Fearing that the feds may force them into adding a backdoor into their browser in order to spy on users, Brendan Eich of Mozilla (the non-profit behind Firefox) is putting out an all-call to to security researchers:
Eich calls for security researchers across the globe to regularly audit the Firefox source code and create automated systems that can ensure the same code is used to update 18 million machines that run the browser. That’s not an option for other browsers, but it is for Firefox. The code behind the browser is completely open source, meaning anyone can look at it, at any time.
The move is one more way that the giants of the web are responding to revelations that the National Security Agency is snooping on web traffic via popular services and software. After NSA whistleblower Edward Snowden revealed that the U.S. government is tapping into data collected by private companies like Google and Facebook and then private email outfit Lavabit revealed a gag order that forbade the company from the telling customers the government was requesting information about them, Eich is worried that the feds could force Mozilla into adding a backdoor into its browser.
“As the Lavabit case suggests, the government may request that browser vendors secretly inject surveillance code into the browsers they distribute to users,” Eich says. “We have no information that any browser vendor has ever received such a directive. However, if that were to happen, the public would likely not find out due to gag orders.”
Because Firefox is open source, outsiders can fix holes and distribute changes outside of Mozilla. This collaboration also allows users to notice when things have been changed as no part of the code is proprietary. They’re the only browser with that distinction.