A day after launching Netscape 8 and touting the browser's security features, Netscape has released an update to fix several serious security flaws.
The original Netscape 8, released early Thursday, is based on version 1.0.3 of the open-source Firefox browser. Netscape thought the new browser was immune to security vulnerabilities in the Firefox software that were fixed last week in Firefox 1.0.4. It turns out Netscape 8 is vulnerable.
"We had been misinformed by an external security vendor that the Firefox security issues did not affect us," Netscape spokesman Andrew Weinstein said Friday. "Within hours of discovering that the vendor was not accurate, we had addressed those issues and posted an updated version of the browser."
Late on Thursday, the software maker posted Netscape version 8.0.1, which includes fixes for the problems. It plans to push an update out to people who installed the original Netscape 8. However, the company is still working on its update mechanism, so in the meantime people have to go to the Netscape.com Web site to get the patched browser, Weinstein said.
The update is designed to address flaws that were detailed in three security advisories released last week by the Mozilla Foundation, the developer of the Firefox browser. The most serious issues could allow malicious attackers to gain complete control over a victim's PC, according to the advisories.
Netscape, a division of Time Warner's America Online subsidiary, is facing heat over the security goof-up from Mozilla developers. Ben Goodger, lead engineer for Firefox, on Thursday posted an exploit on his
blog to demonstrate that Netscape 8 is vulnerable. At the same time, he pitched Firefox as a more secure Web browser.
"If security is important to you, this demonstration should show that browsers that are redistributions of the official Mozilla releases are never going to give you security updates as quickly as Mozilla will itself for its supported products," Goodger wrote.
Netscape 8 includes features to protect users against online scams such as phishing and spyware. The updated browser automatically adjusts security settings while people surf, based on lists of sites that are known to be malicious and of trusted sites.
"Netscape, a division of Time Warner's America Online subsidiary, is facing heat over the security goof-up from Mozilla developers. Ben Goodger, lead engineer for Firefox, on Thursday posted an exploit on his blog to demonstrate that Netscape 8 is vulnerable. At the same time, he pitched Firefox as a more secure Web browser."
I use and really like Firefox, but if this is any indication of how Mozilla developers are going to act when they get competiton then I may just move on. And then to post an exploit to a problem that exist in another form of it's browser is just bad form. That man should be ashamed of himself.
I don't care how secure Firefox is or isn't, but if you have to post exploits to show how great you are then you have no greatness at all. And think of how many people are probably still on ver 1.0.3 of Firefox. Good Job Jerk.
Though I don't see Netscape and Firefox rivaling, it is quite disheartening to see Netscape not releasing a Mac and/or Linux version of NS 8. Of course most people are stuck on the IE hooks being the case, which is not the case since Netscape could release NS 8 for Mac and Linux without the IE integration.
It's not good PR for Netscape to be deserting some of its (non- Windows) user base.
[i]"If security is important to you, this demonstration should show that browsers that are redistributions of the official Mozilla releases are never going to give you security updates as quickly as Mozilla will itself for its supported products," Goodger wrote.[/i]
If you've ever used Bugzilla (the bug reporting system of Firefox and Mozilla), you'll know that when *security* bugs are reported, they are hidden from public view (marked with a security flag) until they are fixed. You can't blame a derivative product from being unable to fix the security bugs if the details are hidden from them! Here, Ben Goodger's comparison on security is a red herring, since he uses his exclusive control over the access of information as a reason to criticize his competitors.
"Netscape, a division of Time Warner's America Online subsidiary, is facing heat over the security goof-up from Mozilla developers. Ben Goodger, lead engineer for Firefox, on Thursday posted an exploit on his blog to demonstrate that Netscape 8 is vulnerable. At the same time, he pitched Firefox as a more secure Web browser."
I use and really like Firefox, but if this is any indication of how Mozilla developers are going to act when they get competiton then I may just move on. And then to post an exploit to a problem that exist in another form of it's browser is just bad form. That man should be ashamed of himself.
I don't care how secure Firefox is or isn't, but if you have to post exploits to show how great you are then you have no greatness at all. And think of how many people are probably still on ver 1.0.3 of Firefox. Good Job Jerk.
Though I don't see Netscape and Firefox rivaling, it is quite disheartening to see Netscape not releasing a Mac and/or Linux version of NS 8. Of course most people are stuck on the IE hooks being the case, which is not the case since Netscape could release NS 8 for Mac and Linux without the IE integration.
It's not good PR for Netscape to be deserting some of its (non- Windows) user base.
[i]"If security is important to you, this demonstration should show that browsers that are redistributions of the official Mozilla releases are never going to give you security updates as quickly as Mozilla will itself for its supported products," Goodger wrote.[/i]
If you've ever used Bugzilla (the bug reporting system of Firefox and Mozilla), you'll know that when *security* bugs are reported, they are hidden from public view (marked with a security flag) until they are fixed. You can't blame a derivative product from being unable to fix the security bugs if the details are hidden from them! Here, Ben Goodger's comparison on security is a red herring, since he uses his exclusive control over the access of information as a reason to criticize his competitors.
Google creates an animated doodle that features a boy, a girl, Google's search engine, and a jump rope. But might there be darker, more analytical, more troubling interpretations to this tale?
The Silicon Valley online payments startup grew by 1,000 percent last year and is hopeful it can repeat that level of growth this year. To do that, it's had to move away from its early friends-and-family roots and embrace small businesses.
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
I use and really like Firefox, but if this is any indication of how Mozilla developers are going to act when they get competiton then I may just move on. And then to post an exploit to a problem that exist in another form of it's browser is just bad form. That man should be ashamed of himself.
I don't care how secure Firefox is or isn't, but if you have to post exploits to show how great you are then you have no greatness at all. And think of how many people are probably still on ver 1.0.3 of Firefox. Good Job Jerk.
disheartening to see Netscape not releasing a Mac and/or Linux
version of NS 8. Of course most people are stuck on the IE hooks
being the case, which is not the case since Netscape could release
NS 8 for Mac and Linux without the IE integration.
It's not good PR for Netscape to be deserting some of its (non-
Windows) user base.
If you've ever used Bugzilla (the bug reporting system of Firefox and Mozilla), you'll know that when *security* bugs are reported, they are hidden from public view (marked with a security flag) until they are fixed. You can't blame a derivative product from being unable to fix the security bugs if the details are hidden from them! Here, Ben Goodger's comparison on security is a red herring, since he uses his exclusive control over the access of information as a reason to criticize his competitors.
I use and really like Firefox, but if this is any indication of how Mozilla developers are going to act when they get competiton then I may just move on. And then to post an exploit to a problem that exist in another form of it's browser is just bad form. That man should be ashamed of himself.
I don't care how secure Firefox is or isn't, but if you have to post exploits to show how great you are then you have no greatness at all. And think of how many people are probably still on ver 1.0.3 of Firefox. Good Job Jerk.
disheartening to see Netscape not releasing a Mac and/or Linux
version of NS 8. Of course most people are stuck on the IE hooks
being the case, which is not the case since Netscape could release
NS 8 for Mac and Linux without the IE integration.
It's not good PR for Netscape to be deserting some of its (non-
Windows) user base.
If you've ever used Bugzilla (the bug reporting system of Firefox and Mozilla), you'll know that when *security* bugs are reported, they are hidden from public view (marked with a security flag) until they are fixed. You can't blame a derivative product from being unable to fix the security bugs if the details are hidden from them! Here, Ben Goodger's comparison on security is a red herring, since he uses his exclusive control over the access of information as a reason to criticize his competitors.
And this is when Netscape has a vanishingly small market share. Imagine the potential mess should they ever garner any actual market share.
And this is when Netscape has a vanishingly small market share. Imagine the potential mess should they ever garner any actual market share.