BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Mozilla seeks details on browser vulnerability exploited in FBI probe

Mozilla seeks details on browser vulnerability exploited in FBI probe

(Reuters) — Mozilla Corp. has asked a federal judge to order the U.S. government to disclose a vulnerability in its Firefox Web browser that the company says the FBI exploited to investigate users of a large and secretive child pornography website.

Mozilla filed papers in federal court in Tacoma, Washington, on Wednesday seeking information on a vulnerability in a browser used to view websites on the anonymous Tor network that is partly based on the code for Firefox.

In a blog post, Denelle Dixon-Thayer, Mozilla's chief legal and business officer, said a judge had ordered the vulnerability disclosed to lawyers for a defendant caught in the probe, Jay Michaud, but not to any of entities that could fix it.

"We don't believe that this makes sense because it doesn't allow the vulnerability to be fixed before it is more widely disclosed," she wrote.

A U.S. Justice Department spokesman said it would respond at a later date.

Mozilla's brief came amid renewed attention to the process for disclosing computer security flaws discovered by federal agencies, following a recent standoff between Apple Inc. and the FBI over a locked iPhone linked to a shooter involved in a terrorist attack in San Bernardino, California, in which 14 people were killed.

The FBI said it could not submit to an interagency review the hack used to access the iPhone because it did not own the method or possess sufficient knowledge of the underlying vulnerability.

Mozilla said it had asked if the FBI submitted the browser flaw through the vulnerability review process but has not received an answer.

Mr. Michaud is one of 137 people facing U.S. charges after the FBI in February 2015 seized the server for Playpen, a child porn website on the Tor network, which is designed to allow anonymous online communication and protect user privacy.

In order to identify its 214,898 members, authorities sought a search warrant from the Virginia judge allowing them to deploy a "network investigative technique."

That technique would cause a user's computer to send them data any time that user logged onto the website while the FBI operated it for two weeks.

The investigation has recently run into legal trouble, after two defendants secured rulings declaring the warrants used in their cases were invalid.

In Mr. Michaud's case, U.S. District Judge Robert Bryan in February ordered that prosecutors disclose to his lawyers the code used to deploy the "network investigative technique." Prosecutors have asked Judge Bryan to reconsider.