The revamped Firefox includes a new interface
theme and security enhancements such as built-in phishing
protection. It also has session
memory, which, when the browser is re-opened, brings back
the set of Web pages that were in use when it was last
closed. Changes have also
been made in the technology to import RSS feeds, producing a
feed list view with title and first lines. (Click here for
the CNET Review.)
The Firefox 2 launch comes just days after Microsoft
released Internet Explorer 7, the first update to its
browser in almost five years.
(Click here for a look at how the Microsoft and Mozilla
upgrades stack up on tabs, security, cool features and
more.)
A day after shipping Firefox 2, Mozilla largely rebutted two
claims of security flaws in the latest version of the Web
browser. One of the
problems is related to a vulnerability that was patched in
an earlier version of Firefox. A report on the Bugtraq
mailing list suggested that the
issue, labeled "critical" by Mozilla, resurfaced in Firefox
2.
The report is incorrect, a Mozilla spokesman said. "The
vulnerabilities that were identified were actually fixed."
However, there is a related problem that can cause Firefox
to crash. "The exploitable issues are fixed. There is a
crash, but it is a denial of
service," the spokesman said.
Meanwhile, security experts have found a weakness in IE 7
that could help crooks mask phishing scams--the type of
attack Microsoft designed
the browser to thwart. The browser allows a Web site to
display a pop-up that can contain a spoofed Web address,
security monitoring company
Secunia said. An attacker could exploit this weakness to
trick people into believing they are on a trusted Web site
when in fact they are viewing
a malicious page.
The problem lies in the way Web addresses are displayed in
the IE 7 address bar, a Microsoft representative said in an
e-mailed statement. An
attacker could exploit the issue by tricking a user to click
on a specially formatted link, the representative said.
Back in hack
Jon Johansen, the 20-something hacker widely known for
helping crack the piracy protections on DVDs several years
ago, is taking on Apple
Computer again. He has reverse-engineered Apple's FairPlay,
the digital rights management technology used to make iPod
and iTunes a closed
system.
The technology will make other online music stores work with
Apple's iPod device and let iTunes songs play on gadgets
other than the iPod, said
Monique Farantzos, who with Johansen co-founded DoubleTwist
Venture Partners to license his work.
So how does it work?
"Essentially, what we do is trick iTunes into thinking that
the device is an iPod," she said. "We're not removing any
copy protection, we're simply
adding copy protection."
Farantzos, a biophysicist by training but now into
technology business development, talked about the company's
plans and challenges with CNET
News.com.
While many CNET News.com readers debated the legality of the
technology, one reader questioned whether it was
commercially viable.
"What company would risk setting up a business model based
on Jon's software when it is very likely that Apple could
get a restraining order to
halt its use, then spend as much time and money as necessary
to win the case?" wrote one reader to News.com's TalkBack
forum.
|