Mozilla Firefox 95 Update to Deploy RLBox Sandboxing Technology for Enhanced Browser Protection

by admin 0 Comments

Laptops/Tablets
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Mozilla Firefox 95 update is being rolled out with a new sandboxing technology called RLBox that is touted to enhance the browser’s protection against malicious code. Mozilla says the new technology makes it easy and efficient to isolate potentially buggy code to make the browser secure so much so that even zero-day vulnerabilities in some cases are claimed to pose no threat to users on Firefox. Additionally, Mozilla has updated its bug bounty programme to pay researchers for bypassing the sandbox.

Sandboxing is a practice that is used to keep potentially malicious code isolated from the rest of the organisation’s environment. As per a blog post by Mozilla, the RLBox sandboxing technique uses WebAssembly to isolate five modules of the Firefox browser. WebAssembly technology enables high-resource apps like games, video, and image editors to run in a browser at speed on par with a local computer. “Going forward, we can treat these modules as untrusted code, and even a zero-day vulnerability in any of them should pose no threat to Firefox,” the company said.

The technology, which has been developed in collaboration with researchers at the University of California San Diego and the University of Texas, is now being released for all supported Firefox platforms (desktop and mobile).

In order to understand how RLBox sandboxing works, we must first understand the nature of threats that are being posed online.

Just like all major Web browsers that run content in their own sandboxed process to plug vulnerabilities, Firefox also isolates each site in its own process for protection. Mozilla says threat actors attack users by chaining together two vulnerabilities — “one to compromise the sandboxed process containing the malicious site and another to escape the sandbox”. To tackle this scare, multi-layer protection is needed.

As mentioned, RLBox sandboxing technology compiles the code into WebAssembly instead of hoisting it into a separate process. It then compiles that WebAssembly into native code allowing Firefox to run trusted and untrusted code in the same process. Mozilla says RLBox helps in sanitising any values that come from the sandbox, resulting in enhanced protection from malicious code.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.


Sourabh Kulesh is a Chief Sub Editor at Gadgets 360. He has worked in a national daily newspaper, a news agency, a magazine and now writing technology news online. He has knowledge on a wide gamut of topics related to cybersecurity, enterprise and consumer technology. Write to sourabhk@ndtv.com or get in touch on Twitter through his handle @KuleshSourabh.
More

Realme RMX3310 Specifications Tipped by TENAA Listing, Believed to Be New Realme GT Series Phone

This article was originally published by Ndtv.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

Kingdom Come: Deliverance 2 Announced With Visceral Reveal Trailer, Will Arrive Later This Year
‘Lord of the Rings’ Owner Embracer Group Announces Plan to Split Into 3 Standalone Companies: Details
Microsoft Phi-3 Launched as Company’s Smallest Open-Source AI Model to Date
Star Wars Jedi Survivor Hits Xbox Game Pass via EA Play on April 25, Spotted on EA Play on PS5 in Some Regions
Apple Offer to Open Up NFC-Based Tap-and-Go Technology Said to Be on Track for EU Approval by May

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.