Mozilla Working Toward Tighter Web Security
Mozilla wants to make the Internet a place where users can feel a lot safer. Browser security has been a bit of an issue, and there have been accusations of NSA backdoors.
Mozilla wants to remind users that they are against this government practice, and figure the best way to do this is to introduce new services (two, to be precise) created to bring about a more secure web experience whether a cheap hosting environment or a cloud hosting environment.
Mozilla : One Service
Mozilla and BlackBerry, a company also very against government surveillance programs of any kind, teamed up to create a service involving what is called bug fuzzing. The Mozilla blog explains it in this way:
“Mozilla and BlackBerry's work on security research techniques are in the area of fault injection. Fault injection (also known as “fuzzing”) is a method of automated security testing that is used to identify potential security concerns that can be fixed before users are at risk. Fault injection is a testing technique where specially designed software is created to inject a variety of unexpected or malformed data into a specific application, program, or area of code. The goal is to uncover areas where the software does not properly handle the malformed data. Through fault injection it is possible to identify potential security weaknesses that can be proactively addressed before there is ever a threat to users.”
In layman's terms: fuzzing involves testing a site to determine if the site will cause harm to a user. If the potential for harm is detected, the service corrects the problem in order to protect the browser. It remains to be seen what sort of fix is performed beyond an onscreen warning or the blocking of the harmful content. Honestly, what can you expect the program to do to actually take away the harm from the site?
Mozilla : BlackBerry Hopeful
No matter what the service does, the goal of bringing added security measures to users is always a good idea. And if it keeps users' computers from becoming infected after visiting a malicious cheap hosting website, even better. BlackBerry is happy to be a partner in the program. According to Adrian Stone, Director of BlackBerry Security Response and Threat Analysis:
“Security is an industry-wide challenge that cannot be solved in a vacuum, and that is why BlackBerry and Mozilla security researchers are working together to develop new and innovative tools for detecting browser threats before they can affect both mobile and desktop customers. Through this collaboration, BlackBerry and Mozilla are working together towards the common goal of advancing security protections for customers as well as improving the threat landscape overall.”
Mozilla : The Other New Service
To bring even more security to users' browsing experience, Mozilla also announced Minion, a security testing platform made just for security professionals and developers. It is different from other automated security testing services in that it provides results that don't need to be decoded by a security expert.
You know all about the long list of results that pop up when you scan for issues, leaving you scratching your head, wondering which items are safe to perform without screwing something up. As Mozilla puts it, “Minion favors accuracy and simplicity and is designed so every developer, regardless of security expertise, can use this platform to increase the security of their applications.”
Do you feel you should be treated to a more secure experience when browsing the Web? Do you rely on Mozilla products?