Is the Firefox honeymoon over?

Saturday, September 17, 2005 by Phoon | Discussion: Internet

Now that Firefox has become the first viable contender to Microsoft Internet Explorer in years, its popularity has brought with it some unwanted attention. Last week's premature disclosure of a zero-day Firefox exploit came a few weeks after a zero-day exploit for Internet Explorer appeared on the Internet. Firefox not only has more vulnerabilities per month than Internet Explorer, but it is now surpassing Internet Explorer for the number of exploits available for public download in recent months.

Read the Rest Here..
Link
20 Reply 8 Referrals
_02
Reply #1 Saturday, September 17, 2005 6:26 PM
Wow!! Thanks for the heads up. I use both. I bet this isn't going to sit well with all those who have bad mouthed IE.

Phoon
Reply #2 Saturday, September 17, 2005 6:29 PM
Yeah, they just don't want to listen when you tell them that the more popular something becomes that it also becomes a target.

Lantec
Reply #3 Saturday, September 17, 2005 6:32 PM
I tried it for a few months back when it went to ver 1. I got to where I couldn't give up the tabbed interface. The problem was dealing with MS you either run IE or you don't get your downloads. I found that Maxthon "fools" the MS sites so I keep a copy of it on my machine and I purchased Opera 7 (now 8) because of the interface and the total customizablilty (spelling?) Firefox did it's job and showed me and many other people there's more out there than just IE. I don't see myself using IE unless they have a MAJOR update after Vista comes out.

kona0197
Reply #4 Saturday, September 17, 2005 6:36 PM
Lantec - IE7 is supposed to be better than IE6 in features and security.

As far as this news I'm not surprised.

_02
Reply #5 Saturday, September 17, 2005 7:00 PM
As far as this news I'm not surprised


I think you have been vindicated!!!

Lantec
Reply #6 Saturday, September 17, 2005 7:27 PM
Kona, I was a die hard IE fan back during the duel to the death with Netscape in the early 90's I have nothing against trying IE7....after waiting for a few months while I let the rest of the world do the "shakedown cruise". Currently I'm VERY happy with Opera. It's not free, but it works just like I want it too and that's good enough for now.

Phoon
Reply #7 Saturday, September 17, 2005 9:23 PM
I also use Maxthon. Very rarely do I fire up IE. I do keep IE set as the default browser though because I couln't get Maxthon to give it up if I set it as default.
It's been awhile since I used Opera. I just don't have issues with Maxthon/IE setup.
Tabs... couldn't live without em now..

Lantec
Reply #8 Saturday, September 17, 2005 9:29 PM
I couln't get Maxthon to give it up if I set it as default
This is a problem I ran into with Maxthon. The only way I found to correct it was to uninstall Maxthon, then I ran Opera as the default for a couple days and reinstalled Maxthon without setting it to default.

Lotherius
Reply #9 Saturday, September 17, 2005 9:57 PM
That report is misleading.

What it ignores is the severity of vulnerabilities, and how many remain unpatched (for how long) after being reported.

I tire of citing statistics, so I won't... Go check them yourself if it's really a concern for you. Fact is, FireFox has almost 0 of the most critical vulnerabilities unpatched, whereas IE has about 20-30 unpatched critical vulnerabilities.

The security in Firefox doesn't come from fewer flaws, it comes from the speed at which flaws are patched once they are discovered.

That means that there is almost never a chance for anyone to actually deploy exploits based on a FireFox flaw, while there are still numerous IE exploits floating around in the wild that work on a *fully patched system*.

RockinMike
Reply #10 Saturday, September 17, 2005 10:19 PM
Personally it's all a matter of taste of which browser you want to use, so let's not start any wars here. Security flaws what a world it would be if there weren't any?

NightTrainthedark
Reply #11 Saturday, September 17, 2005 10:35 PM
That report is misleading.

What it ignores is the severity of vulnerabilities, and how many remain unpatched (for how long) after being reported.

I tire of citing statistics, so I won't... Go check them yourself if it's really a concern for you. Fact is, FireFox has almost 0 of the most critical vulnerabilities unpatched, whereas IE has about 20-30 unpatched critical vulnerabilities.

The security in Firefox doesn't come from fewer flaws, it comes from the speed at which flaws are patched once they are discovered.

That means that there is almost never a chance for anyone to actually deploy exploits based on a FireFox flaw, while there are still numerous IE exploits floating around in the wild that work on a *fully patched system*.


It is not misleading. It is merely saying that as Firefox becomes more popular, the exploits rise is numbers. The points you raise are good points but they refer to something different.

tjesterb
Reply #12 Saturday, September 17, 2005 11:15 PM
Hmmm, an IE exploit gives someone access to your whole root directory and all your personal data. A FF exploit gives access to the last few sites you visited. That looks like a fair comparison to me.

An IE exploit goes months before being patched. FF exploits are sometimes fixed within 24 hours.

Yes, FF will become a bigger target as it gains more popularity. There is probably no such thing as a completely secure browser anymore. However, if you use any browser with a little intelligence, you will probably be fine.

As an aside, I run spyware scans on my machine and get nothing. I run the same scans on machines of IE users, and I always find spyware, even when for users who would never frequent "questionable" sites.

Hopefully IE7 will be all MS is promising, but MS had previously announced that they were no longer developing upgrades for IE until FF came and stole some of their marketshare. I hear they even invented something called "tabbed browsing" What will they think of next?

elessart
Reply #13 Saturday, September 17, 2005 11:31 PM
This is what happens when you become popular...but at least Firefox 1.5 is coming out soon and the beta is out now.

kona0197
Reply #14 Saturday, September 17, 2005 11:46 PM
As an aside, I run spyware scans on my machine and get nothing. I run the same scans on machines of IE users, and I always find spyware, even when for users who would never frequent "questionable" sites.


I rarely find anything on my scans. And everyone knows what browser I use.

starkers
Reply #15 Sunday, September 18, 2005 1:58 AM
, I run spyware scans on my machine and get nothing. I run the same scans on machines of IE users, and I always find spyware, even when for users who would never frequent "questionable" sites.


The question is: what is the definition of a questionable site these days? In the past, it was considered to be porn sites, but given the increasing amount of unsolicited junk emanating from other, previously considered clean sites, the list of 'questionable' sites is rapidly increasing at an alarming rate. It's annoying enough that businesses sink so low to covertly install adware on unsuspecting users, but to install malware as well is completely despicable.

The other night, I downloaded 5 or 6 wallpapers (not in exe files), and a subsequent spyware scan revealed several instances of adware....worse still, 3 of malware intended to shut down antivirus and internet security programs, Windows firewall. I can only conclude these items came from a previously trusted site, as my only other d/l's were from WC or Stardock, and therefore safe.

It seems to be commonplace nowadays for smaller, honest and trustworthy operators to be taken over by large corporations that knowingly engage in the practice of covertly sending harmful crap to peoples computers...it is criminal so the seizure of assets and operators license revocation should be accompanied by a hefty prison term.

Fuzzy Logic
Reply #16 Sunday, September 18, 2005 3:16 AM

I mostly use IE, sometimes Firefox and Opera. depends on what I'm doing. Yesterday I ran Spybot and Ad-Aware and both came up clean, and that's after a week of browsing. I do have MS Antispyware and Spybot-SD running in the background though.

All browsers have vulnerabilities. The more popular the browser the more vulnerabilities and criticism it will attract.  Firefox has it's share of zealots in much the same way the Mac does, perhaps it's the underdog insecurity psychology at the root -dunno. To hate something (like IE) is not productive. Both do a job, personal choice is down to you

 


tjesterb
Reply #17 Sunday, September 18, 2005 11:52 AM
Interesting counterpoint:http://yahoolian.dyndns.ws:3000/articles/2005/09/17/firefox-vs-ie-security
Compare the Secunia advisories:
IE: http://secunia.com/product/11/
FF: http://secunia.com/product/4227/

I don't consider myself a Firefox "Fan-Boy" I personally couldn't care less what browser someone uses (unless it's one of the people who's PCs I am constantly having to clean up .)
I do, however, hate seeing mis-information passed off on the public by some guy (George Ou at ZD.net, not Phoon) who just wants to boost his readership by posting a provocative title, followed by a poorly researched "article."

RPGFX
Reply #18 Monday, September 19, 2005 9:06 AM
As an aside, I run spyware scans on my machine and get nothing. I run the same scans on machines of IE users, and I always find spyware, even when for users who would never frequent "questionable" sites.


This is the main reason I stay with FF.. this and tabs of course. My spyware scans have come up 100% clean ever single time with FF. Not at all the case with IE. It was a significant amount found on every scan with IE. Other than those two things, I don't have a problem with IE. I just prefer FF.

esg-designs
Reply #19 Monday, September 19, 2005 9:07 AM
Andrew Kantor writes "What is wrong with Mac users and Apple fans? I mean that -- I've never seen the like. Calling them "blind lemmings" doesn't always seem strong enough."


Seems to fit for Firefox too... but I degress...

I tire of citing statistics, so I won't... Go check them yourself if it's really a concern for you. Fact is, FireFox has almost 0 of the most critical vulnerabilities unpatched, whereas IE has about 20-30 unpatched critical vulnerabilities.

The security in Firefox doesn't come from fewer flaws, it comes from the speed at which flaws are patched once they are discovered.

That means that there is almost never a chance for anyone to actually deploy exploits based on a FireFox flaw, while there are still numerous IE exploits floating around in the wild that work on a *fully patched system*.


And there is your real answer.


I don't like IE, but I keep it becuase, basically, you have too.

On any browser, all you really have to do is browse safely, and keep your computer clean. Do that and you can run any browser you want to.

I can't do without tabbed browsing, my firefox scripts, and other cool add ons that i can just as easily take off without being a uninstall (like IE).


I wish I downloaded Opera for free when they had it. I want to test my website on it (and the trial version annoys me lol).

esg-designs
Reply #20 Monday, September 19, 2005 9:12 AM
New browser is out:
http://digg.com/software/A_New_Web_Browser_is_Coming_to_Town

From Digg.

Please login to comment and/or vote for this skin.

Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:

  • Richer content, access to many features that are disabled for guests like commenting on the forums and downloading skins.
  • Access to a great community, with a massive database of many, many areas of interest.
  • Access to contests & subscription offers like exclusive emails.
  • It's simple, and FREE!
Login

Home | About | Privacy | Upload Guidelines | Terms of Service | Help
Copyright © Stardock Corporation. All Rights Reserved.


web-wc01