[LINK] Firefox security issue
Rick Welykochy
rick at praxis.com.au
Wed Oct 31 15:35:53 AEDT 2007
David Lochrin wrote:
> Can any Linker shed light on what's going on? Surely such behaviour is unacceptable? The secure-HTTP outbound connection will be allowed by most firewalls, and any user or organisation may find their systems modified unexpectedly. And of course this software will have read access to everything in the user's account.
My guess is the that (a) automatic update function (which you have turned off)
and (b) the query to see if there is an update are independent of each other.
Whether this is acceptable behaviour on the part of (b) is determined by what
else the (b) process is doing. I suspect nothing much but checking. You can
always download the source code and have a look.
In general, many many programs connect to many and sundry hosts and ports
on the Internet. I would posit that this occurs more with Mac OS X and Winders
and less with Linux. I'm afraid one just has to get used to it. Or firewall
like mad :)
I am using Little Snitch (TM) on my Mac OS X and it works a treat. It complains
about *any* connection that I do not expect. I have not disabled port 443 for
Firefox for obvious reasons. And even if I did, I would probably simply observe
the behaviour you describe. As to what it is actually doing, Read The Source.
cheer
rickw
--
_________________________________
Rick Welykochy || Praxis Services
When will governments realise that we do not want to live in economies,
we want to live in societies.
-- Les Twentyman
More information about the Link
mailing list