Star Alleged Firefox Hacker Backs Down
Linked by Thom Holwerda on Tue 3rd Oct 2006 18:55 UTC, submitted by anonymous
Mozilla & Gecko clones Smile, we've been on candid camera, and we've been caught with our pants down, standing on our heads, with umbrellas between our teeth. "I have not succeeded in making this code do anything more than cause a crash and eat up system resources, and I certainly haven't used it to take over anyone else's computer and execute arbitrary code. I do not have 30 undisclosed Firefox vulnerabilities, nor did I ever make this claim. I have no undisclosed Firefox vulnerabilities. The person who was speaking with me made this claim, and I honestly have no idea if he has them or not." Of course it did not take long for black helicopters to arrive. Microsoft has computers, so do the hackers: a link! MS is behind it all!
E-mail Print r 7   34 Comment(s) http://osne.ws/cdt
Thread beginning with comment 167874
To read all comments associated with this story, please click here.
Bad Initial Reporting
by Peter Besenbruch on Tue 3rd Oct 2006 19:31 UTC
Peter Besenbruch
Member since:
2006-03-13

Perhaps this sorry mess wouldn't have happened if outfits like Cnet hadn't reported it as straight news. Here are some follow-up reports from SecurityFocus and Brian Krebs:
http://www.securityfocus.com/news/11416
http://blog.washingtonpost.com/securityfix/2006/10/zeroday_firefox_...

What emerges from the stories is the joking nature of the talk, that people found it funny, and most did not take it seriously. Mozilla obviously did, it's their job to take stuff like this seriously. Cnet and their ilk, however, have a duty to provide a bit of context.

As a Firefox user, I browse most sites with Javascript disabled via the Noscript extension. Noscript is a vital tool for browsing the Web, as it selectively can unblock scripts per Web page.

https://addons.mozilla.org/firefox/722/

Given the nature of today's Web, it's always a good idea to control tightly how Javascript is used.

Reply Bookmark Score: 5

RE: Bad Initial Reporting
by Fass on Tue 3rd Oct 2006 21:14 in reply to "Bad Initial Reporting"
Fass Member since:
2005-11-05

Yeah, the one good thing to come of this was exposure for Noscript, which I got the impression a lot of people installed and started using.

Yeah, that's me, I just gotta keep looking for that silver lining! ;)

Reply Parent Bookmark Score: 2

RE[2]: Bad Initial Reporting
by jessta on Tue 3rd Oct 2006 22:46 in reply to "RE: Bad Initial Reporting"
jessta Member since:
2005-08-17

it's terribly difficult to use noscript as so many sites require javascript. I've come across a lot of site that have their layout and navigation menus managed by javascript. Crazy but true.

Most site don't go to the effort of checking if you have javascript enabled before trying to use it.
it's very annoying.

Reply Parent Bookmark Score: 2