AMD Planet

[Staff]

<br>Mozilla Foundation promette un premio di 500$ a chi per primo segnalerà i bug ritenuti critici nei software Mozilla, Firefox e Thunderbird. Sponsor dell'iniziativa Mozilla Security Bug Bounty Program (MSBBP) è Linspire, che metterà a disposizione 5000$. Per maggiori informazioni andate <a href="http://www.mozilla.org/security/">qui</a>.<p>
<blockquote><i>MOUNTAIN VIEW, Calif. - August 2, 2004 - The Mozilla Foundation today announced the Mozilla Security Bug Bounty Program, an initiative that rewards users who identify and report security vulnerabilities in the open source project's software. Under the new program, users reporting critical security bugs - as judged by the Mozilla Foundation staff - will collect a $500 cash prize. The new initiative was launched with funding from leading Linux software developer Linspire, Inc., and renowned Internet entrepreneur Mark Shuttleworth.<p>

"As Mozilla software builds momentum in the marketplace, I'm inspired by the Mozilla Foundation's enduring commitment to transparency and responsiveness on security issues, and I am happy to support this program," commented Mark Shuttleworth.<p>

Identifying software security vulnerabilities requires constant vigilance, and preventing those issues from becoming problems necessitates a dedicated effort to provide quick and effective responses. The Mozilla project has developed a community of users and developers who are passionate about computer security and who continuously provide feedback on Mozilla software. The Mozilla Security Bug Bounty Program seeks to further encourage the community's focus on security consciousness and responsiveness.<p>

"This program reflects our commitment to protecting consumers from malicious actors," commented Mitchell Baker, President of the Mozilla Foundation. "Recent events illustrate the need for this type of commitment. While no software is immune from security vulnerabilities, bugs in open source projects are often identified and fixed more quickly. The Security Bug Bounty Program will help us unearth security issues earlier, allowing our supporters to provide us with a head start on correcting vulnerabilities before they are exploited by malicious hackers."<p>

Security experts agree that it is virtually impossible to produce software that is absolutely secure against all possible attacks. As a result, experts recommend that software combine a strong security design and good security practices to maximize the amount of protection available. The Mozilla Security Bug Bounty Program provides an additional mechanism for identifying potential vulnerabilities.<p>


"Worry-free security on the Internet is long overdue and we're committed to supporting the Mozilla Foundation's efforts to give users peace of mind," said Michael Robertson, Chief Executive Officer of Linspire, Inc. "We strongly urge the open source community to take advantage of this initiative to help identify and report any security problems for correction."</i></blockquote><p>