Over the last decade, web browsers have become more powerful and more sophisticated. While this may work to people’s advantage in terms of features, it can also work against them regarding security and privacy. Threat actors are constantly on the lookout for flaws to exploit to obtain access to users’ computers and phones, while browser developers play a never-ending game of cat and mouse to close such gaps. Mozilla believes it has found a more long-term solution to this problem and is delivering Firefox 95 with a new type of sandbox that could shield users from bugs that occur on the first day of a release.
Sandboxing is a method of isolating a program from the rest of the operating system to prevent it from accessing portions of the system it shouldn’t. This technique is used by almost all modern web browsers, which isolates each software process, usually each site or feature, in its sandbox. Hackers are constantly attempting to exploit weaknesses in sandboxing systems to breach the boundaries and potentially cause havoc on a user’s PC.
RLBox is Firefox 95‘s new security solution, developed in collaboration with the University of California San Diego and the University of Texas. RLBox efficiently isolates code by adopting a two-step compilation method, rather than just separating processes. In practice, this implies that flawed code is stopped immediately at the start of the program and can’t quickly go around it, which usually leads to accessing restricted sections of computer memory, which leads to security attacks.
However, RLBox isn’t a panacea, and some browser sections are automatically omitted from it. Only five modules, including Firefox‘s multimedia, font, and spelling systems, are using this sandbox. These components frequently share a memory with the rest of the browser or are so time-sensitive that even a minor delay can be devastating.
Other new Firefox 95 include the browser’s official availability on the Microsoft Store. Users of macOS will likely be pleased to see that this version claims to consume less CPU and less electricity when streaming videos. RLBox sandboxing is available for all supported systems for both desktop and mobile versions of Firefox.
Source: mozilla | hacks.mozilla