[PLUG-TALK] Re: [PLUG] Ubuntu standard Firefox sucks
Andrew Becherer
apbech0 at u.washington.edu
Thu Jan 4 22:24:37 UTC 2007
On 1/2/07, M. Edward (Ed) Borasky <znmeb at cesmail.net> wrote:
> 1. On a Windows box, I point blank refuse to use a browser other than
> Internet Explorer. It's partly out of respect for the corporate IT
> department where I work, but even at home I don't use it. Why? Because
> of two things:
>
> a. Firefox is *not*, despite any propaganda you might read from the
> Firefox bigots, more secure or less vulnerable than IE. I don't know of
> any objective and scientific way to measure that, nor do I know of any
> reputable organization that claims to be able to measure that. It's pure
> propaganda -- an emotional appeal. If someone on this list can show me
> some facts that indicate otherwise, I'd be happy to look at them.
This issue just hit Slashdot today
(http://it.slashdot.org/it/07/01/04/162238.shtml). Brian Krebs seems
to have doe a pretty good job examining this issue. His methodology
and data are available for anyone to review.
>From the article:
"For a total 284 days in 2006 (or more than nine months out of the
year), exploit code for known, unpatched critical flaws in pre-IE7
versions of the browser was publicly available on the Internet.
Likewise, there were at least 98 days last year in which no software
fixes from Microsoft were available to fix IE flaws that criminals
were actively using to steal personal and financial data from users."
"Mozilla's Firefox browser -- experienced a single period lasting just
nine days last year in which exploit code for a serious security hole
was posted online before Mozilla shipped a patch to remedy the
problem."
Mozilla's Firefox seems to fit my definition of "more secure" and
"less vulnerable."
--
Andrew Becherer
Undergraduate, Computing and Software Systems
University of Washington, Tacoma
More information about the PLUG-talk
mailing list