Mozilla Hires Ex-Microsoft Security Strategist Window Snyder

Keep on Guard!


Looks like Mozilla is toughening it’s stance on security, people have been putting it down lately, especially those from the Microsoft camp as there have been a few flaws.

But well, it’s still not part of the operating system, the flaws are generally fixed within a couple of days and the patching system is simple and bandwidth friendly since version 1.5.0.1.

I generally find it more effecient, better designed, more secure and less proprietary :P than Internet Exploder.

Anyway back on topic..

Former Microsoft security strategist Window Snyder is joining Mozilla to lead the company’s effort to protect its range of desktop applications from malicious hacker attacks.

Snyder, who was responsible for security sign-off for Microsoft’s Windows XP Service Pack 2 and Windows Server 2003, will spearhead Mozilla’s security strategy, eWEEK has learned.

The hiring of Snyder is a coup for Mozilla Corp., the for-profit subsidiary of the Mozilla Foundation, based in Mountain View, Calif.

The group has seen its flagship Firefox Web browser chip away at the market dominance of Microsoft’s Internet Explorer, largely because of high-profile security flaws in and attacks on IE, and the addition of Snyder is sure to help beef up Mozilla’s security process and improve its communications with bug finders.

Sounds like a very good idea to me, with a proper security stance and process in place Firefox will become a market dominating product, it’s already fantastic, now it’s getting more money and skills injected, it’s evolving faster and smoother than ever.

Snyder most recently served as principal and founder of Matasano Security, a New York-based startup that was one of several external penetration testers hired by Microsoft to conduct simulated hacking attacks on Windows Vista.

She is also credited with seeding the idea for Microsoft’s internal “Blue Hat” security briefings, in which the crème de la crème of the hacking community is invited to the company’s Redmond, Wash., headquarters to discuss security with employees.

Snyder, a regular at security conferences, helped to soothe Microsoft’s contentious relationship with security consultants, and played a part in the improvement of the software maker’s strategy for reaching out to security vendors and researchers.

She was HITB conference this year I think if anyone was there, she’s quite cute too :P

Source: eWeek

Posted in: Hacking News

, , , , , ,


Latest Posts:


BootStomp - Find Bootloader Vulnerabilities BootStomp – Find Android Bootloader Vulnerabilities
BootStomp is a Python-based tool, with Docker support that helps you find two different classes of bootloader vulnerabilities and bugs.
Google Chrome Marking ALL Non-HTTPS Sites Insecure July 2018 Google Chrome Marking ALL Non-HTTPS Sites Insecure July 2018
Google is ramping up its campaign against HTTP only sites and is going to mark ALL Non-HTTPS sites insecure in July 2018 with the release of Chrome 68.
altdns - Subdomain Recon Tool With Permutation Generation altdns – Subdomain Recon Tool With Permutation Generation
Altdns is a subdomain recon tool in Python that allows for the discovery of subdomains that conform to patterns. The tool takes in words that could be present in subdomains under a domain (such as test, dev, staging) as well as takes in a list of subdomains that you know of.
0-Day Flash Vulnerability Exploited In The Wild 0-Day Flash Vulnerability Exploited In The Wild
So another 0-Day Flash Vulnerability is being exploited in the Wild, a previously unknown flaw which has been labelled CVE-2018-4878 and it affects 28.0.0.137 and earlier versions
dorkbot - Command-Line Tool For Google Dorking dorkbot – Command-Line Tool For Google Dorking
dorkbot is a modular command-line tool for Google dorking, which is performing vulnerability scans against a set of web pages returned by Google search queries in a given Google Custom Search Engine.
USBPcap - USB Packet Capture For Windows USBPcap – USB Packet Capture For Windows
USBPcap is an open-source USB Packet Capture tool for Windows that can be used together with Wireshark in order to analyse USB traffic without using a Virtual Machine.


Comments are closed.