Comments on: 2007-01-18 Trunk builds http://www.squarefree.com/burningedge/2007/01/18/2007-01-18-trunk-builds/ Developments in nightly builds of Mozilla Firefox Sat, 05 Jul 2008 11:01:35 +0000 http://wordpress.org/?v=2.5 By: Jesse Ruderman http://www.squarefree.com/burningedge/2007/01/18/2007-01-18-trunk-builds/#comment-4213 Jesse Ruderman Sat, 20 Jan 2007 12:54:33 +0000 http://www.squarefree.com/burningedge/2007/01/18/2007-01-18-trunk-builds/#comment-4213 The idea of creating a "Month of Mozilla Bugs" sounds fun, but I'm guessing we wouldn't want it to work the same way as MoAB (disclosing ~30 severe bugs to the public and the vendor at the same time). Do you have ideas about how it could work? Here are some of my thoughts: * Invite people who might not currently be Mozilla hackers to help fix long-standing bugs (including sg:want bugs); pledge help over IRC and speedy review of patches. * Discuss some especially clever bug finds (162020), exploits (311497#c10), and bug-finding techniques (349611) that have come from the Mozilla community and independent researchers in the past. Mention when the bug finders have won bug bounties, and award bug bounties as part of the MoMB if we should have awarded them earlier but forgot to. Good people to discuss this with include Dan Veditz, Window Snyder, Chris Hofmann, and Mike Schroepfer. Btw, the first "Month of * bugs" (afaik) was the "Month of Browser Bugs", run by HD Moore in July 2006. The idea of creating a “Month of Mozilla Bugs” sounds fun, but I’m guessing we wouldn’t want it to work the same way as MoAB (disclosing ~30 severe bugs to the public and the vendor at the same time). Do you have ideas about how it could work? Here are some of my thoughts:

* Invite people who might not currently be Mozilla hackers to help fix long-standing bugs (including sg:want bugs); pledge help over IRC and speedy review of patches.

* Discuss some especially clever bug finds (162020), exploits (311497#c10), and bug-finding techniques (349611) that have come from the Mozilla community and independent researchers in the past. Mention when the bug finders have won bug bounties, and award bug bounties as part of the MoMB if we should have awarded them earlier but forgot to.

Good people to discuss this with include Dan Veditz, Window Snyder, Chris Hofmann, and Mike Schroepfer.

Btw, the first “Month of * bugs” (afaik) was the “Month of Browser Bugs”, run by HD Moore in July 2006.

]]> By: Manoj Mehta http://www.squarefree.com/burningedge/2007/01/18/2007-01-18-trunk-builds/#comment-4212 Manoj Mehta Sat, 20 Jan 2007 08:41:05 +0000 http://www.squarefree.com/burningedge/2007/01/18/2007-01-18-trunk-builds/#comment-4212 Like there has been a MOKB, a MOAB and a Month of Google Bugs, I think the Mozilla org should proactively instate a Month of Mozilla Bugs. If the Mozilla Org announces this initiative before a hacker out there, it will buy positive press, make the organization seem security conscious and will take the limelight away from hackers, among other goals that I can't foresee. Is there anyone I can contact with this idea? Like there has been a MOKB, a MOAB and a Month of Google Bugs, I think the Mozilla org should proactively instate a Month of Mozilla Bugs. If the Mozilla Org announces this initiative before a hacker out there, it will buy positive press, make the organization seem security conscious and will take the limelight away from hackers, among other goals that I can’t foresee. Is there anyone I can contact with this idea?

]]>