eldavojohn writes "There's a brief article on Ars Technica about how Finjan Inc. (a security provider) found a security problem with Google's anti-phishing plug-in for Mozilla Firefox and covertly contacted Google about it. From the article,
So you might be asking why this isn't bigger news. Well, Google has since fixed this problem and turned this issue into a non-issue. One must wonder whether this form of bug discovery is more sensible or 'correct' than the constant Microsoft bugs published online. Perhaps if Google continues to handle low key notices seriously, they'll never find themselves in the same position as Microsoft?"