Thu, Aug 7 2008 10:52
Mozilla ups ante on security
Open-source software maker Mozilla announced this
week that the company will require developers to undergo training in
secure programming and allow the security community to review its
assessments of threats to the Firefox browser.
The two initiatives, which follow the group's announcement
in July that it has begun developing metrics for measuring its handling
of security issues, are aimed at better securing the browser, said
Window Snyder, chief security officer for Mozilla. The threat modeling,
in particular, could allow the company to gain the input of security
researchers and prevent missteps that could result in reduced security,
but has to be handled carefully to prevent attackers from using the
information for malicious purposes, she said.
Filed under: News