[ISN] 'Geek girl' helps keep Mozilla safe in scary times

From: InfoSec News (alerts@private)
Date: Wed Jun 18 2008 - 03:34:05 PDT


By Jon Swartz
June 17, 2008

SAN FRANCISCO -- Window Snyder isn't your average security czar.

As chief of security at Mozilla Foundation, the unconventional 
non-profit whose popular Web browser Firefox underwent a major facelift 
this week, Snyder cuts an unconventional swath.

For starters, her title is "chief security something-or-other" (yeah, 
that's on her business card). It befits her wide-ranging role at 
Mozilla, the Web browser developer that relies on the contributions of 
thousands of programmers worldwide. The programmers generally work for 
free, but Snyder's salary is paid with revenue Mozilla generates through 
business partnerships with Google, Amazon.com and others.

Organized cybercrime gangs are more highly focused than ever on taking 
control of your computer through browser-based hacks. They've already 
turned some 40% of the world's 800 million Internet-connected PCs into 
obedient "bots" used to spread spam, harvest your sensitive data and 
commit fraud. The bad guys are highly motivated to expand their bot 
empires. And their favorite tactic to wrest control of your machine is 
by corrupting browser-run applications that enable all of the Web's 
coolest functions, like watching videos and social networking.

Because Mozilla's Firefox browser is based on open-source code that is 
continually refined by volunteers, it is widely considered by tech 
security experts to be the most secure, though by no means impregnable, 
browser. Into the virulent dark side of Web 2.0 strolls Snyder, leader 
of some 20,000 independent programmers committed to shoring up Firefox's 
first line of defenses.

In setting out to elevate Firefox's basic security, Snyder is also 
compelling Microsoft and Apple, maker of the Safari browser, to follow 
her lead -- or get out of the way.

Snyder's rising star is sure to ascend even more this week, with the 
release of Version 3.0 of Firefox on Tuesday. The release is packed with 
new features, most notably stiffer security, faster speed and improved 
ease of use.

"The fun is in deconstructing where the security holes are," Snyder, 32, 
says with a wry smile and knowing laugh.


Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com

This archive was generated by hypermail 2.1.3 : Wed Jun 18 2008 - 03:41:14 PDT