New FF 3.0 security methods in the pipeline..

Hi malware fighters,

Security analysts are proposing new security methods to be implemented inside the new FF 3.0.
Read here about the proposals:
http://www.theregister.co.uk/2008/05/20/new_firefox_security_protections/
For me a better and safer FF 3.0 is FF 3.0 + NoScript and ABP

polonus

Isnt it a little late in the FF 3.0 development cycle (RC1) to be doing any changes other than bugfixes?

Hi .: Mac :. ,

Firefox 3 Beta 1 adds anti-malware features to the browser,
see: http://www.mozilla.com/en-US/firefox/3.0b1/releasenotes/
using a similar mechanism as the anti-phishing feature in Firefox 2,
harnessing a Google-generated blacklist of sites that are hosting malicious code.
A Tour of the Google blacklist to be found here:
http://portal.spidynamics.com/blogs/msutton/archive/2007/01/04/A-Tour-of-the-Google-Blacklist.aspx
The beta version of the browser also checks plugins to make sure
they are compatible with the software and uses a secure download mechanism for updates.

"There is a lot of code that has changed, but I don’t think there is a lot more code,
" Mike Schroepfer, vice president of engineering for the group, told SecurityFocus.
“We have actually excised old code, and there are couple of areas were we dug out the component
and rewrote the whole thing.”

Web sites have become an increasingly important vector for malicious and fraudulent software.
Earlier this month, attackers defaced hundreds of Web sites – and thousands of pages –
see: http://www.securityfocus.com/brief/623
embedding hidden iframe code to redirect visitors to malicious download sites.
Yet, while such techniques can affect Firefox as well as Internet Explorer,
attackers have generally left the open-source browser alone,
despite it having a greater number of flaws, see:
http://www.securityfocus.com/brief/578

Security features have become a point of competition between Mozilla and Microsoft.
A year ago, when both organizations launched their latest browsers,
they both claimed to have a better – albeit, very similar – anti-phishing solution.
See: http://www.securityfocus.com/brief/356

Mozilla has included several user interface improvements
to help users understand the risks of a particular Internet site.
Clicking on the favicon, the small icon for the site at the left of the URL
(uniform resource locator), will drop down a box containing identity information about the site.
The group also rewrote the Password Manager in JavaScript from C++ to eliminate memory errors,
Schroepfer said.

The Mozilla Foundation has not given a release date for the final version of the Firefox 3 browser.
We are now at FF 3.0 RC1 and the final will be out soon this month,

polonus