Mozilla Firefox Community Site Hacked Again
For a software developing organization claiming to develop safe and secure software, a repetition of this kind is not going to help their reputation. Mozilla Foundation has revealed that for the second time since the launch of the Mozilla Firefox web browser, the security of their community website has been compromised. The organization runs SpreadFirefox.com website, which is used to promote the open source application Mozilla Firefox.
The Open Source developers said that the remote attackers potentially accessed SpreadFirefox.com by exploiting a security flaw in the TWiki software installed on the server. However, the problem was limited to their SpreadFirefox.com and did not affect mozilla.org or any Mozilla software. They disabled the wiki application as soon as the problem was discovered.
A mail to the members of the website said: “We have scanned Spread Firefox servers and at this time do not believe any sensitive data was taken, but as a precautionary measure we have shutdown the site and will be rebuilding the web site from scratch.” The website stores critical personal information of the web user, which is said to be safe from the hackers during the security intrusion.
They are planning to keep the website offline until October 19 during which the members would be allowed to change their personal settings on the website. They would be completely overhauling the system to make it as secure as possible to prevent similar issues. However, this is not going to impress the potential users of Mozilla Firefox who might find their claim of a secure browser quite an irony considering Secunia even at this moment reports 3 out of 24 Secunia advisories marked unpatched.
Sushubh Mittal, Search Engine Journal Tech Columnist and Resident Opera User – Sushubh, the Editor of TechWhack, is a self described tech freak who loves to test out software and criticize the flaws in them. He is a die-hard Michael Schumacher fan and has been featured on the CBS MarketWatch website and Google’s GMail Press Page.