An Interview with Window Snyder
Window Snyder was a senior security strategist at Microsoft before leaving in 2005 to become a founder and CTO of Matasano Security LLC. Last September she became Mozilla Corp.’s security chief and is now responsible for locking down the popular Firefox browser and other programs. In this Q&A, Snyder credits Microsoft for working hard at a faster and more accurate patching process and admits that, sometimes, even Mozilla has to pull back on security updates at the 11th hour. But she says Mozilla will always be a step ahead because a huge open source community is helping the company find and fix problems around the clock.
Somewhat brief (eight points), but yet informative discussion between SearchSecurity.com and Window Snyder. The topic: Security practices of Microsoft and Mozilla, mainly when it comes to patches and security updates. I had never realized just how big the Mozilla nightly tester’s base release is until now:
SeachSecurity.com: While Microsoft has its internal team of researchers to work on these problems, Mozilla has the entire open source community on the case.
Snyder: Exactly. Mozilla has the benefit of an enormous community that helps us test our nightly builds. There’s something like 10,000 people downloading and testing it every night. That’s a huge number of people working on security patches and new versions of the browser, testing them in different combinations on different platforms. That’s the real difference between our process and Microsoft’s.