Firefox 3.5's First Vulnerability "Self-Inflicted"
CWmike writes "Mozilla has confirmed the first security vulnerability in Firefox 3.5, saying that the bug could be used to hijack a machine running the company's newest browser. A noted Firefox contributor called the situation 'self-inflicted' and said it was likely that the hacker who posted public exploit code Monday became aware of the flaw by rooting through Bugzilla, Mozilla's bug- and change-tracking database. The vulnerability is in the TraceMonkey JavaScript engine that debuted with Firefox 3.5, said Mozilla. '[It] can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code,' Mozilla's security blog reported Tuesday."
Good thing I'm using Internet Explorer!
Oh wait...
w00t
That's right, get it from The Official No-Script Site.
is Google Chrome...
PEOPLE IN GLASS HOUSES SHOULDN'T THROW STONES - "Those who are vulnerable should not attack others. The proverb has been traced back to Geoffrey Chaucer's 'Troilus and Criseyde' (1385). George Herbert wrote in 1651: 'Whose house is of glass, must not throw stones at another.' This saying is first cited in the United States in 'William & Mary College Quarterly' (1710). Twenty-six later Benjamin Franklin wrote, 'Don't throw stones at your neighbors', if your own windows are glass.' 'To live in a glass house' is used as a figure of speech referring to vulnerability." From "Random House Dictionary of Popular Proverbs and Sayings" (1996) by Gregory Y. Titelman (Random House, New York, 1996).
A reminder to all open source developers tempted to continue talking endless flak about Microsoft and Sun products.
Futurist Traditionalism
When you wish to download Firefox or Thunderbird, you are redirected from Mozilla.org to Mozilla.com, so in this case calling it a company is most certainly correct - the Mozilla corporation is distributing the software to you, not the Mozilla foundation.
So when Blizzard redirects me to another CDN site or torrent for their patches, I am to assume it is the CDN or seeder that is developing the patch?