Week in review: Browser battles

Hot on the heels of Microsoft's IE 7, Firefox 2 emerges with a new look and bulked-up security.

Mozilla fired a new salvo in the browser battle this week by officially releasing Firefox 2, with upgraded security features and a new interface.

The revamped Firefox includes a new interface theme and security enhancements such as built-in phishing protection. It also has session memory, which, when the browser is re-opened, brings back the set of Web pages that were in use when it was last closed. Changes have also been made in the technology to import RSS feeds, producing a feed list view with title and first lines. (Click here for the CNET Review.)

The Firefox 2 launch comes just days after Microsoft released Internet Explorer 7, the first update to its browser in almost five years.

(Click here for a look at how the Microsoft and Mozilla upgrades stack up on tabs, security, cool features and more.)

A day after shipping Firefox 2, Mozilla largely rebutted two claims of security flaws in the latest version of the Web browser. One of the problems is related to a vulnerability that was patched in an earlier version of Firefox. A report on the Bugtraq mailing list suggested that the issue, labeled "critical" by Mozilla, resurfaced in Firefox 2.

The report is incorrect, a Mozilla spokesman said. "The vulnerabilities that were identified were actually fixed."

However, there is a related problem that can cause Firefox to crash. "The exploitable issues are fixed. There is a crash, but it is a denial of service," the spokesman said.

Meanwhile, security experts have found a weakness in IE 7 that could help crooks mask phishing scams--the type of attack Microsoft designed the browser to thwart. The browser allows a Web site to display a pop-up that can contain a spoofed Web address, security monitoring company Secunia said. An attacker could exploit this weakness to trick people into believing they are on a trusted Web site when in fact they are viewing a malicious page.

The problem lies in the way Web addresses are displayed in the IE 7 address bar, a Microsoft representative said in an e-mailed statement. An attacker could exploit the issue by tricking a user to click on a specially formatted link, the representative said.

Back in hack
Jon Johansen, the 20-something hacker widely known for helping crack the piracy protections on DVDs several years ago, is taking on Apple Computer again. He has , the digital rights management technology used to make iPod and iTunes a closed system.

The technology will make other online music stores work with Apple's iPod device and let iTunes songs play on gadgets other than the iPod, said Monique Farantzos, who with Johansen co-founded DoubleTwist Venture Partners to license his work.

So how does it work?

"Essentially, what we do is trick iTunes into thinking that the device is an iPod," she said. "We're not removing any copy protection, we're simply adding copy protection."

Farantzos, a biophysicist by training but now into technology business development, talked about the company's plans and challenges with CNET News.com.

While many CNET News.com readers debated the legality of the technology, one reader questioned whether it was commercially viable.

"What company would risk setting up a business model based on Jon's software when it is very likely that Apple could get a restraining order to halt its use, then spend as much time and money as necessary to win the case?" wrote one reader to News.com's TalkBack forum.

Featured Video