Mozilla steals Window from Microsoft to secure FireFox

* Microsoft security specialist joins Mozilla

Is the headline confusing enough for you? Here's the news: the Mozilla Foundation - developer of the open source Firefox Web browser among other products - recently hired Window Snyder, former Microsoft security specialist who helped bolt down the code in Windows XP and Windows Server 2003, among her other projects and roles at the company.

Reports say Snyder's role at Mozilla will resemble "Chief Security Something," as stated by Mozilla engineering honcho Mike Schroepfer in his blog. The move to seek out a security guru for the Mozilla code base comes as the open source software development outfit has seen a steady rise in downloads and installations. According to Web analytics firm OneStat.com, Firefox now accounts for around 13% of all Internet users' browser software, compared with Microsoft's 86% market share with Internet Explorer. (This is almost a doubling in market share from a year ago, when various analyst firms put Firefox usage at around 7% to 8%.)

With greater exposure comes greater threats, is probably the theory at Mozilla, hence the creation of a full-time "Security Something" position. Earlier this year, attack code was published that exploited a weakness in Firefox browsers and the number of vulnerabilities discovered in Firefox is reportedly on the rise. Mozilla has taken other steps to secure its open-source browser code, such as reported plans to include tools such as antiphishing code in upcoming versions.

But is hiring a former Microsoft security specialist the correct step in securing Firefox? According to research firm Secunia, Microsoft has twice as many security advisories as Mozilla, and around seven times as many unpatched flaws as Firefox. But experts say this is due to the large target Microsoft wears as the most prominent software company in the world. So regarding Window's new gig a Mozilla, who would you rather have protecting your butt - ex-Swiss Guard, or ex-Mossad?

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2006 IDG Communications, Inc.