The open-source browser maker was forced to issue a statement Monday, retracting a pledge attributed to the company's director of ecosystem development, Mike Schaver, to fix any critical security bugs in the browser within "Ten Days." Security researcher Robert Hansen said that Schaver had made the pledge at a late-night pajama party, hosted at last week's Black Hat conference in Las Vegas.
When Hansen said he doubted that this was possible, Shaver apparently backed up his pledge in writing: putting it on a business card with an arrow linking to his mobile phone number. "I told him I would post his card -- and he didn't flinch. No, he wasn't drunk. He's serious," Hansen wrote in a Friday blog posting. [Warning: URL and image contain expletive.] On Friday, Mozilla security chief Window Snyder offered a refinement to Shaver's late-night scrawl. "This is not our policy," she wrote in a blog posting. "We do not think security is a game, nor do we issue challenges or ultimatums."
View: The full story
News source: ComputerWorld
When Hansen said he doubted that this was possible, Shaver apparently backed up his pledge in writing: putting it on a business card with an arrow linking to his mobile phone number. "I told him I would post his card -- and he didn't flinch. No, he wasn't drunk. He's serious," Hansen wrote in a Friday blog posting. [Warning: URL and image contain expletive.] On Friday, Mozilla security chief Window Snyder offered a refinement to Shaver's late-night scrawl. "This is not our policy," she wrote in a blog posting. "We do not think security is a game, nor do we issue challenges or ultimatums."
View: The full story News source: ComputerWorld
At this point Mike Shaver threw down the gauntlet. He gave me his business card with a hand written note on it, laying his claim on the line. The claim being - with responsible disclosure Mozilla can patch and deploy any critical severity holes within “Ten F------ Days”
A very human reaction to what was likely a testosterone-driven discussion.
10 days or less is a great goal, but I can see the lawyer-types crawling all over this to make sure it is announced that this is not a "policy".
LOL. I was just about to post the same thing.
Ahh Minjas (ninja midgets)
These are guys, right?
Hahaha. Don't you just love the PC crew.
Am I the only one who finds it funny that the security chief for Mozilla is named Window?
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.