It takes courage to admit your product is insecure

firefox-120.jpgKudos to Mozzila’s chief security officer, Window Snyder (yes, that’s his real name), who wrote on this blog recently that Firefox was at least partly to blame for a vulnerability that affected Microsoft’s Internet Explorer as well. I had lambasted both firms recently for turning a serious security issue into a spat among rivals, but this marks a turning point.

“We thought this was just a problem with IE. It turns out, it is a problem with Firefox as well. We should have caught this scenario when we fixed the related problem in,” he writes. “We believe that defense in depth is the best way to protect people, so we’re investigating it now.”

Along with defence in depth should be added another collary: communication in depth, where CSOs and other security professionals are as up front as possible about their flaws. That’s when we all start learning. This shows both the power of transparency and the power of blogging as a medium for transparency.

Related Download
CanadianCIO Census 2016 Mapping Out the Innovation Agenda Sponsor: Cogeco Peer 1
CanadianCIO Census 2016 Mapping Out the Innovation Agenda
The CanadianCIO 2016 census will help you answer those questions and more. Based on detailed survey results from more than 100 senior technology leaders, the new report offers insights on issues ranging from stature and spend to challenges and the opportunities ahead.
Register Now