Wednesday, February 8, 2012

Firefox 13 reduces safebrowsing backend memory foot print

Firefox 13 now comes with an improved low memory foot print safebrowsing mode.

Firefox 13 now reduced anti phishing and malware code size from 40 to 50 MB size to 5 to 6 MB.  This improvement helps Firefox to add safe browsing in mobile as it now comes with low memory foot print.  Also this move helps only to cut the memory  usage in your desktop and not to change the Firefox safebrowsing behaviour.  To understand this, getting the knowledge of safe browsing is essential.

Safe Browsing:

Safe Browsing is a protocol provided by Google that has the list of bad websites(phishing or malware).  Firefox downloads this list of bad files incrementally and store it in the local sqlite database. When the user try to visit a url, Firefox compares the url with the local bad website database.  If any match found, then  Firefox sends the url to the Google server to determine whether the url is really bad to avoid false positives and if Google returns true, then warning is shown to the user.  To maintain user privacy, Firefox sends a set of random url along with the original url to the Google server.

How Firefox saves data in sqlite database?

Firefox passes the url to the SHA-256 algorithm and gets the hashed encrypted value and stores it   Each encrypted values consists of associated chunk-id  and a list-id which classifies whether the url is a malware or phishing

Firefox used to store 2 32 bit hash prefixes for every bad website url, out of which one is the full url of the page and the other is the host name.  This resulted in using 40 to 50 MB disk space for safebrowsing and is not implemented in Firefox mobile as 40 to 50 MB disk space is too much for it.

How Firefox solves it?

Now Firefox saves full url only, removing the hostname part.  Though this reduces memory foot print, this creates false positives (calling a clean url as a malware).  Now one out of 7000 clean urls visited by the user will be reported as a malware(false positive).  Also this also increases traffic to the remote Google server, which does not affect user experience.  In addition to this Firefox also eliminates chunk numbers and compressed sub prefixes.

More technical details available here.

Please upgrade your nightly build today  or download it from here to check this.

Share your opinion through comments.

  © Blogger templates Newspaper III by 2008

Back to TOP