My cheque for $650 AUD just arrived :D

For those of you not familiar with the Mozilla bug bounty program - it’s designed to reward reporters of security bugs in Mozilla software and encourage security research.

I found a bug in AMO which (if I so desired) would have allowed me to send out a new version of a popular add-on through the automatic update system, and execute whatever code I so wished on thousands of users’ computers (eg. delete harddrive, email me their saved usernames and passwords, etc. etc.) Being the good person that I am, I decided to pass on the (potential) millions of dollars worth of money I could withdraw from online bank accounts and the painful ass I would’ve got after a long jail term, and instead report it to Mozilla. It was promptly fixed and the world was a better place because of it.

More information is of course available.. hey, I was supposed to get a t-shirt too! Actually I already have a free Firefox shirt for helping out, I don’t need another one.