window snyder

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Window Snyder leaves Mozilla

Window Snyder leaves MozillaInterestingVery interesting and relevent updateNice "public face"A loss for Mozilla.Sounds like she is unable to keep a job.This day an age, jumping ships every 6 months amount to one of two things:- Insecure worker.- Incompetent personI'm assuming this lady is the 1st. But my sincere sugestion...

Tags: Mozilla Corp., Window Snyder

Discussion threads 2008-12-10

Window Snyder leaves Mozilla

Mozilla security chief Window Snyder is leaving the open-source group. Snyder, who joined Mozilla after stints at Microsoft and Matasano Security, announced her exit on the Mozilla security blog today. Snyder writes: I will be leaving Mozilla at the end of the year. ...

Tags: Window, Mozilla Corp., Window Snyder, Security, Ryan Naraine

Blog posts 2008-12-10

Talking Firefox security with Mozilla's Window Snyder

LAS VEGAS -- Mozilla security chief Window Snyder wants to open-source much more than the Firefox browser. During a sit-down chat at the Black Hat security conference here, Snyder announced plans to launch three new initiatives around threat modeling, training and vulnerability metrics that push the envelope...

Tags: mozilla firefox, window, training, web browser, mozilla corp., window snyder, web browsers, security, internet, ryan naraine

Blog posts 2008-08-06

Mozilla ups unpatched Firefox flaw to 'high severity'; Preps fix

Mozilla has given a proof of concept Firefox vulnerability a "high severity" rating because an attacker can collect session information such as cookies and history, according to Mozilla security chief Window Snyder. Snyder said the vulnerability will be patched with Firefox 2.0.0.12, which will be pushed out...

Tags: Mozilla Firefox, Vulnerability, Severity, Mozilla Corp., Add-on, Flaw, Window Snyder, Web Browsers, Security, Internet, Larry Dignan

Blog posts 2008-01-30

Mozilla confirms Firefox proof of concept information leak vulnerability

Mozilla's security chief Window Snyder has confirmed a proof of concept information leak flaw in Firefox--even fully patched versions. Snyder confirmed the issue in a blog post. The proof of concept vulnerability was highlighted by researcher Gerry Eisenhaur on Jan. 19. In a nutshell, Firefox leaks information...

Tags: Mozilla Firefox, Attacker, Vulnerability, Mozilla Corp., Window Snyder, Web Browsers, Security, Internet, Larry Dignan

Blog posts 2008-01-23

Mozilla: Critical vulnerability in Microsoft flaw-counting

Mozilla security chief Window Snyder has dismissed Jeff Jones's IE vs Firefox flaw-counting exercise as a useless public relations exercise that ignores tons of bugs that aren't fixed until Microsoft ships service packs and major browser updates. Snyder left, a former Microsoft security strategist, said Jones use...

Tags: Vulnerability, Jeff Jones, Microsoft Internet Explorer, Microsoft Corp., Web Browser, Mozilla Corp., Window Snyder, Web Browsers, Security, Internet, Ryan Naraine

Blog posts 2007-12-03

Opera uses Mozilla fuzzer to find, fix severe browser flaw

How's this for cross-browser cooperation?Using a JavaScript fuzzer released by Mozilla at Black Hat, Opera's security team has found and fixed a "highly severe" browser flaw that could be used in code execution attacks.The problem:A virtual function call on an invalid pointer that may reference data crafted by the attacker...

Tags: browser flaw, Flaw, Mozilla Corp., Opera Software ASA, Ryan Naraine, Web Browser, Window Snyder

Blog posts 2007-08-15

Firefox narrows patch deployment window

Mozilla security chief Window Snyder has dismissed the counting of vulnerabilities as a "misleading metric," suggesting that the time it takes to release -- and deploy -- software patches should carry more weight.Snyder, a former Microsoft security strategist, makes the argument that the number of vulnerabilities found is more...

Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Responsible disclosure, Pen testing, Patch Watch, Open source, Mozilla, Microsoft, Metasploit, McAfee, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Apple

Blog posts 2007-06-19

Mozilla downplays Zalewski's Firefox flaws

Mozilla security chief Window Snyder is pouring cold water on a claim by an independent researcher that there's a major security hole in the Firefox browser.A day after Michal Zalewski went public with details of Firefox vulnerabilities he thinks could lead to code execution attacks, Snyder responded with a note...

Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Passwords, Open source, Mozilla, Metasploit, Hackers, Google, Firefox, Exploit code, Digital rights management, Data theft, Browsers, Botnets

Blog posts 2007-06-05

Mozilla rebuts Firefox 2 bug reports

Mozilla rebuts Firefox 2 bug reportsWell...It looks to me, after Mozilla "rebuts" these flaws, that they or at least one of the flaws are not any less severe than the IE7 vulnerability. Which, btw, for some reason does not appear to affect my IE7 on XP system. When...

Tags: Web browsers, SECURITY, Mozilla Firefox 2.0, Mozilla Firefox, Mozilla Corp., vulnerability, Window Snyder, Microsoft Internet Explorer 7, Microsoft Corp.

Discussion threads 2006-10-25

Mozilla and Microsoft and how we measure security flaws

I had the opportunity this week to speak with Window Snyder who just joined Mozilla as the lead security strategist. Snyder was most recently a principal founder and CTO at Matasano Security and was a senior security strategist for Microsoft heavily involved in their security development lifecycle. It's...

Tags: Window Snyder, Mozilla Corp., exploit

Blog posts 2006-09-14

Additional Resources

Mozilla plugs Firefox code execution holes

Mozilla today shipped Firefox 3.0.7 with fixes for at least eight security flaws, some rated critical. The most serious of the vulnerabilities could be exploited by attackers to run code and install software, requiring no user interaction beyond normal browsing, Mozilla warned in...

Tags: Mozilla Firefox, Vulnerability, Web Browser, Mozilla Corp., Web Browsers, Security, Internet, Ryan Naraine

Blog posts 2009-03-04

News to know: SAP's mistake; Mozilla; Yahoo; CRM

Here are today’s notable headlines. You can get News To Know via email alert and RSS daily: Mary Jo Foley: Microsoft releases to select testers updated IE 8 build CES: Zune phone, no. Pink, maybe Ryan Naraine: Window Snyder leaves Mozilla...

Tags: Google Inc., Information Technology, Yahoo! Inc., SAP AG, Apple Inc., Microsoft Corp., Mozilla Corp., Laptop Computer, CRM, E-mail, Cloud Computing, Linux, E-mail Providers, Strategy, Online Communications, Operating Systems, Software, Internet, Management, Larry Dignan

Blog posts 2008-12-11

'End of life' beckons for Firefox 2

If you have not yet upgraded to Firefox 3, keep in mind that Mozilla is very close to pulling the plug on support for older versions of the browser. Support for Firefox 2, which includes security and stability patches, is scheduled to end six months after Firefox...

Tags: Mozilla Firefox 3.0, Mozilla Firefox, Mozilla Firefox 2.0, Web Browsers, Internet, Ryan Naraine

Blog posts 2008-10-29

Dirty dozen: Firefox ships patch for 12 security flaws

Mozilla has released another point update for its flagship Firefox browser to provide fixes for at least 12 documented security vulnerabilities.  Some of the flaws put millions of Web surfers at risk of remote code execution attacks. The Firefox 3.0.2 update addresses two issues rated by Mozilla...

Tags: Developer, Mozilla Firefox, Attacker, Vulnerability, Mozilla Corp., Web Browsers, Security, Internet, Ryan Naraine

Blog posts 2008-09-24

Browser Wars 2.0: Firefox scrambles to add 'private mode' browsing

At Black Hat last month, when I spoke to Mozilla security chief Window Snyder, she made it clear that Private Browsing would not make it into the next revision of Firefox. Today, the open-source group all but announced that the privacy feature, which puts the browser into...

Tags: Mozilla Firefox, Web Browser, Mozilla Corp., Web Browsers, Internet, Ryan Naraine

Blog posts 2008-09-12

News to know: Mozilla; Windows Server; LinuxWorld; Apple

Notable headlines: Ryan Naraine: Talking Firefox security with Mozilla's Window Snyder Mary Jo Foley: What's next for Windows Server Microsoft finalizes SQL Server 2008 TechRepublic: 10 questions and answers about Microsoft Live Mesh Dancho Danchev: Today's...

Tags: google inc., larry dignan, microsoft windows server, server, apple inc., mozilla corp., linux, phishing, smart phones, service-oriented architecture (soa), cyberthreats, microsoft windows, operating systems, unix, open source, software, security, spam and phishing, consumer electronics, personal technology, web services, enterprise software

Blog posts 2008-08-07

Talking Firefox security with Mozilla's Window Snyder

Talking Firefox security with Mozilla's Window SnyderProtected Mode is the only thing FireFox is missingWhat I can't figure out is why it should be hard to add. FireFox already works with AppArmor so we know it can run with very few rights.FireFox is still my favorite browser by far and...

Tags: Web browsers, security, Mozilla Firefox, Mozilla window, Firefox security, Protected Mode, Mozilla Corp., window

Discussion threads 2008-08-06

Protocol handlers cause Mozilla Firefox 3 remote command execution vulnerabilities

Update 07/16/2008: Apparently I neglected to mention that this has been patched already.  Reading over it again and a heads up from a reader pointed out the error to me.  As always, great job by Window Snyder and the Mozilla Security Team for getting this patched quickly. ...

Tags: Mozilla Firefox 3.0, Mozilla Firefox, URI, Vulnerability, Mozilla Corp., Attack, Web Browsers, Security, Internet, Nathan McFeters

Blog posts 2008-07-16

Can Mozilla's security metrics project end the patch-counting nonsense?

In partnership with indie security consultant Rich Mogull left Mozilla has launched a valuable Security Metrics Project that could help to -- we can only hope -- put an end to the silly notion that patch-counting helps to determine a product's security posture. The idea is...

Tags: Mozilla Corp., Rich Mogull, Security, Ryan Naraine

Blog posts 2008-07-03