Mozilla: Firefox Has No Government Backdoors

[exfileme]

Mozilla wants a verification system for software.

Mozilla: Firefox Has No Government Backdoors : Read more

 

[Grandmastersexsay]

Is Mozilla trying to say Firefox is safe from government agencies inserting code into their program because they are open source? I guess they haven't heard of SELinux.

http://en.m.wikipedia.org/wiki/Security-Enhanced_Linux

 

[Estix]

Is Mozilla trying to say Firefox is safe from government agencies inserting code into their program because they are open source? I guess they haven't heard of SELinux.http://en.m.wikipedia.org/wiki/Security-Enhanced_Linux

No, that wasn't what they were saying; they were saying that, because they are open source, the source can be audited, and then verified as safe, by comparing an "expected" compiled binary to the actual distributed one - that is, by making sure that, as the article said:

"To ensure that no one can inject undetected surveillance code into Firefox, security researchers and organizations should regularly audit Mozilla source and verified builds by all effective means, establish automated systems to verify official Mozilla builds from source, and raise an alert if the verified bits differ from official bits,"

 

[dextermat]

Either way, your ISP is surely cooperating with the government and they know what website you go onto and probably collects other info without us knowing...Privacy is just a myth anyways.

 

[qlum]

It is never a 100% secure way as backdoors can very well be hidden in legit additions to the browser and chances are in such cases that a government manages to insert backdoors but I still think its pretty backdoor free if only for the fact that attempting to add a backdoor and failing would be very problematic and the chance of someone finding it out is always there. Still if a clever coder manages to put it in and it gets past screening there may still be backdoors in firefox.

 

[dalethepcman]

Why give them a backdoor? The garage door opener / keys to the front door are much easier.

 

[Wong Dong]

Firefox have to work with isp.. government is really eating us alive every way they can.

 

[Cleber Zarate]

Validating that the compiled binary is the exact same binary produced if you compile that code yourself can be a very tricky task, first because your compiler version and every library used might make a difference in the resulting binary, the second is because there's no good way for them to ensure us the own firefox download servers that we use to download firefox isn't tampered to offer different binaries and md5s to different IP addresses or something. I know this might be unlikely but hey, didn't we all think unlikely that the whole NSA deal could take place?

 

[s32ialx]

Well we've lost the fight and the big ISP's can control what we view on the net.http://www.wired.com/opinion/2014/01/internet-freedom-day-year-net-neutrality/