|
|
|
|
|
|
by fulafel
1469 days ago
|
|
|
I wasn't talking about Firefox specifically, I could have made that more explicit... But it's good to hear that Mozilla has good culture for this. If there is something you can say or link to about systematic third party code auditing at Mozilla, eg are results public, it would be interesting to hear. Or about how many vulnerabilities are discovered in code audits vs post-shipping security testing like fuzzing and other pentesting-y activities. (Of course good control of versions is still a worthy goal for many situations even if you don't do this) |
|
|