Firefox 95 Will Include RLBox Sandboxing for Added Security (neowin.net) 35
Mozilla has announced through its Mozilla Hacks blog that it plans to ship a 'novel sandboxing technology' called RLBox with Firefox 95 which it has been developing alongside researchers from the University of California San Diego and the University of Texas. From a report: It said RLBox makes it easier to isolate subcomponents of the browser efficiently and gives Mozilla more options than traditional sandboxing granted it. Mozilla said this new method of sandboxing, which uses WebAssembly to isolate potentially-buggy code, builds on a prototype that was shipped in Firefox 74 and Firefox 75 to Linux and Mac users respectively. With Firefox 95, RLBox will be deployed on all supported Firefox platforms including desktop and mobile to isolate three different modules: Graphite, Hunspell, and Ogg. With Firefox 96, two more modules, Expat and Woff2, will also be isolated.
Firefox95 (Score:2)
It's themed to look like a version of Windows.
I kid. Anyway this sounds like a good idea given the threat level on the modern web. I'm sure the usual crowd of people irrationally against Firefox will tell us why they switched to a browser that does all the things they hate even more though.
Re: (Score:2)
While I agree that warning for self signed SSL certificates are over the top especially for LANs, I don't see how its any more dangerous than HTTP, but that is every browser. I think it should work like HTTP, just make the icon say insecure. I do see the point that if you are going to your bank and the certificate is self signed then its bad, but the moment you start entering IP addresses into the URL bar it should assume you know what you are doing and downgrade the warning.
But it is hardly a significant i
Re: (Score:2)
I just wish they would fix the Android version. I want to switch but the Android version is holding me back.
Re: (Score:2)
I use it almost exclusively. It's a bit odd at times, but browsing the web without adblock and noscript is just awful.
Re: (Score:2)
The American right despises California is because it proves that most of their beliefs and assumptions are wrong.
Like how a having human feces all over city sidewalks is a bad thing! Crazy Republicans!
Re: (Score:2)
Great news! (Score:1, Funny)
I'm sure all two remaining users will be very happy.
Re: (Score:2)
Re: (Score:2)
me too, you found all of us.
Re: (Score:1)
Re: (Score:2)
I am moving to Brave.
Some bug in Firefox infuriates me, sometimes I can't see pictures and photos on the BBC Website.
Sure, found out, you need to press 'CTRL+F5' a few times, to somehow fix that. But doing that regularly pisses me off.
Been a long time, but eventually had enough. Need to get comfy with Brave as my next default browser. Maybe when Slackware 15 comes out. So I can re-arrange things properly.
shittier and shittier (Score:2)
Re: (Score:1)
I wish I had the original FF I had on my old laptop.
You don't wish it though. At least not enough to make you do a 3 second google search.
Here you go:
https://ftp.mozilla.org/pub/fi... [mozilla.org]
Have fun getting massively pwn3d.
GREAT! Neat technology. (Score:3)
You guys in the release channel please Gamma test it for us in ESR, so in a year's time, we can adopt it with confidence.
thanks in advance.
Re: (Score:2)
You guys in the release channel please Gamma test it for us in ESR
Personally I'd be happier if it was Omicron tested a bit longer.
Plugins (Score:1)
What exactly is RLBox? (Score:5, Informative)
I clicked through until I got to the actual announcement page [mozilla.org] to get the answer.
What:
a ‘novel sandboxing technology’ called RLBox with Firefox 95 which it has been developing alongside researchers from the University of California San Diego and the University of Texas. It said RLBox makes it easier to isolate subcomponents of the browser efficiently and gives Mozilla more options than traditional sandboxing granted it.
[...]
isolating five different modules: Graphite, Hunspell, Ogg, Expat and Woff2
How:
Rather than hoisting the code into a separate process, we instead compile it into WebAssembly and then compile that WebAssembly into native code. This doesn’t result in us shipping any .wasm files in Firefox, since the WebAssembly step is only an intermediate representation in our build process.
Why:
However, the transformation places two key restrictions on the target code: it can’t jump to unexpected parts of the rest of the program, and it can’t access memory outside of a specified region. Together, these restrictions make it safe to share an address space (including the stack) between trusted and untrusted code, allowing us to run them in the same process largely as we were doing before. This, in turn, makes it easy to apply without major refactoring: the programmer only needs to sanitize any values that come from the sandbox (since they could be maliciously-crafted), a task which RLBox makes easy with a tainting layer.
Re: (Score:2)
How:
Rather than hoisting the code into a separate process, we instead compile it into WebAssembly and then compile that WebAssembly into native code. This doesn’t result in us shipping any .wasm files in Firefox, since the WebAssembly step is only an intermediate representation in our build process.
I (and probably many others) have WebAssembly disabled in FF, so I wonder how this is suppose to work under that condition?
Re: (Score:3)
It's already compiled back into native code and compiled to machine code. No webassembly code is deployed with Firefox.
Re: (Score:2)
It's already compiled back into native code and compiled to machine code. No webassembly code is deployed with Firefox.
Thanks for confirming that. After posting I actually read TFA and got the impression as you described. Nice to know someone else had the same.
Re: (Score:1)
This sounds like how the kiddies used to create "pirated" files.
First you zip up the set of diskettes (or CD's or DVD's)
Then you chop into 1.2 MB chunks so they will fit on diskette
Then you write each chunk to a floppy disk (1.2 MB) image
Then you use some different compressor to turn all the 1.2 MB chunks into a single archive
Then you chop the archive into a bunch of pieces each the size of a diskette
So this RLBox was written in some source language, compiled to wasm, then the wasm is compiled to native co
Re: (Score:2)
So this RLBox was written in some source language, compiled to wasm, then the wasm is compiled to native code. Sounds like a really stupid and asinine procedure, if you ask me.
Without having much WebAssembly knowledge, my guess would be that it has some desired restrictions/limitations (eg: wrt sandboxing) and the intermediate wasm compilation step is to impose them on the (arbitrary) code w/o having to explicitly implement them in that code -- or re-write that code to comply.
Re: (Score:3)
So this RLBox was written in some source language, compiled to wasm, then the wasm is compiled to native code. Sounhds like a really stupid and assinine procedure, if you ask me.
Actually, it gets compiled from wasm to C then to native code but yeah, it's an obfuscated system.
They are just a bunch of idiots who believe in complication and obfuscation and ignore the KISS principle because, well, they are addle mo'fo's
Actually, it's a proven to work method that does what they desire. Correct functionality should always be the primary goal and then you can optimize the process. I'm sure it's piqued the interest of compiler writers, some of whom are going investigate and distill the transformation to it's most basic components. The result is likely we'll end up with a compiler flag that ensures code isolation without an int
Re: (Score:2)
> places two key restrictions on the target code: it can’t jump to unexpected parts of the rest of the program, and it can’t access memory outside of a specified region.
That second part sounds like in-process memory segmentation (granted, a lot more granular).
I'm sure there is an OS-level technique for the first too.
Did we just undo 30 years of OS development by pushing everything back into a browser with a single process execution style?
Re: (Score:2)
Did we just undo 30 years of OS development by pushing everything back into a browser with a single process execution style?
It's highly doubtful. They haven't reported what the performance impact which suggests it's minimal but I'm sure someone will do benchmarks to show the difference.
Firefox Basic (Score:5, Insightful)
I really wish there was a browser that removed support for all the needlessy complicated tech that mostly helps malicious actors fingerprint your browser.
I would love a version of Firefox that:
- Only makes a minimal set of system fonts available
- Locks down canvas use for fingerprinting
- Strips out features like web-bluetooth, web-usb
- Strips out NaCl
- Doesn't allow websites to scan which desktop apps are installed
- Doesn't reveal which browsers I have installed in the User Agent string (why oh why??)
- Disables referer support
Basically, if it's in fingerprinting tests such as the one linked below, think about removing it or standardising it to just a few options so that fingerprinting is harder.
https://www.amiunique.org/ [amiunique.org]
A browser like this would probably be enough for 99% of users. On top of that it would run faster and have a way smaller attack and fingerprinting surface.
Want to protect the web? Protect the user.
Re: (Score:3)
- Only makes a minimal set of system fonts available
- Locks down canvas use for fingerprinting
They're working on this. https://support.mozilla.org/en... [mozilla.org]
- Strips out features like web-bluetooth, web-usb
Firefox doesn't support either of those, and they say they don't plan to. See their position statements at https://mozilla.github.io/stan... [github.io].
- Strips out NaCl
Firefox has never supported NaCl, and they say they don't plan to.
Novel, as in ... (Score:2)
...untested?
Would Rather Have a HTML 5 Layer Toggle (Score:2)