Today, Chief Technology Officer of the Mozilla Foundation Brendan Eich took to the company’s official blog for a call to arms against the unyielding efforts of the United States government.
He spoke on several subjects throughout the post, most notably his dedication to the open-source platform and its versatility both in and outside of the internet security sector
What separates Firefox from the rest of the crowd (looking at you IE and Safari), is that unlike those browsers, FF has the distinct privilege of being built from the ground up as a 100% open source platform. This means that anyone in the world can freely pour through the code of the web page wrangler to find any security holes or unpatched vulnerabilities that might exist which the official security team at Mozilla may have missed.
“It is becoming increasingly difficult to trust the privacy properties of software and services we rely on to use the Internet. Governments, companies, groups and individuals may be surveilling us without our knowledge.”
Because other browsers are essentially locked down from the moment they leave the programming department back at the home office, they aren’t afforded the same levels of flexibility and transparency that Firefox has boasted from the beginning.
Certain contenders do feature a marginal amount of open-source capabilities, namely Opera and Chrome, however the bulk of their code is still written on a proprietary basis, making it impossible for random users with an interest in security to dig through the nuts and bolts of their software to check that all the vents are properly sealed up.
Because services like Tor rely heavily on the nature of Firefox’s engine, it’s imperative that the netsec community remain vigilant in their fight for privacy in this brave new world of surveillance we’ve inadvertently found ourselves living in these days.
“Security is never ‘done’ – it is a process, not a final rest-state,” Eich wrote. “No silver bullets. All methods have limits. However, open-source audibility cleanly beats the lack of ability to audit source vs. binary.”