Friday, May 14, 2021

Firefox Plans New Security Features

Open source browser vendor Mozilla is readying an ambitious new release of its Firefox Web browser. The third beta of Firefox 4, set to debut sometime this month, is expected to include more stability, features and performance improvements over earlier versions.

Among the areas that Mozilla is focusing on with Firefox 4 are a number of new security features that it says will make the browser even more secure than earlier versions. The new Firefox 4 browser development comes as rival Microsoft pushes its Internet Explorer 9 platform forward and Google continues to accelerate its Chrome browser development.

One of the new security features in Firefox 4 is the Content Security Policy (CSP) effort.

“Content security policy is focused on Cross Site Scripting (XSS) mitigation so it prevents injected scripts from actually running,” Brandon Sterne, security program manager at Mozilla, told InternetNews.com. “The site gets to declare a policy that the Firefox browser will then apply to the page and then any content that hasn’t been blessed by the site won’t be loaded or executed.”

Sterne noted that in addition to helping to prevent XSS, the CSP system will also help to mitigate clickjacking (define)attacks as well. In clickjacking, an attacker embeds a login for a site on a third-party site where it doesn’t belong, which then enables the attacker to get access he or she shouldn’t have. CSP is designed to limit the risk of clickjacking attacks by letting site administrators set a policy specifying where their site content may be framed and where it can’t.

Read the rest at eSecurity Planet.

Similar articles

Latest Articles

Database-Tuning Platform Launches and...

PITTSBURGH — A team out of Carnegie Mellon University is launching its automatic database-tuning product today with the help of $2.5 million in funding.   OtterTune,...

Top 10 Professional Services...

Professional services automation (PSA) software aims to offer service-based companies most of the software they will need to run their businesses in one package....

What is Data Aggregation?

Data aggregation is the process where raw data is gathered and presented in a summarized format for statistical analysis. The data may be gathered...

Dell APEX: Our...

One of the missteps IBM made last century was collapsing their sales model, which was services based, to generate a short-term revenue spike. Up...