Mozilla shoots at the messenger

firefox.jpgTwo hackers outlined a potentially serious Javascript flaw in Firefox, and the powers that be were not happy.

Snyder said she isn’t happy with the disclosure and release of an apparent exploit during the presentation. “It looks like they had enough information in their slide for an attacker to reproduce it,” she said. “I think it is unfortunate because it puts users at risk, but that seems to be their goal.”

Mozilla leaders then proceeded to beg for mercy, reminding everyone listening in that $500 goes to the person that reports a hole in Firefox (versus the alternative of creating a botnet ring and picking up tens of thousands from the spamming).

My take – you are not going to get the underworld on your side through small bribes, and you certainly aren’t going to get them to stop outing vulnerabilities. You should embrace the latter, and use your oodles of money to fix the problems instead of whining about them.

If you don’t, you’ll just be….uh…..Internet Explorer.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.