The Inquirer-Home

Firefox vulnerability claim was fabricated

And so it goes
Wed Oct 04 2006, 08:31
A HACKER who told the Toorcon conference that Firefox was a complete security mess and couldn't be fixed has admitted that he made it all up.

Mischa Spiegelmock claimed that there was a serious Javascript bug in the decade old code which made it a doddle to cause stack overflows.

Since his announcement, security boffins worldwide have been trying to work out what he meant and duplicate his results. However, when the security supremeo at the Mozzarella Foundation, Window Synder caught up with him, Spiegelmock admitted he was just having a laugh.

He said the main purpose of his talk was to be humorous. The nub of the joke was that there was a previously known Firefox vulnerability that could result in a stack overflow ending up in remote code execution.

The code he showed did not do this, he had not manged to get it to do any code execution, nor did he know of anyone who had.

As amusing jokes go, this one scores low. If a hacker had publicly said the same thing about a commercial product, such as Windows, he would have been looking at a slander law suit which would have bankrupted a medium sized western nation.

More here. µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Dead electronic devices to be banned on US-bound flights

Will the new rules banning uncharged devices be effective?