Jump to content

Firefox Is NOT So Secure

herme3

By herme3
in Computer Science

 Share

Recommended Posts

Klaynos

Klaynos

Posted
Posted

It also depends on the severity of the security flaws. I could find 100 articles that say exactly the oposite, don't belive everything you've read. Also there's nothing stoping you downloading the code for firefox and fixing the holes yourself.

 

A well know and respected security company:

 

http://secunia.com/product/11/

http://secunia.com/product/4227/

 

25 advisaries for Fx, and 86 for IE... Althouth don't take this as solid fact I'd check other security firms but tbh I can't be bothered...

Link to comment
Share on other sites
RyanJ

RyanJ

Posted
Posted

Take it from me - Firefox is a hell of a lot more secure :)

 

Nothing is ever prefect - that would go against human nature to mess things up (:D) but because its oepn source the hackers that find the holes are the ones working for Mozilla and thus it gets patched in days and not years (Or not at all in a lot of MS cases...)

 

Cheers,

 

Ryan Jones

Link to comment
Share on other sites
gwai lo

gwai lo

Posted
Posted

Firefox became more popular so people put more effort into finding security holes in it. It's the same thing, sort of, with Macs. The user base is not big enough for many people to put a lot of time into developing spyware and viruses.

 

Any program that becomes popular will have it's security flaws discovered.

Link to comment
Share on other sites
1veedo

1veedo

Posted
Posted

This is the most untrue and overused statement I hear about this. It's easy to point out this claim isn't true for Linux because Linux makes up most of the Server market yet Windows servers are still attacked more...seeing as this is off-topic I don't feel like going through the whole shibang but I talk about it a little in my Linux article at my website.

Link to comment
Share on other sites
Pangloss

Pangloss

Posted
Posted

Firefox has really had a lot more problems recently than IE. It's a shame, I see it crash a lot under heavy usage and the exploits have been too frequent. It's still my preferred browser (using it right now), but I'm keeping a solidly open mind about IE7.

 

(Remember, competition is what works, not faithful dedication to one product over another. At the very time when you most love a program, THAT's the time when you need to think about its competition. When competition exists WE WIN, and that's every bit as true for Firefox as it is for Microsoft.)

Link to comment
Share on other sites
RyanJ

RyanJ

Posted
Posted
Firefox has really had a lot more problems recently than IE. It's a shame' date=' I see it crash a lot under heavy usage and the exploits have been too frequent. It's still my preferred browser (using it right now), but I'm keeping a solidly open mind about IE7.

 

(Remember, [i']competition[/i] is what works, not faithful dedication to one product over another. At the very time when you most love a program, THAT's the time when you need to think about its competition. When competition exists WE WIN, and that's every bit as true for Firefox as it is for Microsoft.)

 

Yup, its that damn 1.0.7 upgrade. It should all be fixed though for the 1.5 reliease (Has some nice features in it).

 

IE 7 is a load of crap... its hard to be happy with features that Firefox, Opera and many others had years ago...

 

BTW, Firefox has reached its 100,000,000 downloads! Wooo!

 

Cheers,

 

Ryan Jones

Link to comment
Share on other sites
Cap'n Refsmmat

Cap'n Refsmmat

Posted
Posted

Firefox 1.5 should solve most of the problems. It now has a binary update system which means people have no excuse to not upgrade--it does it for them, without requiring them to download the entire installer as before--and so upgrades can be more frequent.

 

Although I still hate Adobe Reader for killing FF AND IE ever time I run it.

Link to comment
Share on other sites
RyanJ

RyanJ

Posted
Posted

Although I still hate Adobe Reader for killing FF AND IE ever time I run it.

 

I agree 100% with that its a pain alright! I wonder if someone will come up with an open source alternative for that too....

 

Cheers,

 

Ryan Jones

Link to comment
Share on other sites
thorN

thorN

Posted
Posted

Internet explorer has major over-arching flaws in it's design, which MS isn't fixing speedily at all. For instance, it's embedded too deeply in the Windows OS, which is inherently insecure. Also, *conspiracy theorising*, it pays off for them because they can sell software to, such as MS anti-spyware, to fix up the problems they've made.

 

The problems with Firefox are a lot smaller in magnitude and are often fixed faster. Remember- just because there are more problems identified isn't a bad thing- it just means more people are looking, and then the security issues can be fixed.

Link to comment
Share on other sites
RyanJ

RyanJ

Posted
Posted

The problems with Firefox are a lot smaller in magnitude and are often fixed faster. Remember- just because there are more problems identified isn't a bad thing- it just means more people are looking' date=' and then the security issues can be fixed.[/quote']

 

I ahve another thing to note on this point if you all don't mind. 99.9% of the holes found are actually by Fx developers so the holes don't even get into the wild before they are fixed and its much better to have the holes firxed before they can be found by others than having to patch them in threat of a virus epidemic which with Microcrap is so often the case.

 

Infact there are more than a few reports of Microcrap bug fixes creating more holes than they were intended to patch and after testing IE and WIndows security for the last 2 years I can say about 33% of the holes submited are classified by Mirocrap to be unworthy of being fixed....

 

Cheers,

 

Ryan Jones

Link to comment
Share on other sites
Klaynos

Klaynos

Posted
Posted
I agree 100% with that its a pain alright! I wonder if someone will come up with an open source alternative for that too....

 

Cheers' date='

 

Ryan Jones[/quote']

 

 

Just a quick note that there are alternatives to adobe reader... some of which are open source...

 

Competition is always the key to a good lively market, which has been lacking somewhat untill quite recently in the browser market :|

Link to comment
Share on other sites
1veedo

1veedo

Posted
Posted
I ahve another thing to note on this point if you all don't mind. 99.9% of the holes found are actually by Fx developers so the holes don't even get into the wild before they are fixed and its much better to have the holes firxed before they can be found by others than having to patch them in threat of a virus epidemic which with Microcrap is so often the case.

 

Infact there are more than a few reports of Microcrap bug fixes creating more holes than they were intended to patch and after testing IE and WIndows security for the last 2 years I can say about 33% of the holes submited are classified by Mirocrap to be unworthy of being fixed....

 

Cheers,

 

Ryan Jones

This is just the nature of the two projects. Of course Firefox is going to get fixed faster: it's open source! Closed projects are always going to be a little behind.
Link to comment
Share on other sites
RyanJ

RyanJ

Posted
Posted
This is just the nature of the two projects. Of course Firefox is going to get fixed faster: it's open source! Closed projects are always going to be a little behind.

 

Uhum... a little? the last version of IE was released what, 4-5 years ago?

 

If it were not for the Fx and Opera competition now there would bo no IE7 Beta and that I can be shure of... Microcrap did not plan to release IE7 untill Longhorn was finished and then only release it for that [acr=Operating System]OS[/acr] but as always they don't like competition and so they decided to release it early... morons...

 

Edit: Forgot this, 1veedo - I agree with you 100% and thats why Open Source is a much better alternative as it cna get patched faster and new features can also be added faster too :)

 

Cheers,

 

Ryan Jones

Link to comment
Share on other sites
Pangloss

Pangloss

Posted
Posted

I appreciate the info on 1.5 hopefully fixing the 1.07 issues. I haven't been following Moz development at all. Thanks!

 

There's no question in my mind that Moz as pushed (if not completely upended) IE development. Even die-hard Microsoft evangelists should look at this as a good thing.

Link to comment
Share on other sites
1veedo

1veedo

Posted
Posted

I don't know anything about firefox's development. It's not a big enough project to keep updating every time they fix something or release a new version. But it seems that every time I install a newer distro there's a newer version on firefox.

Link to comment
Share on other sites
Dave

Dave

Posted
Posted

There's some very nice features in Firefox 1.5 that are coming up. Amongst numerous speed improvements and bug fixes, rendering time for cached pages is a lot faster. There's the automated upgrade system which is much better than having a new installer for each copy of Firefox; it simply patches your application and relevant files instead. SVG support is coming on a treat, and it really does look great.

 

I've been running 1.5b1 and 1.5b2 for a while now with next to no problems. The only major downside is that most of the extensions and themes aren't compatible with the changes they've been making in 1.5. But there is a noticable improvement in both rendering time and just general application performance. I haven't measured the footprint yet, but in terms of RAM it seems to take a little less, at least.

 

By all accounts so far, IE7 is nothing but IE6 with tabbed browsing and PNG transparency. Most of the reviews I've read on b1 indicate that things like the 3px jog and numerous other CSS annoyances are yet to be fixed. In their defence, they say that there will be more CSS fixed in b2, but I'm not convinced. Frankly, if it's taken 4 years for PNG and some tabs, then god only knows how long it's going to take for them to implement a proper CSS model.

Link to comment
Share on other sites
RyanJ

RyanJ

Posted
Posted

By all accounts so far' date=' IE7 is nothing but IE6 with tabbed browsing and PNG transparency. Most of the reviews I've read on b1 indicate that things like the 3px jog and numerous other CSS annoyances are yet to be fixed. In their defence, they say that there will be more CSS fixed in b2, but I'm not convinced. Frankly, if it's taken 4 years for PNG and some tabs, then god only knows how long it's going to take for them to implement a proper CSS model.[/quote']

 

Didn't Microcrap actually say they were not going to support web standards other than what they have decided people may want to use? I read that on a blog apparently it was one of the developers that said it....

 

Cheers,

 

Ryan Jones

Link to comment
Share on other sites
  • 2 weeks later...
gwai lo

gwai lo

Posted
Posted
This is the most untrue and overused statement I hear about this. It's easy to point out this claim isn't true for Linux because Linux makes up most of the Server market yet Windows servers are still attacked more...seeing as this is off-topic I don't feel like going through the whole shibang but I talk about it a little in my Linux article at my website.

well..i don't know...servers aren't as vulnerable as daily users...as they're kind of..important

 

it's a lot easier to infect a desktop, which would make it easier to spread it..

 

no?

 

meh...i come from a desktop-perspective..what do i know..

Link to comment
Share on other sites
Klaynos

Klaynos

Posted
Posted
well..i don't know...servers aren't as vulnerable as daily users...as they're kind of..important

 

it's a lot easier to infect a desktop' date=' which would make it easier to spread it..

 

no?

 

meh...i come from a desktop-perspective..what do i know..[/quote']

 

Servers are connected and mostly unmonitored 24/7 desktops are genrally not connected as much are when they are they spend alot more time with people using them who would notice an issue, they don't have anywhere near as much network activity normally, desktops have hardly any services listening to the network/Internet through which to be infected...

 

The main disadvantage for desktop machines is silly users who download (or receive by email) programs which they then execute.

Link to comment
Share on other sites
Dave

Dave

Posted
Posted
Didn't Microcrap actually say they were not going to support web standards other than what they have decided people may want to use? I read that on a blog apparently it was one of the developers that said it....

 

Cheers' date='

 

Ryan Jones[/quote']

 

This is the stance that they're currently taking. This MSDN blog entry would indicate that they've fixed a number of issues (3px jog, peekaboo bug, etc), but frankly I will never use IE ever again. It's far too insecure and seems to take forever to get the simplest of bug fixes fixed.

Link to comment
Share on other sites
RyanJ

RyanJ

Posted
Posted

 

I agree with you ther ebig time. Some of the big holes found by the security testers never get released in the hopes that no-one will notice...

 

Microcrap has hasically left IE to rot for too long and we all know what happens when things rot you dfon't get them back again... but something goos has come out of all this Firefox!

 

Cheers,

 

Ryan Jones

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.