09.02.11 - 06:28pm
Earlier this week we revoked our trust in the DigiNotar certificate authority from all Mozilla software. This is not a temporary suspension, it is a complete removal from our trusted root program. Complete revocation of trust is a decision we treat with careful consideration, and employ as a last resort. Three central issues informed our [...]
05.11.10 - 12:02pm
It’s been a few months since I wrote about the work our plugin check team has been doing, but there are a couple of pretty excellent pieces of news I’d like to share, most notably: the Mozilla plugin check now works for users of other browsers as well. Plugin Check: A Refresher Last fall, we [...]
03.31.10 - 06:41am
Privacy isn’t always easy. We’re close to landing some changes in the Firefox development tree that will fix a privacy leak that browsers have been struggling with for some time. We’re really excited about this fix, we hope other browsers will follow suit. It’s a tough problem to fix, though, so I’d like to describe [...]
03.22.10 - 09:22pm
Mozilla has accelerated its timetable and released Firefox 3.6.2 ahead of schedule. This release contains a number of security fixes, including a fix to Secunia Advisory SA38608 which was previously discussed on this blog when we were first made aware of and were then able to confirm the issue. For additional information please see Mozilla [...]
11.16.09 - 03:29pm
[This post originally appeared on Mozilla Developer News] We hate crashes. When Firefox crashes, we try to get you back on your feet as quickly as possible, but we’d much rather you not crash in the first place. In Firefox 3.6, we are changing the way that some third party software hooks into Firefox which [...]
10.19.09 - 04:17pm
Mike Shaver has posted an update on the situation surrounding our blocking of the .Net Framework Assistant and WPF plugin. In it, he discusses the current state of affairs, the series of events that got us to this point, as well as the steps we, and Microsoft, are taking to get the situation resolved.
10.13.09 - 07:35pm
A little over a month ago, I talked about a project we had started to inform users when their plugins were out of date. This is a really important project for us, because old versions of plugins can cause crashes and other stability problems, and can also be a major security risk. In the first [...]
12.10.08 - 12:15pm
I will be leaving Mozilla at the end of the year. I am sad to be leaving, but I am excited to go work on something I have always been passionate about. I wish I could tell you about it now, but that will have to wait for a while. You will still get Mozilla [...]
07.02.08 - 05:10pm
Mozilla has been working with security researcher and analyst Rich Mogull for a few months now on a project to develop a metrics model to measure the relative security of Firefox over time. We are trying to develop a model that goes beyond simple bug counts and more accurately reflects both the effectiveness of secure [...]
09.18.07 - 03:09pm
Firefox 2.0.0.7 was released this afternoon to patch the QuickTime issue described here. This will protect Firefox users from the public critical security vulnerability until a patch is available from Apple. I would like to personally thank the individuals at Apple who worked with us and the engineers at Mozilla that work so hard to [...]
