Mozilla is a global, nonprofit organization dedicated to improving the World Wide Web. Mozilla places a strong focus on open-source projects that prioritize the privacy and security of its users. Mozilla’s most popular project, Firefox, is the second most used desktop browser, serving over 250 million users worldwide.
Recently discovered security vulnerabilities, “Spectre” and “Meltdown,” have reiterated the need for computers to maintain the security and privacy of their users. To this end, Mozilla has started to convert Firefox to a new system, called Fission.
Currently the Firefox browser runs each webpage in a single process, which can be thought of as a physical container. Each webpage consists of multiple parts. If these parts all reside in the same container, then they can interact with each other’s parts, thereby enabling potential security vulnerabilities.
Fission is a new paradigm developed by Mozilla to split webpages in Firefox into multiple processes, or containers, to protect the user from potentially malicious web pages or advertisements. Using Fission, a malicious web page can no longer access private information because it no longer resides in the same container as anything else.
To implement Fission, Firefox’s underlying infrastructure must be reworked. Firefox is massive, containing over 5 million lines of code, so converting the entire browser to Fission is not trivial.
Our “Splitting the Atom. Again.” project updates various parts of the Firefox browser, such as picture-in-picture video, pop-up blocking, and page thumbnail creation, to use Fission. From a Firefox user’s perspective, this transition is unnoticeable, but it is essential to ensure a secure browsing experience.
These advancements are implemented using JavaScript, with Mercurial used for version control and Phabricator used for code reviews.