Privacy guaranteed - Your email is not shared with anyone.

Welcome to Glock Forum at

Why should YOU join our forums?

  • Reason #1
  • Reason #2
  • Reason #3

Site Description

Mozilla security flaw

Discussion in 'Tech Talk' started by Jack T., Jul 9, 2004.

  1. David_G17

    David_G17 /\/\/\/\/\/\/\/

    Oct 7, 2002
    step one.

  2. HerrGlock

    HerrGlock Scouts Out CLM

    Dec 28, 2000
    ~1 ~2 ^b

  3. hapuna

    hapuna Trusted Member

    Apr 22, 2002
    It is a dirt simple fix!!!:cool:
  4. Harlequin

    Harlequin I need a weapon

    Sep 19, 2003
    East Central Indiana
    It was bound to happen eventually. At least it's only happened to them once and not once a week like with IE. You can bet they will be more careful now.
  5. HerrGlock

    HerrGlock Scouts Out CLM

    Dec 28, 2000
    No, it happens with all software, more often than anyone would like. Two things tend to lessen the number or severity of vulnerabilities:

    1) If the software is made by hackers it tends to be more secure. These people are paranoid about their own stuff and make sure anything they write has gone through every check they know about. Sometimes the vulnerability only manifests if it is running in conjuction with other software that the writers do not have on their systems. When you find a vulnerability that is only for one OS, it's usually not the program that is actually vulnerable, it's the combination of programs or a vulnerability in the OS proper that is only there with the calls the software makes. Sometimes the home brewed and community written software takes longer to get out but when it does come out, it tends to be more stable than stuff that had to meet some arbitrary deadline.

    2) Look at the time from finding the vulnerability Vs the patch or fix. There are some software writers that take their time getting something out to patch it. The claims "It needs testing" is not an excuse for waiting six months to get a root/admin level vulnerability fixed. Get people to work 24/7 and make sure it's tested NOW and get the patch out NOW. Also, threatning to sue anyone who publishes a vulnerability for your software before you have a fix out is not right!

    All software will have vulnerabilities. OpenBSD has had exactly one root level exploit in its default install in 10 years. They don't give you the latest and greatest, it's usually a generation behind what's out on the streets now, but it's secure.

    Okay, more coffee needed so I can actually make sense today.