Mozilla Firefox [Open Source Internet Browser]

Mozilla Firefox

Website :  http://www.firefox.com/

Initial release	November 9, 2004

Stable release	4.0.1

Mozilla Firefox is a free and open source web browser descended from the Mozilla Application Suite and managed by Mozilla Corporation. As of March 2011, Firefox is the second most widely used browser with approximately 30% of worldwide usage share of web browsers. The browser has had particular success in Germany and Poland, where it is the most popular browser with 60% usage and 47% respectively.

To display web pages, Firefox uses the Gecko layout engine, which implements most current web standards in addition to several features that are intended to anticipate likely additions to the standards.

The latest Firefox features include tabbed browsing, spell checking, incremental find, live bookmarking, a download manager, private browsing, location-aware browsing (also known as "geolocation") based exclusively on a Google service and an integrated search system that uses Google by default in most localizations. Functions can be added through extensions, created by third-party developers, of which there is a wide selection, a feature that has attracted many of Firefox's users.

Firefox runs on various operating systems including Microsoft Windows, GNU/Linux, Mac OS X, FreeBSD, and many other platforms. Its current stable release is version 4.0.1, released on April 28, 2011. Firefox's source code is tri-licensed under the GNU GPL, GNU LGPL, orMozilla Public License.

Features

• Latest Firefox features include tabbed browsing, spell checking, incremental find, live bookmarking, a download manager, private browsing, location-aware browsing (aka "geolocation") based on a Google service and an integrated search system that uses Google by default in most localizations. Functions can be added through extensions, created by third-party developers, of which there is a wide selection, a feature that has attracted many of Firefox's users.
• Firefox provides an environment for web developers in which they can use built-in tools, such as the Error Console or the DOM Inspector, or extensions, such as Firebug.

Standards

Mozilla Firefox implements many web standards, including HTML, XML, XHTML, MathML, SVG 1.1 (partial), CSS (with extensions), ECMAScript (JavaScript), DOM, XSLT, XPath, and APNG(Animated PNG) images with alpha transparency. Firefox also implements standards proposals created by the WHATWG such as client-side storage, and canvas element.

The results of the Acid3 test on Firefox 4.0

Firefox passes the Acid2 standards-compliance test from version 3.0. Firefox versions 3.6.17 and 4.0.1 do not pass the Acid3 test; they score 94/100 and 97/100 respectively. Mozilla no longer intends for Firefox to pass the Acid3 test fully because it believes that the SVG fonts part of the test has become outdated and irrelevant due to WOFF being agreed upon as a standard by all major browser makers.

Firefox also implements a proprietary protocol from Google called "safebrowsing" (used to exchange data related with "phishing and malware protection"), which is not an open standard.

Security

Firefox uses a sandbox security model, and limits scripts from accessing data from other web sites based on the same origin policy. It uses SSL/TLS to protect communications with web servers using strong cryptography when using the HTTPS protocol. It also provides support for web applications to use smart-cards for authentication purposes.

The Mozilla Foundation offers a "bug bounty" to researchers who discover severe security holes in Firefox. Official guidelines for handling security vulnerabilities discourage early disclosure of vulnerabilities so as not to give potential attackers an advantage in creating exploits.

Because Firefox generally has fewer publicly known unpatched security vulnerabilities than Internet Explorer (see Comparison of web browsers), improved security is often cited as a reason to switch from Internet Explorer to Firefox. The Washington Post reports that exploit code for critical unpatched security vulnerabilities in Internet Explorer was available for 284 days in 2006. In comparison, exploit code for critical security vulnerabilities in Firefox was available for 9 days before Mozilla issued a patch to remedy the problem.

A 2006 Symantec study showed that, although Firefox had surpassed other browsers in the number of vendor-confirmed vulnerabilities that year through September, these vulnerabilities were patched far more quickly than those found in other browsers. Symantec later clarified their statement, saying that Firefox still had fewer security vulnerabilities than Internet Explorer, as counted by security researchers. As of February 11, 2011, Firefox 3.6 has no (known) unpatched security vulnerabilities according to Secunia. Internet Explorer 8 has five unpatched security vulnerabilities, the worst being rated "Less Critical" by Secunia.

In October 2009 Microsoft's security engineers acknowledged that Firefox was vulnerable since February of that year due to a .NET Framework 3.5 SP1 Windows update that silently installed a buggy 'Windows Presentation Foundation' plug-in into Firefox. This vulnerability has since been patched by Microsoft.

All patched vulnerabilities of Mozilla products are publicly listed.