Attack & Defense

WebAssembly and Back Again: Fine-Grained Sandboxing in Firefox 95

December 6, 2021

In Firefox 95, we’re shipping a novel sandboxing technology called RLBox — developed in collaboration with researchers at the University of California San Diego and the University of Texas — … Read more

Finding and Fixing DOM-based XSS with Static Analysis

Frederik Braun

November 3, 2021

Despite all the efforts of fixing Cross-Site Scripting (XSS) on the web, it continuously ranks as one of the most dangerous security issues in software. In particular, DOM-based XSS is … Read more

Implementing form filling and accessibility in the Firefox PDF viewer

Brendan Dahl, Calixte Denizet and Marco Castelluccio

October 14, 2021

Intro Last year, during lockdown, many discovered the importance of PDF forms when having to deal remotely with administrations and large organizations like banks. Firefox supported displaying PDF forms, but … Read more

Fixing a Security Bug by Changing a Function Signature

Molly Howell

September 29, 2021

Or: The C Language Itself is a Security Risk, Exhibit #958,738 This post is aimed at people who are developers but who do not know C or low-level details … Read more

Eliminating Data Races in Firefox – A Technical Report

Christian Holler, Aria Beingessner and Kris Wright

June 9, 2021

We successfully deployed ThreadSanitizer in the Firefox project to eliminate data races in our remaining C/C++ components. In the process, we found several impactful bugs and can safely say … Read more

Browser fuzzing at Mozilla

Tyson Smith, Jesse Schwartzentruber and Sylvestre Ledru

May 20, 2021

Introduction Mozilla has been fuzzing Firefox and its underlying components for a while. It has proven to be one of the most efficient ways to identify quality and security … Read more

Examining JavaScript Inter-Process Communication in Firefox

Frederik Braun

April 27, 2021

Firefox uses Inter-Process Communication (IPC) to implement privilege separation, which makes it an important cornerstone in our security architecture. A previous blog post focused on fuzzing the C++ side … Read more

Insights into HTTPS-Only Mode

Christoph Kerschbaumer, Julian Gaibler, Arthur Edelstein and Thyla van der Merwe

March 10, 2021

In a recent academic publication titled HTTPS-Only: Upgrading all connections to https in Web Browsers (to appear at MadWeb – Measurements, Attacks, and Defenses for the Web) we present … Read more

Guest Blog Post: Good First Steps to Find Security Bugs in Fenix (Part 2)

Muneaki Nishimura

February 9, 2021

This blog post is one of several guest blog posts, where we invite participants of our bug bounty program to write about bugs they’ve reported to us. Continuing with … Read more

Effectively Fuzzing the IPC Layer in Firefox

Christoph Kerschbaumer and Christian Holler

January 27, 2021

The Inter-Process Communication (IPC) Layer within Firefox provides a cornerstone in Firefox’ multi-process Security Architecture. Thus, eliminating security vulnerabilities within the IPC Layer remains critical. Within this blogpost we … Read more

Guest Blog Post: Leaking silhouettes of cross-origin images

Aleksejs Popovs

January 11, 2021

This blog post is one of several guest blog posts, where we invite participants of our bug bounty program to write about bugs they’ve reported to us. This is a … Read more

Guest Blog Post: Good First Steps to Find Security Bugs in Fenix (Part 1)

Muneaki Nishimura

December 8, 2020

This blog post is one of several guest blog posts, where we invite participants of our bug bounty program to write about bugs they’ve reported to us. Fenix is a … Read more