logoalt Hacker News

Normal_gaussianyesterday at 5:17 PM2 repliesview on HN

In many cases, the difference between a bug and an attack vector lies in the closed source areas.

This is going to be the case automating attack detection against most programs where a portion is obscured.

Replies

rs_rs_rs_rs_rsyesterday at 6:22 PM

>In many cases, the difference between a bug and an attack vector lies in the closed source areas.

You say many cases, let's see some examples in Safari.

dwaiteyesterday at 5:57 PM

However, Firefox also needs to use the closed source OS when running on Windows or macOS.

There are also WebKit-based Linux browsers, which obviously do not use closed-source OS interfaces.

My pessimistic guess on reasoning is that they suspected Firefox to have more tech debt.