Mozilla taps former Microsoft executive for security

Mozilla Corp. has hired a former Microsoft Corp. security strategist to help lock down its open source products against online attacks.

Window Snyder, whose hiring was announced Wednesday, worked on Microsoft's security driven Windows XP Service Pack 2 update. She also had a role in the development of Windows Server 2003.

Snyder will take charge of Mozilla Corp.'s security strategy, a role previously handled by Mozilla's vice president of engineering, Mike Schroepfer.

"Window has joined MozCorp recently as our new "Chief Security Something" (that's a working title)," said Schroepfer in a blog posting. "She'll be the public voice of Mozilla Corporation on security issues and helping to drive our long-term security strategy."

With hackers finding new and more sophisticated ways to compromise browser security, browser makers such as Mozilla need to keep pace, said Avivah Litan, an analyst with the Gartner Inc. research firm.

And as Mozilla has become more popular, security has become even more important, she said. "The attacks have really been targeted toward the 90 percent of the population using IE, but as their percentage of the browser population goes up, they have more need for [security]," she said.

Mozilla's Firefox is now used by nearly 13 percent of Web surfers, according to Web analytics firm OneStat.com. Microsoft's Internet Explorer has about 86 percent marketshare, the company estimates.

At Microsoft, Snyder worked with both security consulting companies and Microsoft product teams, and one researcher gave high marks to Mozilla for the hire, saying it would help the Mozilla team focus more on security.

"She obviously is respected in the security area," said Stefano Zanero, chief technology officer with Secure Network SRL. "She has a lot of connections and a good vision. I'd say she's an excellent pick for a security strategist."

Snyder left Microsoft in 2005 to work as a principal with Matasano Security, a consultancy based in New York that has done security testing for Microsoft's Windows Vista operating system.

Stephen Toulouse, security program manager with Microsoft's security response center and a former co-worker of Snyder's, had high marks for the new Mozilla security chief. "Speaking personally, not as a representative of Microsoft, I think anyone who has Window working for them is lucky to have her," he said.