Mozilla’s security chief has stepped into the debate about the disclosure of security bugs by saying that software developers are at the mercy of bug hunters.



Mozilla security chief Window Snyder called on security researchers to follow responsible disclosure guidelines, giving vendors a reasonable amount of time to fix bugs before making them public. As things stand, bug hunters have the whip hand, she argued.

http://www.theregister.com/2007/03/26/mozilla_full_disclosure/