Archive for August 3rd, 2007

Ten Fucking DaysMozilla can deploy a fix for any security bug reported under responsible disclosure in "Ten Fucking Days", according to Mike Shaver.

RSnake, the recipient of this claim written black on white over a business card, sounds quite skeptic.
But I can see it happening.

I've seen many security patches which couldn't wait (i.e. cats out of the bag), being developed and reviewed in 3-4 days.
In a famous recent case, even in 2 days.
Counting the Q/A needed before deploying an automatic update, 10 days is a feasible goal.


Bad Behavior has blocked 924 access attempts in the last 7 days.