Mozilla Foundation chief technology officer Brendan Eich believes that Firefox can be free from surveillance by government organizations.
In a recent blog post , Eich pointed out that other browsers will be unable to offer such an assurance explaining, “Every major browser today is distributed by an organization within reach of surveillance laws.”
Eich went on to say that many governments and their agencies might force service operators to allow surveillance, pointing to the Lavabit case as an example of this predicament. Governments could not only force services to enable surveillance, but issue a gag order preventing these services from informing their users.
As a solution to this problem, Eich offers that Firefox’s open-source nature gives it a “critical advantage” over other browser vendors because security researchers are able to compare and vary its executable bits with the official distribution.
Because of this advantage, Eich went on to provide several actions that, if enforced by security researchers and organizations, could prevent anyone from “injecting undetected surveillance code into Firefox.” According to Eich they will need to, “Regularly audit Mozilla source and verified builds by all effective means, establish automated systems to verify official Mozilla builds from source, and raise an alert if the verified bits differ from official bits.”
Eich concluded, “Through international collaboration of independent entities we can give users the confidence that Firefox cannot be subverted without the world noticing, and offer a browser that verifiably meets users’ privacy expectations.”
While all of this sounds promising, do you think that Firefox could be surveillance-free if these steps are taken?