SHUTTLEWORTH FUNDS MOZILLA BUG-CATCHING FUND

Computing

    Following last week's announcement by the Mozilla Foundation that two serious security issues had been found in its popular Mozilla and Firefox browsers, News.com reports that the Foundation has launched a campaign to pay security researchers for each bug they find. The programme, called the Mozilla Security Bug Bounty Programme, will pay users $500 for every "serious" flaw.

  The security bug tracker fund will be funded by Linux software vendor Linspire and South African Internet entrepreneur Mark Shuttleworth. Shuttleworth is the founder of digital certification company Thawte in Cape Town South Africa. Ironically the flaws announced last week that prompted the announcement of the security bug-tracking programme centred around the failure of the Mozilla family of browsers to deal correctly with digital certificates. Linspire and Shuttleworth have both contributed $5000 to start the programme.

  "Recent events illustrate the need for this type of commitment," Mitchell Baker, president of the Mozilla Foundation, said in a statement. "The (programme) will help us unearth security issues earlier, allowing our supporters to provide us with a head start on correcting vulnerabilities before they are exploited by malicious hackers."

  "We (the Mozilla Foundation) are moving into our second year, and we are going back and reviewing all the programs in place that we had in the past and setting priorities for the next year," said Chris Hofmann, director of engineering for the foundation. "Security is an area that we are serious about, and we wanted to get the ball rolling." He added that the foundation will continue to look for more contributors to the program. Read the full story here at News.com