Firefox code under the microscope



So, the stories are out of the analysis of the code for Mozilla Firefox. It seems there were a large number of potential flaws found (71 potential security vulnerabilities) according to the article. This was done using an automated tool and many say, that in order to evaluate the true severity of the flaws, you have to be familiar with the code. Some, I’m sure will pounce on this with the “I thought open source software was supposed to be more secure…. I’m going back…” but it’s time to stop and think about things a moment. Open Source software…. anyone can access the source, anyone can analyze it for problems, anyone can run an automated tool to test it…..


Everything about the open source development process is out in the open. Microsoft is opening up a bit (I filed my first bug report for a Microsoft product in the last couple weeks.) But, they don’t allow the code for anyone to analyze. It’s a different approach to security (if we keep it secret no one will find it, vs…. open source which is – let’s tell everything so we can get the most bullet-proof code possible.)

So which approach is better? It’s hard to say definitively unless you’ve USED both approaches, but the thing I really like about the open development model IS THE FACT that EVERYONE has the opportunity to see what goes in the mix, which makes these third party analysis of code possible. Let’s speculate for the moment. IF mozilla-firefox were closed source. 1) We wouldn’t know about this analysis because it could never have happened, and many of the security issues that have been reported and fixed, might not have turned up yet because the code wasn’t there to look at.

The results of the analysis mentioned have been turned over to the developers and they will be reviewing and deciding which of the issues really pose a threat and how to prioritize fixing them.

It’s not a pretty process, and making it open could make for bad PR, that’s one reason some companies would never DREAM of making their code open.

Bottom line, it’s a GOOD thing that it’s been analyzed like this and that flaws have been found and reported to the developers, it can only make for a BETTER browser.

Related Posts

Blog Traffic Exchange Related Posts
  • Linux network worm... There is a linux network worm (virus) in the wild, which I've mentioned already in an earlier post. I did want to take a few moments to highlight this and dispell a few myths. (This is the first linux virus I recall seeing over at SARC in the last couple......
  • Mozilla Firefox 1.0x series end of life.... The Mozilla Firefox 1.0.x series will no longer be supported with security updates. IF you use Firefox as your web browser, make sure you're using the current version in the 1.5 series (currently 1.5.0.3). You can find what your current version is by going to Help, "About Mozilla Firefox". The......
  • List of Open Source software Packages The following is long, but likely not complete. This is a list of open-source software packages: Computer software licensed under an open-source license. Software that fits the Free software definition may be more appropriately called free software; the GNU project in particular objects to their works being referred to as......
Blog Traffic Exchange Related Websites
  • Scrapbooks vs. Photo Books Photography has taken the world by storm. It is no longer just saved for special family occasions or for professionals. Photography has become a creative outlet for some and for many families a method of encapsulating their memories. Technology has improved vastly in terms of point and shoot cameras and......
  • Six Things I Think (and Personal Finance Links) BensBargains Delivers me a great GPS deal - My mother wants a GPS for Christmas, so I went to look for a good deal on one. My first place is usually BensBargains, because you can click on just about any category and find a decent deal that hasn't expired.......
  • Windows 7 beta to be available uptil Feb. 10 Microsoft announced Friday night that computer enthusiasts will have a while longer to get their hands on the beta version of Windows 7. Microsoft said that the test version of the operating system will be available for download through Feb. 10. Previously, Microsoft had said that the OS would only......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site