Summary: Mozilla raises an important point by alluding to the fact that non-free (proprietary) software should be assumed to have back doors

SECURITY and privacy require freedom and control (by the user) from bottom to top, starting from the bootloader (NSA backdoors in bootloaders are now rumoured [1]). A British blogger in ZDNet, one whom UEFI Forum tried to silence or appease less than a couple of years back (as they did with other UEFI critics), continues to criticise UEFI, the Microsoft (notoriously strong NSA ally) promoted and Intel (as in intelligence) managed back doors-friendly BIOS replacement (UEFI facilitates remote bricking of computers, over the Internet).

Several months ago Tor was compromised through Firefox on Microsoft Windows. Firefox itself did not have back doors, but Windows has plenty of back doors (this month Microsoft already revealed several [2], which the NSA already knows about) and Mozilla's own platform uses Linux, not Windows.

Yesterday there were quite a few headlines quoting Mozilla's Brendan Eich, CTO and SVP of Engineering, for his warning about back doors [3-5], which are destroying any notion of information security in proprietary software [6].

With Mozilla diverging away from Windows (Firefox OS brings back memories of Netscape [7]) and signing major deals to bring this Linux-powered operating system to a lot of devices (not just phones [8-12]) we can hope that the whole stack, from bottom to top (hardware, operating system, applications) will be void of back doors. Let's wish Mozilla good luck. Chrome, which has just had another major release [13,14] is proprietary (never mind the Chromium marketing) and it cannot be seen as a back doors-free substitute to Firefox and Firefox OS (the same goes for Chrome OS). As for Android, recall what company is behind it. There are already reports (in corporate press) about it being remotely hijacked by the FBI. Ubuntu, Tizen, and Sailfish OS (Jolla) might be other decent options, but we don't know enough about them, at least not yet. WebOS is controlled by a very surveillance-happy company (LG), so we can assume, as the name suggests, that it transmits personal data over the Web/Internet. ⬆

Related/contextual items from the news:

1. NSA's backdoors are real -- but prove nothing about BadBIOS

   Recent revelations about NSA hardware and firmware backdoors gives all the evidence that those who believe BadBIOS Trojans exist need to see. The spying technology has arrived. The only question is if the BadBIOS incident truly happened.





2. Microsoft Starts 2014 With Four Security Advisories





3. Mozilla Calls on World to Protect Firefox Browser From the NSA

   Brendan Eich is the chief technology officer of the Mozilla Foundation, the non-profit behind the Firefox web browser. Among many other things, he oversees the Firefox security team — the software engineers who work to steel the browser against online attacks from hackers, phishers, and other miscreants — and that team is about to get bigger. Much, much bigger.





4. Mozilla: Firefox Has No Government Backdoors

   Andreas Gal, Mozilla's vice president of mobile and R&D, and Brendan Eich, CTO and SVP of Engineering, have updated Gal's blog with a long entry about how Firefox users can trust Mozilla when it comes to government backdoors and user privacy.
   
   In the blog, they point out that due to laws in the U.S. and elsewhere, Web surfers must interact with Internet services knowing full well that even though cloud service companies want to protect user privacy, eventually one day those companies will be required to comply with laws. The government may acquire information that seems to violate privacy and could even force surveillance. Even more, the government can do so while enforcing gag orders on the service, leaving the consumer unaware.





5. Mozilla CTO Eich: If your browser isn't open source (ahem, ahem, IE, Chrome, Safari), DON'T TRUST IT

   Mozilla CTO Brendan Eich has cautioned netizens not to blindly trust software vendors, arguing that only open-source software can be assured to be free from government-mandated surveillance code.
   
   "Every major browser today is distributed by an organization within reach of surveillance laws," Eich wrote in a joint blog post with Mozilla research and development VP Andreas Gal on Saturday.
   
   Under those laws, Eich argued, governments could compel software companies to include surveillance code in their products. Worse, the vendors may not be able to admit to the public that such code exists when asked, because of gag orders.
   
   The Mozilla man argued that open-source software can help alleviate this risk because customers have the opportunity to review its source code and spot any potential backdoors.





6. RIP, information security, done in by backdoors and secret deals

   It seems that the very tools we use to secure our networks represent the greatest insider threat of all





7. Firefox OS: The Return of Microsoft’s Netscape Fears

   Back in the days before the release of Windows 95, just as the public was discovering the Internet as an alternative to private networks such as Prodigy and CompuServe, Netscape was the bomb. In those days, Microsoft didn’t supply any method for surfing the Internet, so people visited their local Egghead store, or other software outlets, to buy a shrink wrapped version of Netscape on floppy disks, which opened up a whole new world to computer users.





8. Linux-based Platform Coming to Low-cost Smartphones, Tablets, Smart TVs





9. Firefox Developers Continue Tuning ASM.js Performance

   ASM.js is the subset of JavaScript that is aimed for performance, easy to optimize, and is suitable for EmScripten to target in its converting of C/C++ code through LLVM and into this optimized JavaScript. EmScripten itself has been an incredibly interesting project.





10. Mozilla Reveals Plans to Take Firefox OS and HTML 5 to New Devices





11. Mozilla Expands Its Firefox OS Partners, Platforms





12. Firefox OS Tablets, TVs and More to Arrive This Year





13. Google Releases Chrome 32 Web Browser for Windows, Mac, Linux

14. Chrome 32 Has New Tab Indicators, Better Performance

    Google Chrome 32 features new tab indicators for sound / webcam / casting, automatic blocking of known malware files, a number of new apps and extension APIs, and numerous "under the hood" changes that promise to provide better stability and performance.