Mozilla and Security

Tuesday March 28th, 2000

Nothing like a little rhetoric to get you hopping in the morning. This latest comes from some guy called AP who made a submission to Slashdot regarding a discussion currently going on in In it, he states that the Mozilla team is contemplating limiting access to security bugs, implying that the team is substituting obscurity for security. He fans the flames by saying "Are Mozilla developers missing the point of open source (implying open security bugs) or are they under pressure from Netscape?"

If you read the discussion thread titled "Security bugs and disclosure" in, you will see that the discussion is not exactly what AP portrayed, and members are actually having a serious discussion about disclosure, security and Open Source. This is what Open Source is about, people!!! What kind of access would you have to this kind of discussion if the process was closed? Open Source isn't just about open code - it's about open discussion, as well. And has provided ample opportunity for discussion regarding practically every level of the development process. I think the fact that AP came across this discussion at all proves that the discussion process is adequately open.

If you have opinions regarding this, you should feel free to post them in the security newsgroup, but please read the previous posts in the thread, because they are reasonable posts from people who are trying to do the right thing.

#3 Re: The answer is PARTICIAPTION

by uksi

Tuesday March 28th, 2000 8:50 AM

You are replying to this message


Normally, I read Slashdot once or twice a week, when I know I have an hour or two to waste. I used to do it every day, then got fed up and stopped.

I think it's a neat news resource, but you definitely have to watch out for trolls (or whatever you call 'em) like that AP's submission.