Posted on 02/09/2005 8:38:29 AM PST by KwasiOwusu
It hasn't been a good week for Firefox and its fans. First, the Danish security company Secunia warned that it had uncovered a vulnerability in Firefox and other browsers that can allow the URL displayed in the address bar and the SSL certificate to be spoofed, which means the browser and others are vulnerable to phishing attacks. The flaw affects all browsers built using the open-source Gecko browser kernel.
And this time around, Internet Explorer is not vulnerable to the attack.
Making matters worse, a few days after that, a security researcher found a trio of security bugs that affect Firefox and Mozilla -- but not Internet Explorer. Among other dangers, the bugs can allow someone to steal your cookies, and then use them to find out personal information about you and log into web sites with your login.
Perhaps most disturbing is that as of this writing, although fixes have been found, they have not yet been rolled up into a patch, or made available in a new Firefox version that can be downloaded and installed.
(Excerpt) Read more at onlamp.com ...
I would like to refer everyone to an argument I had here with a certain freeper here months ago about this very issue. But I cant remember the search terms.
The constant implications and assertions that a handful of flaws in Firefox are akin to the security nightmare of IE are tired, old, and simply outright false. I know people who simply cannot maintain control of their own computers using IE, but have no problems with viruses, spyware, or hack attempts through Firefox. Until MS changes its entire architecture, making IE distinct from the OS, IE will forever be inherently more vulnerable due to its ability to access system resources that other browsers cannot.
And the 13 security fixes released by Microsoft as of late were inconsequential...
Probably about as consequential as the hundreds of other IE patches from MS. As usual, every closing of a security hole opens a new one.
The most secure MS software is the stuff that's too old to write viruses for.
It's a re-write of the same story you posted a couple of days ago.
Newsflash: NO SOFTWARE IS PERFECT! Resume normal activities.
It's not just you - Firefox doesn't perform as well as IE. It's slow to load, slow to load images, and has some annoying quirks like not returning to the same place in a page when you hit the back button or changing the color of followed links.
I really tried to like it - I used it exclusively for two weeks and went back to IE simply because of the poor performance. And yes, I applied the pipeline fix in about:config.
The best part of Firefox was the popup control, although some few web sites were able to defeat it.
I will certainly try it again after the next major revision - assuming Microsoft doesn't come up with something better in the meantime.
Microsoft is trying to spin the perception growing that Firefox is more secure because they are growing concerned. I would have to believe that if Firefox gets a good foothold into the browser world (which everyday is getting larger) that would indicate or suggest to the PC users out there that there is really an alternative and maybe there is an alternative OS (Linux) as well...
Tell me then, during the period of time that Firefox has been on the market, how many security flaws were found in Firefox, and how many in IE?
(I'll go on the record and predict that no MS booster will even attempt an honest answer at this question.)
I used to be the most staunch defender of IE you could find anywhere, and I still use it for certain purposes (Windows update, etc.) but I have found Firefox to be a superior browser.
Having said that, if someone has sensitive information on their computer, they should be running a physical firewall/router on their internet connection, ESPECIALLY if they're on a broad band service.
It is the height of foolishness (IMHO) to store any credit card information on your system, for example using the 'Microsoft Wallet' option, and you should be emptying all browser caches, cookies and what-not with each re-boot.
And for pre-Windows XP users (meaning Win 95/9x), consider the following:
Rename the following programs:
attrib.exe
deltree.exe
format.com
fdisk.exe
To something unique to you, but easily remembered. Why?
While the occurrance of disk wiping virus hasn't been what it was at one time, many virus' use the above programs to accomplish their dirty work once unleashed on your system.
If the programs are renamed to something that the virus can't find, little or no destruction takes place. This can also prevent a casual user who gets access to your system from causing any serious damage if they open up a DOS window to screw around.
This isn't a universal cure-all, but it worked for me.
That's quite a stretch. The only thing Firefox and Linux have in common is the GPL. Hardly anyone using Firefox is thinking, "Gee this would look so good on GNOME!"
The problem with MS is that their products are based on old faulty code, and instead of rewriting the code they keep writing patches. And unless you are a coder, which I highly doubt, then you have no idea just how bad MS's coding is. They can't even get a brain and disconnect the OS from the Browser and thus the reason for most of the flaws/patches.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.