I'm not a techie, but as someone who's been using Windows since its first incarnation in Aldus Pagemaker, I thought I'd never stray from MS.
After his past year of almost daily security warnings, holes, updates, etc., I've spent megabucks on security programs, and have spent countless wasted hours scanning for spyware, trojans, worms, et al, with the constant worry that the computers I use to run our business would be compromised.
I'm typing this from Firefox on a Xandros Linux (which was designed for the non-techie) -- and no, Linux won't run all those Windows programs I need to conduct business, but it will keep me saner and safer as my main internet interface.
Of course, it can be argued that MS has all those security holes because it is one hugely distributed target, whereas Linux and Apple aren't worth the trouble for hackers, but for now, I'd rather spend more time on keeping my business going than worrying about the next security picadillo, and the best way to insure that with minimal efforts is to keep the XP boxes offline.
My (rather longwinded) point is that if MS doesn't pay attention to the Firefox trend, they will miss the signs that the little guy is not only tired of IE's holes, they are also tired of fending off attacks on Windows itself. XP is awesome, but taking it on the internet is now like going into battle with a thousand pounds of armor that may or may not protect you.
Have you considered a Mac?
http://www.freerepublic.com/focus/f-bloggers/1315416/posts
Mozilla (Firefox & Thunderbird) Vulnerabilities Identified
Infoworld ^ | Jan. 6, 2005 | Matthew Broersma, Techworld
Mozilla vulnerabilities identified Most serious bug affects all versions of Mozilla prior to 1.7.5 and could result in system crash
By Matthew Broersma, Techworld January 06, 2005
Users of the Mozilla and Firefox browsers and the Thunderbird e-mail client may be vulnerable to flaws that could allow an attacker to spy on or take over a system, according to security researchers.
The most serious bug affects all versions of Mozilla earlier than 1.7.5, and could result in a system crash or the execution of malicious code, the Mozilla Project said. A boundary error in the way Mozilla handles "news://" addresses can be used to cause a heap-based buffer overflow, which crashes the application and may allow for code execution, according to an advisory from Maurycy Prodeus of iSEC Security Research, who discovered the flaw.
An attacker could exploit the bug by creating an overly-long "news://" link, distributed in an e-mail or on a Web page, and enticing a user to click on it. Such methods have been successfully used to spread worms. Mozilla Version 1.7.5 fixes the problem. Independent security research firm Secunia gave the bug a "highly critical" rating.
To exploit the flaw, the attacker must point to a real news server that is accessible. Prodeus created a proof-of-concept file that demonstrates the bug.
Firefox and Thunderbird are affected by less serious problems. The first is a vulnerability in the way they store temporary files -- the files are sometimes stored with predictable names and in a format that allows anyone to read them. This means a local attacker could easily read the contents of another user's attachments or downloads, according to researchers.
Finally, a Secunia researcher discovered a way of spoofing the names of file downloads in Firefox. A malicious site could use the bug to disguise the true nature of files the user is downloading, or to get information on the presence of specific files on the local system.
These bugs are all fixed in Firefox 1.0 and newer, and Thunderbird 0.9 and newer.
In recent months many users have begun switching to browsers such as Firefox and Mozilla because of increasingly serious security risks affecting Microsoft's (Profile, Products, Articles) dominant Internet Explorer. However, the newfound popularity of the Mozilla-based browsers has been accompanied by greater scrutiny by security researchers, and the regular discovery of new flaws.