Comments on: Zero Day Vulnerability

By: Little Place of Kamaruddin » Blog Archive » June’s Good News

Little Place of Kamaruddin » Blog Archive » June’s Good News — Sat, 21 Jun 2008 08:54:06 +0000

[...] that the vulnerability was intentionally made public on that particular day for the benefit of ZDI. Robert Accettura’s post has something for us to [...]

By: hackademix.net » Firefox 3 Untimely Security Advisory

hackademix.net » Firefox 3 Untimely Security Advisory — Thu, 19 Jun 2008 10:16:05 +0000

[...] exactly in the middle of the Firefox 3 download day. A unluckily coincidence, of course: only a conspiracy theorist could suspect that the timing has been chosen in order to maximize the hype effect for the Zero Day [...]

By: Mitch 74

Mitch 74 — Thu, 19 Jun 2008 09:24:27 +0000

@pd: alphas, nightlies and betas, yes; they are not run by that many people (except Fx3 beta 5, shipped with Ubuntu)

The vulnerability in question also exists in Firefox 2; so no, it’s not new. It just appeared now, but it is suspicious that it should appear right during the Fx3 Download Day.
We’ll have release 3.0.0.1 in a few days… A few other patches were in the pipe too.

Mitch

By: pd

pd — Thu, 19 Jun 2008 09:14:30 +0000

“Reality is” that nobody except the most technically aware and adventurous users looks at beta and nightly version.

The marketing said the launch was yesterday, the version Mozilla had said is ready for the public was released yesterday.

“Reality” is subjective.

How about Mozilla stop wasting time writing blogs posts that try to redefine the world’s million different perceptions of “reality” and just stick to the facts. Is there are a vulnerability or not? If so, fix it!

You can’t on one hand say (paraphrased) “we fix security holes faster than anyone” in your marketing and then on the other say “oh but nah, but, uhmmm, but reality is, … it’s not *really* 5 hours …”.