Mozilla's chief of security has opened up on several new features planned for the next version of Firefox, revealing that Firefox 3.0 will have several new security features built in.
The browser will likely have a tool for automatically blocking sites suspected of harbouring malware. It will also offer support for the extended validation Secure Sockets Layer (EV SSL) certificates, said Window Snyder, Mozilla's chief security officer.
The malware blocker, which relies on blacklists generated by Google, has been publicly debated by Mozilla and Google developers, with mock-ups of the on-screen warnings surfacing in early June.
"We wanted to make sure that it's obviously not a security notification that they can ignore," Snyder said, describing how the warnings will work. "The [user interface] makes it clear that this [site] is dangerous. And it does not give the user a click-through," Snyder said. In other words, users will be able to back away from the potentially malicious site but won't be able to simply accept the warning and continue on.
"Nothing's ever done until it ships," Snyder cautioned, hinting that changes are still possible, or if necessary, the tool might still be ditched.
The other feature set for Firefox 3.0 offers support for the new EV certificates now used by a few of the largest online retailers, banks and financial institutions. Those certificates, which in Internet Explorer turn the address bar green, require more extensive background checks of the buyer by the issuing authority to guarantee that they're given only to trustworthy sites. One of the first sites to use EV certificates was that of PayPal.
But rather than colour-code something in Firefox, the open-source browser will display an agent-like character dubbed "Larry" when it reaches a domain equipped with an EV. The indicator, she said, resembles the international symbol for immigration seen at airports: an iconic image of an official holding up a passport.
"We think that makes a more visual statement about identity rather than security," said Snyder. "All we're trying to say is that we have a level of confidence about the identity of the site, not that it's free of threats."
Part of the reason why Mozilla is uncomfortable doing more than noting the enhanced identity of such as site is that the standard SSL padlock now means more than it should, Snyder said. "What it's come to mean is that everything is secure, but it's become an overburdened symbol," she said.
Virtually all the other changes to Firefox 3.0 on the security side are "under the hood" of the browser, she continued. "They'll be less apparent to the users, but they will impact them," Snyder said.
For the large part, this back-end work on Firefox has been in making the code itself more secure. Like the Security Development Lifecycle (SDL) initiative within Microsoft to systematically create more secure code, Mozilla's unnamed effort has involved seeking out vulnerabilities before the software ships.
"I really believe in defence in depth," Snyder said, referring to in-house research on Firefox's code. "All the [security] features in the world won't help you if the code's not secure."
Putting tools like that in the hands of anyone should mean more secure code for everyone, said Snyder. She said that as Mozilla's point person on security, she is convinced that it's a way to get the biggest bang for buck. "If these tools are broadly distributed, they could help smaller environments develop strong code," Snyder said. "They can help make everyone safer."