Facebook gets round tracking privacy measure by encrypting links
A form of individual tracking specific to your web browser is at the heart of a currently contested privacy battle, and one which Facebook has just got the upper hand to. This type of tracking involves adding additional parameters to the URLs that you click on a daily basis. When you click one of these…
Mozilla Patches High-Risk Firefox, Thunderbird Security Flaws
Of the newly patched security flaws, nine are rated high-severity while six carry a “medium-severity” rating. The most important of these issues is CVE-2022-22746, a race condition leading to the bypass of full-screen notification on Windows machines. Next in line is CVE-2022-22743, another fullscreen spoof, this time affecting the browser window. The bug could allow…
Firefox 90 Drops Support for FTP Protocol
Built on a client-server model architecture and in use for roughly five decades, FTP allows for the easy transfer of files and folders between computers. However, because data is transmitted unencrypted, the protocol has long been considered insecure. Secure variants do exist, including one that leverages SSL/TLS (FTPS), or the SSH File Transfer Protocol (SFTP)….
Vulnerabilities Exploited at Chinese Hacking Contest Patched in Firefox, Chrome
The Firefox vulnerability, tracked as CVE-2020-26950, has been described as an issue related to write side effects in MCallGetProperty opcode not being accounted for. “In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition,” Mozilla said in an advisory published on Monday. The flaw was fixed with…
Serious Vulnerabilities Patched in Chrome, Firefox
Google included a total of 32 security fixes in Chrome 81, which was finally promoted to the stable channel, after the current COVID-19 pandemic forced the Internet giant to delay stable releases and roll back some of the recently introduced protections in Chrome. Twenty-three of the patches fix vulnerabilities reported by external security researchers, including…
Number of HTTPS phishing sites triples
When, in January 2017, Mozilla and Google made Firefox and Chrome flag HTTP login pages as insecure, the intent was to make phishing pages easier to recognize, as well as push more website owners towards deploying HTTPS. But while the latter aim was achieved, and the number of phishing sites making use of HTTPS has…
Firefox Users Fingerprinted via Cached Intermediate CA Certificates
An attacker can discover various details about Firefox users due to the manner in which the browser caches intermediate CA certificates, a researcher has discovered. When the server doesn’t deliver the complete certificate chain, Firefox loads the website if the intermediate CA certificate is cached, security researcher Alexander Klink discovered. By determining which websites use…
Tor Browser Patches Start Being Uplifted into Firefox
The Tor (The Onion Router) team and Mozilla are working together to implement Tor browser patches directly into Firefox and tighten their collaboration. The Tor browser is built almost entirely on Firefox, with 95% of its code coming from Mozilla’s browser. However, it still needs a series of changes, which the team refers to as…