Now the politics. According to the report referenced above, the folks who found this exploit claim to know about thirty others and do not plan on helping the Firefox folk fix them. To say this annoys some people would be an understatement; here's just one quote from the comments:
I'm not "free" to yell "Fire!" in a theatre. I'm not "free" to ignore traffic signals if they inconvenience me. I'm not "free" to jepordized the national security of my country.
These people shouldn't be "free" to expound on their intellectual prowess <cough> and then say "We know what's going on, but we're not telling". They are immature, little brats and should be made accountable to the system they are part of whether they realize or accept that fact or not.
I can understand the frustration and anger, but consider this: there's absolutely nothing anyone can do about it. Laws requiring disclosure of such hacks would simply be ignored, or trivialized with false information:
"Just type https://about:foobah to see the exploit.. what, you say that doesn't show it? Oops, my mistake - I was sure that it did."
Hacks and exploits are simply a fact of life. It's not at all a bad idea
to do your browsing in a VM like
(link dead, sorry)
VMware's Browser Appliance if you are
a habitual visitor of suspicious sites.
Got something to add? Send me email.
More Articles by Anthony Lawrence © 2012-07-13 Anthony Lawrence