Slashdot Mirror

← Back to Stories (view on slashdot.org)

Former MS Security Strategist Joins Mozilla

Posted by ryuzaki0 on from the jumping-the-fence dept.

Handset writes "Former Microsoft security strategist Window Snyder is joining Mozilla to lead the company's effort to protect its range of desktop applications from malicious hacker attacks. eweek.com reports that Snyder, who was responsible for security sign-off for Microsoft's Windows XP Service Pack 2 and Windows Server 2003, will spearhead Mozilla's security strategy and improve its communications with external hackers and bug finders."

15 of 248 comments (clear)

  1. MS Trojan by wardk · · Score: 5, Funny

    a human trojan has been inserted into Mozilla?

    glad Safari uses the khtml engine...

  2. I can't wait to see this thread... by pookemon · · Score: 5, Insightful

    Will the Mozilla fans throw their arms up in disgust (An MS Security expert - that's a contradiction!) or will they suddenly be supportive of someone they have effectively been bagging for years? (An MS Security expert for Mozilla! - what a coup!)

    --
    dnuof eruc rof aixelsid
    1. Re:I can't wait to see this thread... by Moofie · · Score: 5, Informative

      This is gonna totally blow your mind, but....here goes.

      Two different people might have two different opinions.

      [neo]WHOA![/neo]

      --
      Why yes, I AM a rocket scientist!
  3. That time again? by ikejam · · Score: 5, Funny

    hooray..lets have it...chairs all around..here you go..two for you...Redmond Cherry or Vista White?

  4. So... by Umbral+Blot · · Score: 5, Insightful

    We can draw two possible conclusions from this. Either a: MS' security team was made of good people who were doing the best they could for such a large project with such a large user base and extensive backwards compatability, and thus that Windows security was the best it could have been (even if that wasn't so good). Or Mozilla's security is going to go down the tubes. It's a slashdot paradox! Clearly we can't grant #1, because that wouldn't be sufficiently critical of MS, but be can't grant #2 either because we love Mozilla. I'm just glad Mozilla doesn't think this way.

    --

    Philosophy.
    1. Re:So... by MacDork · · Score: 5, Funny

      We can draw two possible conclusions from this.

      Ahhh, but you've overlooked the most important factor: Window Snyder is female! Therefore neither of your proposed solutions is correct. Slashdot readers, once they have discovered this will completely forget all context in the discussion. They will find pictures, fawn over teh hotness, and begin building web shrines in their basements throughout the globe.

      Gentlemen, ready your hot grits. :-P

    2. Re:So... by Kelson · · Score: 5, Funny
      Clearly we can't grant #1, because that wouldn't be sufficiently critical of MS, but be can't grant #2 either because we love Mozilla.

      For some reason I want to adapt this to the duel of wits from The Princess Bride:

      But it's so simple. All I have to do is divine from what I know of you: are you the sort of site that would approve of an enemy, or the sort of site that would reject a friend?

      A site that hates Microsoft would complain that because Microsoft's security has been notoriously poor, then Mozilla must be making a mistake. Since Slashdot tends toward favoring Mozilla, clearly I cannot choose the whine in front of you.

      A site that loves Mozilla would have to rationalize the decision, and conclude that the security expert is worth hiring. But since that speaks favorably of Microsoft's security, I can clearly not choose the whine in front of me!

      But Slashdot is known for its vindictiveness. Given a choice between reasoned discourse and pure snark, the site will go for snark every time. So clearly I cannot choose the whine in front of you!

      etc.

      I'm just glad Mozilla doesn't think this way.

      In all seriousness, I've got to agree with you here. Though there's certainly been plenty of "MS has lousy security" rhetoric from people at Mozilla over the last few years.

  5. April 1st by Anonymous Coward · · Score: 5, Funny

    Cmon Slashdot, a guy from Microsoft whose first name is "Window" and had a job implementing security at Microsoft??? These April Fools jokes get dumber every year.

  6. Joke? by dk.r*nger · · Score: 5, Funny

    This has to be a joke. Microsoft actually employed a named Window S. ??

    1. Re:Joke? by Effugas · · Score: 5, Funny

      Yes, the joke between us for quite some time was that she would normally have gotten the email address windows@microsoft.com...but it seemed to have already been taken.

  7. Window Snyder? by ktakki · · Score: 5, Funny

    Is he required to change his name to Mozilla Snyder now?

    Sorry.

    k.

    --
    "In spite of everything, I still believe that people are really good at heart." - Anne Frank
  8. Re:Funny? by Kelson · · Score: 5, Funny
    I thought this was supposed to a forum for serious discussion, not a fucking comedy club wanna-be.

    You must be new here.

  9. Re:First Of All, Congrats by Anonymous Coward · · Score: 5, Funny

    I thought your post was going to go something like this:

    Window's an old friend of mine, so let me be the first to congratulate her.

    Sincerely,
    Door

  10. Window is great, but MS security still miserable by fv · · Score: 5, Insightful

    So the security world used to be pretty hostile to MS, before, you know, XPSP2, MSRC got taken seriously, etc.

    Used to be? Maybe you see a different view of them when they hire you for security consulting and fly you out for their Blue Hat conferences and such. But from my outsider perspective, Microsoft is still a security disaster. Not only have we continued to see hundreds of serious vulnerabilities throughout 2006, but MS has in many cases made us wait weeks or months before patching widely exploited bugs. Heck, another actively exploited MS Office vulnerability was just discovered in the wild. If we're lucky, MS will cough up a patch on September 12, otherwise they'll probably leave users vulnerable until the next "patch Tuesday" on October 10.

    Meanwhile, Microsoft recently re-issued MS06-042 with a fix for a vulnerability introduced by their first attempted fix. And they openly admit that they excluded eEye from the advisory credits because eEye embarrassed MS by making their incompetence public. MS is more interested in petty vendetas against researches than actually fixing the flaws.

    Microsoft has made a few positive steps toward securing their products in that last couple of years, but I think most of their efforts and successes are more in the PR realm than anything with technical merit. They have spent so much money sponsoring conferences (their money does come with strings attached) and paying off security researches, that many people seem reluctant to criticize them.

    OK, enough anti-MS ranting from me for now :). My main point in replying is actually to agree with you about Window. She is extremely smart and talented, and her defection to Mozilla is great news for a product which really needs more security attention. We had lunch last week to discuss Mozilla security and Window has some great ideas. Mozilla may already be much more secure than IE, but we should set a much higher bar than that! Best of luck at your new position, Window!

    -Fyodor
    Insecure.Org

  11. Re:Clearly... by MacDork · · Score: 5, Funny

    Window and Linus need to get married. They could even name their first child Lindow.

    Yeah, but the kid would do nothing but WINE. ;-)