In association with heise online

The H Year: 2009's Wins, Fails and Mehs

Web Battles

Win - Google's Chrome and the return of browser competition - The 2008 arrival of Google's Chrome brought more active competition in the open source web browser world. With the Linux and Mac ports of Chrome appearing in 2009, the Google browser has been shaping up to give all the browser makers some real competition. Mozilla's future plans for Firefox include a look and feel like Chrome, and process separation, like Chrome. HTML5 is also driving development forward as both Google and Mozilla work to make the browser a self-sufficient environment for future web applications.

Fail - Flash and PDF Insecurity - But while browsers try and become more self contained, plugins such as Adobe's Flash and Acrobat have become much more likely to be targetted as vectors for malware. Many holes have been fixed over the year. Although Adobe have now adopted a more regular security update cycle, there are plenty of older versions of the plugins still installed. If there was only an easy way to check...

Win - Update Checking - Firefox 3.5 took a step forward to address the issue of out-of-date vulnerable plugins by adding a web-based check on plugins to help users at least have the most up-to-date versions of their browser plugins. The H also launched The H Update Check for users of Windows based browsers which checks not only the user's plugins, but also applications which may be called up by the browser.

Meh - Mobile Firefox/Fennec - Despite all the activity in the open source mobile space, Mozilla's mobile web browser is still not with us and isn't promising anything remarkable when it does arrive. Mozilla need to get a good mobile browser out; a monoculture based around WebKit (as used on the iPhone, Android and ChromeOS) could be far from ideal for innovation.

Fail and Win - The Intrusion - The site was taken offline in August after an SSH key compromise allowed attackers into the system. An unfortunate fail, but at least the damage was limited. In the course of investigating what happened, the Apache Infrastructure Team produced a detailed report on what went wrong which made it clear what happened, what was affected and what lessons the team and other administrators could learn from the intrusion; a real win in demonstrating how transparency over incidents can help improve security.

Next - Linux and open source

Print Version | Permalink:
  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit