Mozilla Hires Ex-Microsoft Security Strategist Window Snyder

Use Netsparker


Looks like Mozilla is toughening it’s stance on security, people have been putting it down lately, especially those from the Microsoft camp as there have been a few flaws.

But well, it’s still not part of the operating system, the flaws are generally fixed within a couple of days and the patching system is simple and bandwidth friendly since version 1.5.0.1.

I generally find it more effecient, better designed, more secure and less proprietary :P than Internet Exploder.

Anyway back on topic..

Former Microsoft security strategist Window Snyder is joining Mozilla to lead the company’s effort to protect its range of desktop applications from malicious hacker attacks.

Snyder, who was responsible for security sign-off for Microsoft’s Windows XP Service Pack 2 and Windows Server 2003, will spearhead Mozilla’s security strategy, eWEEK has learned.

The hiring of Snyder is a coup for Mozilla Corp., the for-profit subsidiary of the Mozilla Foundation, based in Mountain View, Calif.

The group has seen its flagship Firefox Web browser chip away at the market dominance of Microsoft’s Internet Explorer, largely because of high-profile security flaws in and attacks on IE, and the addition of Snyder is sure to help beef up Mozilla’s security process and improve its communications with bug finders.

Sounds like a very good idea to me, with a proper security stance and process in place Firefox will become a market dominating product, it’s already fantastic, now it’s getting more money and skills injected, it’s evolving faster and smoother than ever.

Snyder most recently served as principal and founder of Matasano Security, a New York-based startup that was one of several external penetration testers hired by Microsoft to conduct simulated hacking attacks on Windows Vista.

She is also credited with seeding the idea for Microsoft’s internal “Blue Hat” security briefings, in which the crème de la crème of the hacking community is invited to the company’s Redmond, Wash., headquarters to discuss security with employees.

Snyder, a regular at security conferences, helped to soothe Microsoft’s contentious relationship with security consultants, and played a part in the improvement of the software maker’s strategy for reaching out to security vendors and researchers.

She was HITB conference this year I think if anyone was there, she’s quite cute too :P

Source: eWeek

Posted in: Hacking News

, , , , , ,


Latest Posts:


Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.


Comments are closed.