About a month ago Mozilla announced the beginning of an effort to improve internet security within the Firefox browser. The focus is on improving security metrics by developing more efficient ways to pinpoint security issues and quantify their likelihood. But rather than building upon the CVSS (Common Vulnerability Scoring System), the closest thing out there to an industry standard, they are attempting to create new methods of measuring relative internet security. Mozilla has claimed that the CVSS is uninformative and relies on metrics that don’t necessarily deal with core security issues. As a result, they will go back and re-identify key metrics with plans to eventually analyze them over time.
This will undoubtedly take much more time and money, but it suggests that Mozilla is looking to do more than provide basic internet security for users, and is starting from scratch to create something that is capable of handling the increasing openness of data within the web. As more and more websites begin sharing information, security and privacy are taking on a whole new meaning. Facebook and MySpace have experienced this with their data portability platforms, and the encounters will only continue as they continue to share their data. Mozilla realizes this, and is looking to create a platform that will shape how the web is implemented in the near future.