A hacker demonstrated what he claimed was a JavaScript vulnerability in Firefox
Firefox hacker exposed as a fraud
/v3-uk/news/1973627/firefox-hacker-exposed-fraud
04 Oct 2006, Tom Sanders in California , V3
A security expert who claimed to have discovered a critical vulnerability in the open source Firefox browser has retracted his original claims.
Mischa Spiegelmock demonstrated what he claimed was a JavaScript vulnerability in Firefox at the ToorCon hacker conference in San Diego over the weekend.
He said that the flaw could allow for remote code execution, and boasted that he knew of at least another 30 undisclosed vulnerabilities.
Spiegelmock has now admitted to Mozilla that the security vulnerability would only crash the browser and that he had been unable to execute arbitrary code.
"The main purpose of our talk was to be humorous. I do not have 30 undisclosed Firefox vulnerabilities, nor did I ever make this claim," he said in a statement that was posted on the Mozilla website.
"I have no undisclosed Firefox vulnerabilities. The person who was speaking with me made this claim, and I honestly have no idea if he has them or not. I apologise to everyone involved, and I hope I have made everything as clear as possible."
Prior to Spiegelmock's confession, Mozilla security chief Window Snyder had reported that the vulnerability was incapable of allowing remote code execution.
Snyder said that, despite the limited risk to end users, the software developer still takes the issue seriously and will continue its investigation.
© Incisive Media Investments Limited 2010, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093
Do you agree?
follow the money
How much did M$oft pay him? Lots of people saw the news of the "bug", probably lots fewer will see the retraction. Who stands to benefit from this?
Posted by Pete, 04 Oct 2006
Jason Fortuny seems to know these folks
Same guy as the CL experiment, knows these folks
Posted by jackson, 03 Oct 2006
heh
what a douche
Posted by roger, 03 Oct 2006
Was it really a hoax?
Was the whole thing really a hoax, or did someone mention to these two loud-mouthed nitwits that the FBI would be monitoring everything they do on the Internet from now until hell freezes over? I'm guessing they're just trying to cover their stupid butts.
Posted by Mark F., 03 Oct 2006
Window
These guys should be prosecuted for this. Only goodness knows what havoc they've caused by their attempt at humour.
Posted by Noynal, 03 Oct 2006
Firefox hacker exposed as a fraud
Sure had a lot of people fooled on beginning October and not April 1. Send the bill for labour and file a law-suite for intend to create public unrest.
Posted by sekerob, 04 Oct 2006
More People need to goto jail
I think with the security at the state that it is these days, we should start to apply some of the same rules as the Airline industry. Make a false claim like this and disrupt people lives and even possibly endanger peoples personal information . . . . automatic arrest and questions later.
Sorry to say - what a sick world we live in these days!!!
Posted by G. Gordon, 04 Oct 2006
.
yes, because all problems can be solved with a lawsuit.
Posted by b, 04 Oct 2006
do you douche?
what a bunch of douche bags!
Posted by Douche Douche?, 04 Oct 2006
Hmmm
Since nobody is out gunning for the politicians who accept "business as usual" revenues from K Street (the Lobbyists), maybe individuals should only be held as accountable as we hold our Politicians accountable.
Posted by BarryZ, 05 Oct 2006
Someone or some thing make it crash
I have encountered 2 scams that made my Firefox 2.0.0.4 crash or report a problem to Windows. I was searching the internet for something then suddenly its gone, then a small window on the lower right corner appears, then next a full window appears, states I have a trojan and a virus - that may or may not exist, it does a scan without me accepting it. Expects money to fix it. Some of them are listed at: Symantec.com - System Doctor is one of them, ContraVirus Pro is another. Several years ago someone explain what happend in Internet Explorer 5.5 - 6.0 and I forgot how they did it.
Posted by Steven, 08 Jul 2007