Mozilla official blog recently announced the removal of an add-on which was transmitting personal and confidential data from users to a remote site.
The add-on is called (or was) Mozilla Sniffer, which it was uploaded on June 6th to the official add-on site from Mozilla. And it was downloaded by 1800 users and 334 had this add-on active. The behavior of this add-on apparently took all of the private browsing data from users (like user names and passwords), and send it to a remote site.
Since Mozilla blacklisted this add-on; all of those who had it working should see this feature disabled from their browsers.
Mozilla also makes a contradictory statement about this situation:
“Mozilla Sniffer was not developed by Mozilla, and it was not reviewed by Mozilla. The add-on was in an experimental state, and all users that installed it should have seen a warning indicating it is unreviewed. Unreviewed add-ons are scanned for known viruses, trojans, and other malware, but some types of malicious behavior can only be detected in a code review.”
But later in the same article:
“Having unreviewed add-ons exposed to the public, even with low visibility, has been previously identified as an attack vector for hackers. For this reason, we’re already working on implementing a new security model for addons.mozilla.org that will require all add-ons to be code-reviewed before they are discoverable in the site”.
Damn right you’ll be reviewing those add-ons! If you are publishing add-ons, features and options for your product within your site, you should be aware there’s a responsibility behind it.
Mozilla team released a new Firefox version, the 3.6.4, with an interesting milestone: Tab crash protection, preventing your browser from crashing when there’s an error.
Since forever Internet browsers had tons of problems accessing more badly design complex web apps, and the reason always have resided in the plugins used: Adobe Flash, Shockwave, Silverlight and several other that are present in almost any browser session; but now Mozilla Firefox created for their first time in history a version which will prevent the entire browser from crashing when there’s a plugin problem.
If there’s a crash generated by a web site, let’s say using Flash, the tab generating that problem will be reloaded without stopping any other tab or the browser. Besides this update, the new version does not bring us many differences, check the complete changes here.
And you can download directly the latest Mozilla Firefox version from here.
In the battle over email application supremacy, Thunderbird has been one of the most highly developed for web application next to Google’s Gmail. Consistently we’re treated to new releases, updates, and efforts to make the user experience more comfortable and seamless with other email providers as it works to be the catch all for all of our digital communication. Most recently Thunderbird introduced a bevy of plug-ins over the summer that increased the usability of the application, but also made it more fun. Millions of dedicated Thunderbird users keep this email client in constant development and whats being released this week is no exception.
+Continue Reading
Finally after a lot of expectation and three release candidates (all were published within less that two weeks) Mozilla announced that the the final version for Firefox 3.5 will be available to the public on the morning of Tuesday, June 30.
Seems that development team is running against the clock, considering that on June 24 they’ve released the RC3 version for Firefox 3.5 and originally the announcement about the final version stated that “end of June” will be the date. Well they sure are keeping the promise, taking the last day of the month to release it.
Since RC1, the two other versions that were public basically focused in bug fixing, so if you installed were using any of these versions you shouldn’t expect greatest differences with the final one.
Download Firefox 3.5 RC3.
