Netscape Releases Security Update

daria42 writes "Less than 24 hours after releasing Netscape 8, Netscape has released a security patch bringing the browser up to version 8.0.1. The patch address security vulnerabilities in version 1.0.3 of the Firefox code on which Netscape is based. The update comes amid online criticism from Firefox developers that the browser was insecure."

Netscape's Original 8.0 Release

ZDNet Australia has a scathing report on problems with Netscape's original 8.0 release, which shipped with known critical security bugs. ZDNet notes that several key Mozilla devs have lashed out at Netscape, including Firefox lead developer Ben Goodger, who posted a live exploit of the known vulnerability. Gervase Markham, another Mozilla employee found Netscape's claim that Firefox 1.0.4 is "outdated" ridiculous. Ali Ebrahim, another contributor commented that Netscape's claim of "more security choices" is based on a false premise. To their credit, Netscape has since released Netscape 8.0.1, based on Firefox 1.0.4 which plugs the most severe known issues, though the question still remains as to why they released 8.0 in the first place if it contained such severe security issues.

Re:software and bridges

[AKAImBatman]

That's the luxury software developers have that civil engineers don't. Its not exactly possible to go back and fix a mistake you made while building a multi-million dollar bridge.

That's what you think. New structures are found to be unsound all the time, which usually requires that the structure be patched in some form or another.

Take the case of the London Millennium Bridge which suffered from Resonant vibration (a common problem with suspension bridges). It wasn't planned for because it was assumed that such vibrations couldn't happen from mere pedestrian traffic. The solution was to retrofit 37 fluid-viscous dampers and 52 tuned mass dampeners.

In short, don't think that engineering is that much different from software. They're quite similar, to the point of being frightening.