Techdo Freeware

Friends

Franciacorta

Is Firefox 3 less secure than Firefox 2 ?

Published in Firefox - Posted By: admin

May

Mozilla designer Alex Faaborg published some introductory posts on his blog about where Mozilla is headed with microformats.

Quick background:
A microformat allows expression of semantics in an HTML (or XHTML) web page. Programs can extract meaning from a web page that is marked up with one or more microformats.

It is now possible for software, for example browser plug-ins, to extract the information, and transfer it to other applications, such as an address book

Alex Faaborg explains that microformats will make the Web Browser into an "Information Broker" and suggests that this could happen in Firefox 3. He writes:

"Much in the same way that operating systems currently associate particular file types with specific applications, future Web browsers are likely going to associate semantically marked up data you encounter on the Web with specific applications, either on your system or online. This means the contact information you see on a Web site will be associated with your favorite contacts application, events will be associated with your favorite calendar application, locations will be associated with your favorite mapping application, phone numbers will be associated with your favorite VOIP application, etc."

So if i use an online calendar - Firefox 3 would transfer any (if microformatted) events data i come across while browsing, into my online calendar account. Or you could for example download a business card from a company web site and import it into your address book in one click.

So where is the issue ? The problem could be about privacy and security.

This kind of "here's my hCard !" assertion seems nice in theory (and would probably be great for people trying to broadcast their personal information) but it could be an excellent way for anyone to steal your personal data and collect your information;
Microformats should be able to have actions that interact freely with the computer: this is unsafe because it's a chance for hackers to exploit new bugs.

In spite of these facts microformats will be widely used. Don't forget that users tend to resist change, and if they can still use their applications while using the browser to increase their productivity, they will be happier.

Add 'Is Firefox 3 less secure than Firefox 2 ?' to Del.icio.us

Add 'Is Firefox 3 less secure than Firefox 2 ?' to reddit

Add 'Is Firefox 3 less secure than Firefox 2 ?' to Technorati

Add 'Is Firefox 3 less secure than Firefox 2 ?' to Newsvine

Speed up Firefox start up time with Firefox Preloader (January 1st, 2009)
Firefox 3 Robot Themed Easter Egg (June 20th, 2008)
Things that Firefox Can Do for You (December 6th, 2007)
Firefox 3 Will Be Full of Bugs (November 16th, 2007)
Passwords Saved In Firefox Are Viewable To Anyone With Access To Your Computer (October 21st, 2007)

5 Responsed To This Post

Jay Neely Says, in 5-21-2007 at 18:04:51 from 24.147.221.165

The main argument here seems to be that by automatically causing a desktop application to take action when they encounter microformat data, Firefox 3 poses a security risk by allowing this. But that isn't what the quoted material from Alex Faaborg says. It states:
"future Web browsers are likely going to associate semantically marked up data you encounter on the Web with specific applications".

Association does *not* imply automatic action. What it means is that if I come across a phone number with microformat tags around it, I can put my mouse over it, right click(PC user) and use the context menu to select an option like "Add this number to my Skype phonebook".

Your other statement is that microformats are a privacy risk by "broadcasting" personal information. In actuality, not much more so than the vast amount of our personal data already online today, even without special formatting. And clearly, use of microformats is a choice.

Finally, both microformats and Firefox 3 are still under development. This kind of un-researched speculative worrying should be posted on a development forum, where it could be shot down or corrected, depending on how nice the other users are.

anon Says, in 5-21-2007 at 20:00:29 from 76.19.196.140

That's not the point. Consider the incentive this would offer extension authors to bundle malware with their extensions. Yes, as soon as each such instance was found it would be exposed, but that's not a good reason to encourage that situation.

Vincent Says, in 5-22-2007 at 09:59:31 from 80.126.159.235

I'm quite sure that Firefox will not e.g. automatically synchronize your calendar dates with some online calendar. It will probably just notify you that entries are available and can be synced as you wish, but the responsibility still lies with the user, as it already does. Also, I don't see how stealing you personal data would be a risk, as you can decide for yourself what you put in your hCard, just as you decide for yourself to e.g. give your last name on forums.

Sam Sethi Says, in 5-22-2007 at 12:52:26 from 86.133.53.48

I can imagine this process working in much the same way as plugins do today with a two-phase trust model. With plugins today you have to first agree to trust the plugin site and only then will any plugin load and even then you still have the option to cancel the plugin.

Well with microformats the model may be reversed. If I post an hcard I might request the person requesting my hCard provide me with some details. Only then will I present my details and only then will we form a link which is how bi-directional SSE could work.

I agree if nothing is done then a simple spider app as proved by http://kitchen.technorati.com could come along and take our details without our premission.

Craig Francis Says, in 5-23-2007 at 04:29:26 from 82.32.88.140

I have a feeling that quite a few people are mis-understanding how micro-formats are intended to work.

From a privacy perspective, the data is already published, the micro-formats are simply helping a computer identify the individual parts.

You don't need authentication (Sam)… its like when you right click on an image and using the 'save as' action… but instead of saving the image, you will be adding the contact details to your address book application.

Have a look at this page…

http://www.craigfrancis.co.uk/contact

It's using micro-formats for my address and telephone number… now wouldn't it be great to right-click and add those details to your address book (if you wanted them), instead of having to copy/page each of the parts?

Sorry the comment area are closed or not available for non registered member

	Firefox
	Tips & Tutorials
	Windows
	Internet
	Google
	Hardware
	Science
	Software
	Opinions
	Miscellaneous
	Education
	Security
	Tech humor

Categories

Popular Posts

Pages

Techdo Freeware

Archives

Meta

Friends

Is Firefox 3 less secure than Firefox 2 ?

Related articles

5 Responsed To This Post

Sorry the comment area are closed or not available for non registered member

Recent Entries

Recent Comments