have actually excised old code, and there are couple of areas were we dug out the component and rewrote the whole thing."
Web sites have become an increasingly important vector for malicious and fraudulent software. Earlier this month, attackers defaced hundreds of Web sites -- and thousands of pages -- embedding hidden
iframe code to redirect visitors to malicious download sites. Yet, while such techniques can affect Firefox as well as Internet Explorer, attackers have generally left the open-source browser alone, despite it having a greater number of flaws.
Security features have become a point of competition between Mozilla and Microsoft. A year ago, when both organizations launched their latest browsers, they both claimed to have a better -- albeit, very similar -- anti-phishing solution.
The Mozilla Foundation has not given a release date for the final version of the Firefox 3 browser.
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos