Type the Magic Word and You Get to Read this Blog
A monster is what security has become. In the name of protecting us, computer security has become our tyrant.
...Posts Tagged ‘Security’
IE August Cumulative Security Update Now Available
The IE Cumulative Security Update for August 2010 is now available via Windows Update. This security update resolves six privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a use... ...
Celebrating Six Months of Chromium Security Rewards
It has been approximately six months since we launched the Chromium Security Reward program. Although still early days, the program has been a clear success. We have been notified of numerous bugs, and some of the participants have made it clear that i... ...
Add-on security vulnerability announcement
One malicious add-on and another add-on with a serious security vulnerability were discovered recently on the Mozilla Add-ons site. Both issues have been dealt with, and the details are described below. Mozilla Sniffer Issue An add-on called “Mozilla Sniffer” was uploaded on June 6th to addons.mozilla.org. It was discovered that this add-on contains code that intercepts ...
Google Chrome, Apple Safari Flunk Password Security—Big Time
Each browser was susceptible to vulnerabilities that expose password information. ...
Rely on Declarative Security Features in the Browser
Cutting edge web applications push the boundaries of the web development model. In the security space, this raises an interesting question – who owns security for a web application built on a complex platform hierarchy? Is it the application at t... ...
Introducing the AMO Editor Guide
Reviewing add-ons is a complicated task, and we haven’t been very good at documenting the whole process. New editors were trained live through IRC, and the training session usually took the better part of 2 hours. Even though I am pretty much the only person training new editors, it is very difficult to convey the ...
IE June Security Update Now Available
The IE Cumulative Security Update for June 2010 is now available via Windows Update. This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The most severe vulnerabilities co... ...
Privacy, Add-ons, and Cookie-less HTTP Requests
A recent article incorrectly suggested that Internet Explorer add-ons must send and store cookies when making HTTP requests. That’s simply not true-- Internet Explorer APIs enable add-ons to respect the user’s privacy and not leak informati... ...
Add-ons Review Update – Week of 2010/05/25
Summary These bi-weekly posts explain the current state of add-on reviews and other information relevant to add-on developers. There’s a lengthy overview of the Add-on Review Process posted in this blog that ...