Articles in “Musings”

Economics of vulnerabilites roundtable

Mozilla recently had the opportunity to participate in a panel discussion regarding the economics of vulnerabilities and bug bounties at the Hack in the Box conference in Amsterdam. Out of … Read more

Thoughts on Identity and Privacy

I’ve posted some of my recent thinking on privacy and identity. For some time we’ve generally seen privacy treated as its own problem domain, oddly divorced from the realms of … Read more

Beware the Security Metric

Security metrics are very difficult to do well, and easy to do poorly. For example, take a look at the recent Secunia “2008 Report” ( It tries to break down … Read more