Firefox 7 security fixes, http vs https and data collection

Firefox 7

FirefoxMozilla has released Firefox 7, the latest incarnation of their popular web browser.

Recently Firefox has been getting through new version numbers faster than a fat man chasing a ice cream van.

The reason for the rapidly increasing version number? Well, it seems to be for no reason other than to please users who may incorrectly link a higher version number with something being “cooler”.

Most of the headlines about Firefox 7 are making much of the claim that it’s said to require less RAM. In fact, a lot less memory. Firefox developers have claimed that version 7 can use up to 50% less memory than previous versions.

When you come to update to Firefox 7, you’ll be asked if you would also give permission for Mozilla to collect anonymous data on your installation’s memory usage and performance. Presumably the developers want to use this information to make their code even tighter in the future.

The good news is that this data is anonymised, sent over https, and only collected if you give permission (in other words, it’s opt-in).

Performance data option

You can turn off the data collection at any time if you change your mind.

A cosmetic, but security-related, change which Mozilla has introduced with Firefox 7 is found in how the browser presents URLs in the address bar.

As you can see in the examples below, Firefox now hides the “http://” in website addresses.

http website via Firefox 7

But things look different if you visit a website configured to use https instead:

https website via Firefox 7

Firefox is actually following in Google’s footsteps with this look. (You see! Firefox doesn’t just copy Chrome when it comes to rampant version numbers!) The Chrome web browser already suppresses the “http://”:

http website via Chrome

And here’s what Google Chrome looks like when you visit an https website:

https website via Chrome

These changes are probably designed to make the web friendlier for those who are put off by geek slashes in URLs. What’s probably a more important driver for updating is that Firefox 7 includes a number of security patches.

Firefox 7 security fixes

The most serious vulnerabilities fixed in Firefox 7 are rated “critical” which means that they could be used by malicious attackers to run dangerous code and install software on your computer, without user interaction.

In short, if you don’t keep your web browser patched cybercriminals might exploit a vulnerability to install malware on your computer.