Mozilla Firefox 95 Update to Deploy RLBox Sandboxing Technology for Enhanced Browser Protection


Mozilla Firefox 95 update is being rolled out with a new sandboxing technology called RLBox that is touted to enhance the browser’s protection against malicious code. Mozilla says the new technology makes it easy and efficient to isolate potentially buggy code to make the browser secure so much so that even zero-day vulnerabilities in some cases are claimed to pose no threat to users on Firefox. Additionally, Mozilla has updated its bug bounty programme to pay researchers for bypassing the sandbox.

Sandboxing is a practice that is used to keep potentially malicious code isolated from the rest of the organisation’s environment. As per a blog post by Mozilla, the RLBox sandboxing technique uses WebAssembly to isolate five modules of the Firefox browser. WebAssembly technology enables high-resource apps like games, video, and image editors to run in a browser at speed on par with a local computer. “Going forward, we can treat these modules as untrusted code, and even a zero-day vulnerability in any of them should pose no threat to Firefox,” the company said.

The technology, which has been developed in collaboration with researchers at the University of California San Diego and the University of Texas, is now being released for all supported Firefox platforms (desktop and mobile).

In order to understand how RLBox sandboxing works, we must first understand the nature of threats that are being posed online.

Just like all major Web browsers that run content in their own sandboxed process to plug vulnerabilities, Firefox also isolates each site in its own process for protection. Mozilla says threat actors attack users by chaining together two vulnerabilities — “one to compromise the sandboxed process containing the malicious site and another to escape the sandbox”. To tackle this scare, multi-layer protection is needed.

As mentioned, RLBox sandboxing technology compiles the code into WebAssembly instead of hoisting it into a separate process. It then compiles that WebAssembly into native code allowing Firefox to run trusted and untrusted code in the same process. Mozilla says RLBox helps in sanitising any values that come from the sandbox, resulting in enhanced protection from malicious code.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Sourabh Kulesh is a Chief Sub Editor at Gadgets 360. He has worked in a national daily newspaper, a news agency, a magazine and now writing technology news online. He has knowledge on a wide gamut of topics related to cybersecurity, enterprise and consumer technology. Write to or get in touch on Twitter through his handle @KuleshSourabh.

Realme RMX3310 Specifications Tipped by TENAA Listing, Believed to Be New Realme GT Series Phone

Products You May Like

Articles You May Like

Amazon Kindle Paperwhite Signature Edition (2021) Review: A Good Option for Serious Readers
Samsung Galaxy Tab A8 With 7,040mAh Battery, Dolby Atmos Launched in India
Pegasus Spyware Used to Hack Phones of Salvadoran Journalists Investigating Alleged State Corruption: Report
OnePlus 9RT, OnePlus Buds Z2 Launch Today: How to Watch Livestream, Expected Specifications, More
Boult Audio AirBass Y1 TWS Earbuds With Up to 40 Hours of Battery Life Launched in India

Leave a Reply

Your email address will not be published. Required fields are marked *