Firefox 2.0 Beta | EDUCAUSE

Created by Stuart Yeates (University of Oxford) on August 18, 2006

There's a developer-oriented Firefox 2.0 Beta out, which you can download for four platforms (Windows, MacOSX, Linux and Solaris) and about thirty languages.

Version 2.0 breaks quite a few extensions, so it looks like they're making lots of noise about the Beta so that as many extension developers as possible get around to updating them. The reason for the many of the changes is a new extension security system:

Firefox runs both extensions and plugins at elevated privilege, opening users up to attack vectors left open either intentionally (a malicious extension/plugin which may have been installed by some trickery) or unintentionally.

Once an exploit is known to the community, it should be our responsibility to take measures to protect our installed users from these attack vectors. To do so, a "blocklist" will be kept which will be an always up-to-date list of plugin and extension versions that have been found to be vulnerable to attack. A local copy of this list will be updated using the Software Update mechanism. If an installed plugin or extension matches this list, it will be disabled and the user will be informed.

There is also an excellent-sounding true opt-in statistics gathering tool that will gather fine-grained statistics about how people are using their browsers to enable future releases to be better, faster and easier to use.

Stuart's blog
Login or register to post comments
3665 reads

		Firefox 2.0 Beta Created by Stuart Yeates (University of Oxford) on August 18, 2006 There's a developer-oriented Firefox 2.0 Beta out, which you can download for four platforms (Windows, MacOSX, Linux and Solaris) and about thirty languages. Version 2.0 breaks quite a few extensions, so it looks like they're making lots of noise about the Beta so that as many extension developers as possible get around to updating them. The reason for the many of the changes is a new extension security system: Firefox runs both extensions and plugins at elevated privilege, opening users up to attack vectors left open either intentionally (a malicious extension/plugin which may have been installed by some trickery) or unintentionally. Once an exploit is known to the community, it should be our responsibility to take measures to protect our installed users from these attack vectors. To do so, a "blocklist" will be kept which will be an always up-to-date list of plugin and extension versions that have been found to be vulnerable to attack. A local copy of this list will be updated using the Software Update mechanism. If an installed plugin or extension matches this list, it will be disabled and the user will be informed. There is also an excellent-sounding true opt-in statistics gathering tool that will gather fine-grained statistics about how people are using their browsers to enable future releases to be better, faster and easier to use. firefox \| mozilla \| web browser \| Web Browsing Stuart's blog Login or register to post comments 3665 reads
		© Copyright 1999-2009 EDUCAUSE Need Help? \| Feedback \| Privacy Policy
	Unless otherwise noted, EDUCAUSE holds the copyright on all materials published by the association, whether in print or electronic form. In certain cases the work remains the intellectual property of the individual author(s) (see Special Circumstances). Content from conference speeches, presentations, blogs, wikis and feeds reflect the opinions of the author, and not necessarily those of EDUCAUSE or its members.