[ISN] Mozilla wants to measure Firefox security metrics

From: InfoSec News <alerts_at_private>
Date: Thu, 10 Jul 2008 03:26:17 -0500 (CDT)
http://www.thetechherald.com/article.php/200828/1433/Mozilla-wants-to-measure-Firefox-security-metrics

By Steve Ragan
The Tech Herald
July 8, 2008

Mozilla has started a program that will create a sort of measurement 
guide showing how well the Firefox developers deal with security issues. 
Details of the project were announced last week, which explain that the 
project's mission is to track not only how security is handled, but how 
long it takes to protect Firefox's growing user base when 
vulnerabilities are discovered.

Mozilla has been working with Rich Mogull for awhile now, creating a 
project that will develop a metrics model for security measurement. 
"I've been working in the security world for 17 or so years, and 
breaking my computers even longer. After about 10 years in physical 
security (mostly running large events/concerts) I made the mistake of 
getting drunk in Silicon Valley and telling someone I 'worked in 
security'. Next morning I woke up with a job as an IT security 
consultant. That's not totally true, but it's far more amusing than my 
full biography," Mogull jokes. The truth is, he is the founder of 
Securosis, and spent over seven years as a security analyst with 
Gartner.

The Metrics project that Mozilla has launched is likely similar to other 
things that have been used internally at other companies. However, the 
importance of this initiative from Mozilla is that it is completely open 
and public. They want the security community, and community as a whole, 
to weigh in and offer feedback.

[...]


_______________________________________________      
Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com
Received on Thu Jul 10 2008 - 01:26:17 PDT

This archive was generated by hypermail 2.2.0 : Thu Jul 10 2008 - 01:47:34 PDT