We believe that Firefox OS will face attack like other mobile OS. The most harmful attack may be exploiting the B2G process. And, resources from browser exploitation would be useful for exploiting Firefox OS because it is Gecko based and its apps are written by HTML5. Users, on the other hand, will benefit from understanding the risks involved in using HTML5 and how they can avoid these.
Update, 26 September 2013: A Mozilla spokesperson comments on this article: "When building Firefox OS we've considered a variety of potential attack scenarios and included numerous defenses to protect our users. The theoretical attack described would require additional defense systems to be bypassed. For example, Firefox OS has an additional security barrier between Web content and the core OS, which would stop the attack as described in the article. However, as we always place user security in high regards we are still adding additional security controls such as sandboxing to further protect our users. In addition, the specific vulnerability mentioned has already been patched in the next release of Firefox OS, which is available to OEMs."
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.