Language Selection

English French German Italian Portuguese Spanish

Firefox devs mull dumping Java to stop BEAST attacks

Filed under
Moz/FF

Firefox developers searching for a way to protect users against a new attack that decrypts sensitive web traffic are seriously considering an update that stops the open-source browser from working with Oracle's Java software framework.

The move, which would prevent Firefox from working with scores of popular websites and crucial enterprise tools, is one way to thwart a recently unveiled attack that decrypts traffic protected by SSL, the cryptographic protocol that millions of websites use to safeguard social security numbers and other sensitive data. In a demonstration last Friday, it took less than two minutes for researchers Thai Duong and Juliano Rizzo to wield the exploit to recover an encrypted authentication cookie used to access a PayPal user account.

Rest here




gotta be a joke

firefox is so full of memory leaks that calling anything else insecure sounds more like m$ calling everyone less secure.

I am using firefox less and less. Chrome runs circles around it AND it is more stable. Even konwueror with wenkit renderer is better than firefox.

The last good firefox release was 3.6 - it has been downhill since then. The mozilla "developers" have gotten fatter after making 100s of millions of dollars from google ads. They don't care anymore- they are corrupt, like RH and their minions.

FF 3.6

Agreed. I've gotten so fed up with the mess that Firefox has become, that I've actually gone BACK to 3.6 on all of my machines.

I don't think that's going to be a good long-term solution, but I don't know what to do in the meantime.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Microsoft Still at It

5 open source RSS feed readers

When Google Reader was discontinued four years ago, many "technology experts" called it the end of RSS feeds. And it's true that for some people, social media and other aggregation tools are filling a need that feed readers for RSS, Atom, and other syndication formats once served. But old technologies never really die just because new technologies come along, particularly if the new technology does not perfectly replicate all of the use cases of the old one. The target audience for a technology might change a bit, and the tools people use to consume the technology might change, too. Read more

Leftovers: Software and OSS

  • 10 Portable Apps Every Linux User Should Use
    Portable apps are great invention that not many people talk about. The ability to take any program to any PC, and continue using it is very handy. This is especially true for those that need to get work done, and don’t have anything with you but a flash drive. In this article, we’ll go over some of the best portable Linux apps to take with you. From secure internet browsing, to eBooks, graphic editing and even voice chat! Note: a lot of the portable apps in this article are traditional apps made portable thanks to AppImage technology. AppImage makes it possible to run an app instantly, from anywhere without the need to install. Learn more here.
  • Linux Watch Command, To Monitor a Command Activity
    Recently i came to know about watch command, from one of my friend when i have a different requirement. I got good benefit from watch command and i want to share with you people to get more benefit on it, when you have a problem on Linux system.
  • Gammu 1.38.2
    Yesterday Gammu 1.38.2 has been released. This is bugfix release fixing for example USSD or MMS decoding in some situations. The Windows binaries are available as well. These are built using AppVeyor and will help bring Windows users back to latest versions.
  • How a lifecycle management tool uses metrics
    Greg Sutcliffe is a long-time member and now community lead of the Foreman community. Foreman is a lifecycle management tool for physical and virtual servers. He's been studying how the real-world application of community metrics gives insight into its effectiveness and discovering the gap that exists between the ideal and the practical. He shares what insights he's found behind the numbers and how he is using them to help the community grow. In this interview, Sutcliffe spoke with me about the metrics they are using, how they relate to the community's goals, and which ones work best for them. He also talks about his favorite tooling and advice for other community managers looking to up their metrics game.
  • Build a private blockchain ecosystem in minutes with this open source project Join our daily free Newsletter
  • Becoming an Agile Leader, Part 5: Learning to Learn
    As an Agile leader, you learn in at least two ways: observing and measuring what happens in the organization (I have any number of posts about qualitative and quantitative measurement); and just as importantly, you learn by thinking, discussing with others, and working with others. The people in the organization learn in these ways, too.
  • Is Scratch today like the Logo of the '80s for teaching kids to code?
    Leave it to technology to take an everyday word (especially in the English language) and give it a whole new meaning. Words such as the web, viral, text, cloud, apple, java, spam, server, and tablets come to mind as great examples of how the general public's understanding of the meaning of a word can change in a relatively short amount of time. Hence, this article is about a turtle and a cat who have changed the lives of many people over the years, including mine.

Linux and FOSS Events

  • Keynote: State of the Union - Jim Zemlin, Executive Director, The Linux Foundation
    As the open source community continues to grow, Jim Zemlin, Executive Director of The Linux Foundation, says the Foundation’s goal remains the same: to create a sustainable ecosystem for open source technology through good governance and innovation.
  • Open Source for Science + Innovation
    We are bringing together open source and open science specialists to talk about the “how and why” of open source and open science. Members of these communities will give brief talks which are followed by open and lively discussions open to the audience. Talks will highlight the role of openness in stimulating innovation but may also touch upon how openness appears to some to conflict with intellectual property interests.
  • Announcing the Equal Rating Innovation Challenge Winners
    Six months ago, we created the Equal Rating Innovation Challenge to add an additional dimension to the important work Mozilla has been leading around the concept of “Equal Rating.” In addition to policy and research, we wanted to push the boundaries and find news ways to provide affordable access to the Internet while preserving net neutrality. An open call for new ideas was the ideal vehicle.