Monday 19 May 2014

Browser security just got a lot worse

A massive security vulnerability is being introduced to the Firefox web browser by Mozilla, on purpose, and it is to remain there for the forseeable future.

Mozilla is adding closed-source DRM to their otherwise open-source web browser, Firefox. Nobody in the world is happy about this except for a few media CEOs that we should still be able to push around. Now here's the worst part. Because of the DMCA's anti-circumvention clause, it is illegal to tell people about security vulnerabilities in DRM systems. Responsible disclosure of security vulnerabilities is the only thing keeping your software up to date and virus-free. Since one of those closed systems is getting into your web browser and nobody is allowed to tell anybody about security vulnerabilities, it is no longer safe to do anything secure online. These DRM systems will have security vulnerabilities, and they must be kept secret, which means that only the people who discover them will know about them, they will never get fixed, and they will be used to steal your credit card numbers when you are online. Believe it. The internet just got a lot less safe so that Netflix could hallucinate that they are finally safe from piracy.

Mokalus of Borg

PS - Don't worry, it's not just Firefox. All browsers will be getting DRM soon, to protect themselves from you.
PPS - And, of course, making themselves far more vulnerable to malware and identity theft in the process.

No comments: