Firefox

(get it in RSS or Atom)

SSCC 139 - PWN2OWN, browser updates, Target alerts, PCI DSS and phishing [PODCAST]

sscc-139-thumb-250

Is a browser less secure if more people like to hack it? Is it OK to ignore alerts simply because you get too many? Do you back yourself to spot every single phish? And just how smart is the Google Play Store?

Chester and Duck dissect these issues with their usual style in this week's Chet Chat podcast...

Firefox 28.0 takes on the PWN2OWN attacks already

ff-held-250

Firefox 28.0 was released on 18 March 2014, just five days after four exploitable bugs in the browser were disclosed at the PWN2OWN competition.

Paul Ducklin looks at what was fixed...

Browsers pwned, Korean megabreach, hackers phoiled, and Chet Chat turns 4! [VIDEO]

2014-03-15-pwned-250

Which browser plugin withstood PWN2OWN? How big was the latest South Korean megabreach? What happens when hackers attack phishers?

Find out in 60 Second Security...

PWN2OWN Day Two - Chrome and Safari join the losers

p2o-d2-250

Here are the PWN2OWN results from Day Two, and an overview of the final payouts.

Chrome and Safari didn't get picked for Day One, but both of them were pwned on Day Two - twice for Chrome and once for Safari....

PWN2OWN Day One - Reader, IE, Flash and Firefox felled, Java left standing

p2o-250

PWN2OWN Day One results are in!

The target that sounded easiest - Oracle Java, with prize money less than a third of the supposedly much tougher IE 11 - was the only one left standing at the end of the first half...

Firefox 27 is out - Tuesday's second non-Patch-Tuesday update

ff27-250

Even though yesterday wasn't a Patch Tuesday, we ended up with two major browser-related updates: an unscheduled Adobe Flash patch, and an expected one: the update from Firefox 26 to Firefox 27.

Paul Ducklin takes a quick look...

PWN2OWN 2014 - Find the "exploit unicorn" and win $150,000

unicorn-250

It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.

But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...

Firefox 25.0.1 - the security update that wasn't?

fff-250

Firefox just pushed out a minor browser update, bumping its version number from 25.0 to 25.0.1.

Paul Ducklin saw Mozilla's advice that this was "a security and stability update", and went looking for the security fixes...

SSCC 122 - Facebook hoax, Microsoft 0-day, Android hole and Firefox going forward [PODCAST]

sscc-122-175-250

What a coincidence! A Facebook hoax claming that images can infect your computer...and then a Microsoft zero-day that uses images to infect your computer.

Chet and Duck talk you through the latest news...

Lightbeam shines a light on which websites you're really visiting

Lightbeam

Do you really know where your browser goes when you type a URI into its address bar? Do you realise that that your browser not only accesses the site you intended but may also have visited 3rd party websites running connected services? Mozilla's Lightbeam shows you what's going on.

Firefox moves up to Version 25, fixes a bunch of memory mismanagement problems

A brief reminder for Firefox users: version 25 is out.

As usual, there are some new and tweaked features, plus a fair number of security fixes.

Paul Ducklin takes a quick look...

Copying fingerprints, Firefox trusted, Facebook not, Yahoo recycles - 60 Sec Security [VIDEO]

2013-09-28-60ss-thumb-250

How do you copy fingerprints? Which is the most trustworthy browser? Who will use Facebook for payments? How long does an email address live?

Satisfy your curiosity with this week's 60 Second Security!

Firefox burns Chrome in our trustworthy browser poll

Chrome burns

About a month ago I asked Naked Security readers: Which web browser do you trust? Your answer was emphatic: it's Firefox, and it accrued almost twice the number of votes of its nearest rival, Google Chrome.

Facebook transparency, Apple bugs, SEA DDoSes itself - 60 Sec Security [VIDEO]

2013-08-31-ddosing-yourself-250

Which country came top of Facebook's new "Government Requests" report aimed at outing the countries that fish for Facebook user data the most? (I bet you're thinking it's the USA - but it isn't.)

Watch this week's 60 Second Security and find out!

Which web browser do you trust? [Poll]

which-browser-do-you-trust

We no longer choose our web browsers based on bells and whistles. These days its all about privacy and security and we'd like to know which browser (and which vendor) you trust to be your companion on the web.

Monday review - the hot 24 stories of the week

dow-250

It's Monday again, so here's a quick way to get yourself up to date with everything we've written in the last seven days.

Firefox 23.0 is out - fixes, features and just a tiny bit of frustration

ff-logo-250

Note to Firefox fans: 23.0 is out.

Paul Ducklin, a Firefox fan himself, looks at the many new fixes, one handy new security feature and a nagging frustration in the update...

Firefox 22.0 closes a modest bunch of not-yet-exploited holes

moz-250

As usual, there's a handy mixture of important-sounding security fixes and some interesting new features.

No yet-known vices, so why not ensure you've got the update right away?

Monday review - the hot 24 stories of the week

Monday review

In case you missed any recent stories, here's everything we wrote in the last seven days.

Mozilla pushes out new Firefox and Thunderbird: 8 security advisories, 3 critical fixes

Not to be outdone by Microsoft and Adobe's Patch Tuesday releases, Mozilla pushed out its latest browser and email client updates today.

There are no bated-breath patches for in-the-wild exploits, but 3 of the 8 security fixes are deemed "critical".