Right now, the most popular phone for Firefox OS is the Intex Cloud FX (the $33 phone), which was released last month and runs 1.3[1]. However, Mozilla has said that they are only applying updates to 2.x[2].
This means that their flagship phone that was released only a month ago has a critical security vulnerability and there are no plans to fix it. Great work, Mozilla!
Please, elaborate. I was under the impression that the Intex 1.3 branch was entirely separate from the main trunk and it would take some time to merge it back in.
http://cryptopals.com/sets/6/challenges/42/
Ironically, Firefox is the only browser that had this flaw when Bleichenbacher originally described it almost 10 years ago.
I'm particularly fond of this bug; it's what started me off down the path of learning about serious crypto attacks.