A flaw in Mozilla exposes hard drives. You’re safe if you’re using Release Candidate 1 of 1.0, but only because XMLHTTP — where the flaw lies — is broken. This is a bummer, but at least it’ll be fixed soon, I’m sure. (update: yep, a fix has been checked in.) Here’s a more detailed summary of the problem.

And note, too, a pretty cool little interview about Mozilla-the-technology. Very informative, especially for those unfamiliar with the project.