Is the Firefox honeymoon over?

http://blogs.zdnet.com/Ou/index.php?p=103
from WinCustomize Forums
Now that Firefox has become the first viable contender to Microsoft Internet Explorer in years, its popularity has brought with it some unwanted attention. Last week's premature disclosure of a zero-day Firefox exploit came a few weeks after a zero-day exploit for Internet Explorer appeared on the Internet. Firefox not only has more vulnerabilities per month than Internet Explorer, but it is now surpassing Internet Explorer for the number of exploits available for public download in recent months.

Read the Rest Here..
Link
internet
24,443 views 20 replies
Reply #1 from WinCustomize Forums Top
Wow!! Thanks for the heads up. I use both. I bet this isn't going to sit well with all those who have bad mouthed IE.
Reply #2 from WinCustomize Forums Top
Yeah, they just don't want to listen when you tell them that the more popular something becomes that it also becomes a target.
CursorFX - Customize your Windows cursor
Reply #3 from WinCustomize Forums Top
I tried it for a few months back when it went to ver 1. I got to where I couldn't give up the tabbed interface. The problem was dealing with MS you either run IE or you don't get your downloads. I found that Maxthon "fools" the MS sites so I keep a copy of it on my machine and I purchased Opera 7 (now 8) because of the interface and the total customizablilty (spelling?) Firefox did it's job and showed me and many other people there's more out there than just IE. I don't see myself using IE unless they have a MAJOR update after Vista comes out.
Reply #4 from WinCustomize Forums Top
Lantec - IE7 is supposed to be better than IE6 in features and security.

As far as this news I'm not surprised.
Reply #5 from WinCustomize Forums Top
As far as this news I'm not surprised


I think you have been vindicated!!!
Reply #6 from WinCustomize Forums Top
Kona, I was a die hard IE fan back during the duel to the death with Netscape in the early 90's I have nothing against trying IE7....after waiting for a few months while I let the rest of the world do the "shakedown cruise". Currently I'm VERY happy with Opera. It's not free, but it works just like I want it too and that's good enough for now.
Reply #7 from WinCustomize Forums Top
I also use Maxthon. Very rarely do I fire up IE. I do keep IE set as the default browser though because I couln't get Maxthon to give it up if I set it as default.
It's been awhile since I used Opera. I just don't have issues with Maxthon/IE setup.
Tabs... couldn't live without em now..
Reply #8 from WinCustomize Forums Top
I couln't get Maxthon to give it up if I set it as default
This is a problem I ran into with Maxthon. The only way I found to correct it was to uninstall Maxthon, then I ran Opera as the default for a couple days and reinstalled Maxthon without setting it to default.
Reply #9 from JoeUser Forums Top
That report is misleading.

What it ignores is the severity of vulnerabilities, and how many remain unpatched (for how long) after being reported.

I tire of citing statistics, so I won't... Go check them yourself if it's really a concern for you. Fact is, FireFox has almost 0 of the most critical vulnerabilities unpatched, whereas IE has about 20-30 unpatched critical vulnerabilities.

The security in Firefox doesn't come from fewer flaws, it comes from the speed at which flaws are patched once they are discovered.

That means that there is almost never a chance for anyone to actually deploy exploits based on a FireFox flaw, while there are still numerous IE exploits floating around in the wild that work on a *fully patched system*.
Reply #10 from WinCustomize Forums Top
Personally it's all a matter of taste of which browser you want to use, so let's not start any wars here. Security flaws what a world it would be if there weren't any?
Reply #11 from WinCustomize Forums Top
That report is misleading.

What it ignores is the severity of vulnerabilities, and how many remain unpatched (for how long) after being reported.

I tire of citing statistics, so I won't... Go check them yourself if it's really a concern for you. Fact is, FireFox has almost 0 of the most critical vulnerabilities unpatched, whereas IE has about 20-30 unpatched critical vulnerabilities.

The security in Firefox doesn't come from fewer flaws, it comes from the speed at which flaws are patched once they are discovered.

That means that there is almost never a chance for anyone to actually deploy exploits based on a FireFox flaw, while there are still numerous IE exploits floating around in the wild that work on a *fully patched system*.


It is not misleading. It is merely saying that as Firefox becomes more popular, the exploits rise is numbers. The points you raise are good points but they refer to something different.
Reply #12 from WinCustomize Forums Top
Hmmm, an IE exploit gives someone access to your whole root directory and all your personal data. A FF exploit gives access to the last few sites you visited. That looks like a fair comparison to me.

An IE exploit goes months before being patched. FF exploits are sometimes fixed within 24 hours.

Yes, FF will become a bigger target as it gains more popularity. There is probably no such thing as a completely secure browser anymore. However, if you use any browser with a little intelligence, you will probably be fine.

As an aside, I run spyware scans on my machine and get nothing. I run the same scans on machines of IE users, and I always find spyware, even when for users who would never frequent "questionable" sites.

Hopefully IE7 will be all MS is promising, but MS had previously announced that they were no longer developing upgrades for IE until FF came and stole some of their marketshare. I hear they even invented something called "tabbed browsing" What will they think of next?
Reply #13 from WinCustomize Forums Top
This is what happens when you become popular...but at least Firefox 1.5 is coming out soon and the beta is out now.
Reply #14 from WinCustomize Forums Top
As an aside, I run spyware scans on my machine and get nothing. I run the same scans on machines of IE users, and I always find spyware, even when for users who would never frequent "questionable" sites.


I rarely find anything on my scans. And everyone knows what browser I use.
Reply #15 from WinCustomize Forums Top
, I run spyware scans on my machine and get nothing. I run the same scans on machines of IE users, and I always find spyware, even when for users who would never frequent "questionable" sites.


The question is: what is the definition of a questionable site these days? In the past, it was considered to be porn sites, but given the increasing amount of unsolicited junk emanating from other, previously considered clean sites, the list of 'questionable' sites is rapidly increasing at an alarming rate. It's annoying enough that businesses sink so low to covertly install adware on unsuspecting users, but to install malware as well is completely despicable.

The other night, I downloaded 5 or 6 wallpapers (not in exe files), and a subsequent spyware scan revealed several instances of adware....worse still, 3 of malware intended to shut down antivirus and internet security programs, Windows firewall. I can only conclude these items came from a previously trusted site, as my only other d/l's were from WC or Stardock, and therefore safe.

It seems to be commonplace nowadays for smaller, honest and trustworthy operators to be taken over by large corporations that knowingly engage in the practice of covertly sending harmful crap to peoples computers...it is criminal so the seizure of assets and operators license revocation should be accompanied by a hefty prison term.
Reply #16 from WinCustomize Forums Top

I mostly use IE, sometimes Firefox and Opera. depends on what I'm doing. Yesterday I ran Spybot and Ad-Aware and both came up clean, and that's after a week of browsing. I do have MS Antispyware and Spybot-SD running in the background though.

All browsers have vulnerabilities. The more popular the browser the more vulnerabilities and criticism it will attract.  Firefox has it's share of zealots in much the same way the Mac does, perhaps it's the underdog insecurity psychology at the root -dunno. To hate something (like IE) is not productive. Both do a job, personal choice is down to you

 

Reply #17 from WinCustomize Forums Top
Interesting counterpoint:http://yahoolian.dyndns.ws:3000/articles/2005/09/17/firefox-vs-ie-security
Compare the Secunia advisories:
IE: http://secunia.com/product/11/
FF: http://secunia.com/product/4227/

I don't consider myself a Firefox "Fan-Boy" I personally couldn't care less what browser someone uses (unless it's one of the people who's PCs I am constantly having to clean up .)
I do, however, hate seeing mis-information passed off on the public by some guy (George Ou at ZD.net, not Phoon) who just wants to boost his readership by posting a provocative title, followed by a poorly researched "article."
Reply #18 from WinCustomize Forums Top
As an aside, I run spyware scans on my machine and get nothing. I run the same scans on machines of IE users, and I always find spyware, even when for users who would never frequent "questionable" sites.


This is the main reason I stay with FF.. this and tabs of course. My spyware scans have come up 100% clean ever single time with FF. Not at all the case with IE. It was a significant amount found on every scan with IE. Other than those two things, I don't have a problem with IE. I just prefer FF.
Reply #19 from WinCustomize Forums Top
Andrew Kantor writes "What is wrong with Mac users and Apple fans? I mean that -- I've never seen the like. Calling them "blind lemmings" doesn't always seem strong enough."


Seems to fit for Firefox too... but I degress...

I tire of citing statistics, so I won't... Go check them yourself if it's really a concern for you. Fact is, FireFox has almost 0 of the most critical vulnerabilities unpatched, whereas IE has about 20-30 unpatched critical vulnerabilities.

The security in Firefox doesn't come from fewer flaws, it comes from the speed at which flaws are patched once they are discovered.

That means that there is almost never a chance for anyone to actually deploy exploits based on a FireFox flaw, while there are still numerous IE exploits floating around in the wild that work on a *fully patched system*.


And there is your real answer.


I don't like IE, but I keep it becuase, basically, you have too.

On any browser, all you really have to do is browse safely, and keep your computer clean. Do that and you can run any browser you want to.

I can't do without tabbed browsing, my firefox scripts, and other cool add ons that i can just as easily take off without being a uninstall (like IE).


I wish I downloaded Opera for free when they had it. I want to test my website on it (and the trial version annoys me lol).
Reply #20 from WinCustomize Forums Top
New browser is out:
http://digg.com/software/A_New_Web_Browser_is_Coming_to_Town

From Digg.