Mozilla Announces Firefox 4.0 Design Mockup, URL Spoofing Vulnerability
Article by George Norman
On 29 Jul 2009
The Mozilla Foundation teases and annoys the Firefox user this week. It teases the user by making a mockup of Firefox 4.0 available to the public – this after a theme mockup of the upcoming Firefox 3.7 was announced a short while ago (here’s how you can get your Firefox browser to look like that theme mockup). Then it annoys the user by announcing a new security hole in the browser it developed: a URL bar spoofing vulnerability that affects all versions of Firefox.

Starting with the Firefox 4.0 mock-up, two versions have been proposed: one with tabs on bottom (version A – image below) and one with tabs on top (version B – image below as well). The later option comes with some upsides: it saves vertical space, it is more efficient as it removes visual complexity, and there’s a shorter mouse distance to Page Controls. On the downside it breaks consistency (existing users are familiar with the current design and like this familiarity with the browser), tab titles are missing, there’s a longer mouse distance to tabs, some space is needlessly lost.


It has also been proposed to blend together the Stop, Refresh and Go buttons. This Stop/Refresh/Go Button would turn green when you start typing, will blend with the location bar when not in use, will turn blue when you hover over it, and will turn red when a page loads. Check out the images below.

Moving on, the Mozilla Security team announced that a URL spoofing security vulnerability affecting all current versions of the Firefox browser has been discovered – the credit for discovering this security hole goes to Juan Pablo Lopez Yacubian. The only workaround that you can employ is to share confidential info only with websites that you opened from a bookmark, a trusted source, or sites that you accessed by typing in the URL yourself.

Official word from Mozilla: “The URL in the address bar can be spoofed when a new window or tab is opened by a malicious web page. If a user visits a page hosting this malicious code, a new window or tab can be opened with a faked URL. There is no way of determining if the URL is authentic. This could result in the user disclosing confidential information to the malicious site, known as a phishing attack. This vulnerability is known to affect all current versions of Firefox. Mozilla is actively working on fixing this vulnerability.”

Version A

Version B

Stop/Refresh/Go Button

Tags: Mozilla, Firefox, Firefox 4.0 mockup, Security, URL spoofing
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
By George Norman on 24 Jul 2017
As someone who has been using Firefox day-to-day for a very – VERY – long time, I’ve grown to know a lot about Mozilla’s web browser. As such, I thought it a good idea to share part of my knowledge with you and highlight 10 tips & tricks that I’m sure you’ll find very useful.
By George Norman on 14 Aug 2017
Firefox Send works with any modern web browser (not just Mozilla’s own), it lets you safely send files up to 1GB in size, and using it is a fairly simple process, as you can see in this how-to guide.
By George Norman on 02 Aug 2017
Voice Fill uses spoken language to enter queries into search engines. Notes is a built-in notepad that you can use to jot down ideas. And Send lets you send encrypted, self-destructing files over the internet.
By George Norman on 31 Jul 2017
Are people taking better care of their passwords, or have their password habits changed for the worse? To get an answer to that question, data loss prevention software company Digital Guardian surveyed a thousand people about their password security habits and found that...
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Mozilla Announces Firefox 4.0 Design Mockup, URL Spoofing Vulnerability
HTML Linking Code