Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Symantec: Mozilla browsers more vulnerable than IE
ZDNet News ^ | 9/19/2005 | Tom Espiner

Posted on 09/19/2005 7:01:42 PM PDT by Incorrigible

Symantec: Mozilla browsers more vulnerable than IE

Mozilla Web browsers are potentially more vulnerable to attack than Microsoft's Internet Explorer, according to a Symantec report. But the report, released Monday, also found that hackers are still focusing their efforts on IE.

The open-source Mozilla Foundation browsers, such as the popular Firefox, have typically been seen as more secure than IE, which has suffered many security problems in the past. Mitchell Baker, president of the foundation, said earlier this year that its browsers were fundamentally more secure than IE. She also predicted that Mozilla Foundation browsers would not face as many problems as IE, even as their market share grows.

Symantec's Internet Security Threat Report Volume VIII contains data for the first six months of this year that may contradict this perception.

According to the report, 25 vendor-confirmed vulnerabilities were disclosed for the Mozilla browsers during the first half of 2005, "the most of any browser studied," the report's authors stated. Eighteen of these flaws were classified as high severity.

"During the same period, 13 vendor-confirmed vulnerabilities were disclosed for IE, eight of which were high severity," the report noted.

The average severity rating of the vulnerabilities associated with both IE and Mozilla browsers in this period was classified as "high", which Symantec defined as "resulting in a compromise of the entire system if exploited."

The Mozilla Foundation did not immediately respond to requests for comment.

Symantec reported that the gap between vulnerabilities being reported and exploit code being released has dropped to six days on average. However, it's not clear from the report how quickly Microsoft and Mozilla released patches for their respective vulnerabilities, or how many of the vulnerabilities were targeted by hackers, though Microsoft generally releases patches only on a monthly basis.

Symantec admitted that "at the time of writing, no widespread exploitation of any browser except Microsoft Internet Explorer has occurred," but added that it "expects this to change as alternative browsers become increasingly widely deployed."

There is one caveat: Symantec counts only those security flaws that have been confirmed by the vendor. According to security monitoring company Secunia, there are 19 security issues that Microsoft still has to deal with for Internet Explorer, while there are only three for Firefox.

The report also highlighted a trend away from the focus of security being on "servers, firewalls, and other systems with external exposure." Instead, "client-side systems--primarily end-user systems--(are) becoming increasingly prominent targets of malicious activity."

Web browser vulnerabilities are becoming a preferred entry point into systems, the report stated. It also highlighted the trend of hackers operating for financial gain rather than recognition, increased potential exposure of confidential information, and a "dramatic increase in malicious code variants".

Tom Espiner of ZDNet UK reported from London. CNET News.com's Joris Evers contributed to this report.

Not for commercial use.  For educational and discussion purposes only.


TOPICS: Business/Economy
KEYWORDS: firefox; mozilla; propaganda
Navigation: use the links below to view more comments.
first previous 1-20 ... 181-200201-220221-240 ... 261-264 next last
To: ShadowAce
I find it so funny how much energy GE, and c4q put into trying to pick fights and then claim they are not trolls... I love threads when they donut show up, they play with each other (take that to mean what you will) trying to get others on this thread.. I go away for a day and they get lonely.
201 posted on 09/21/2005 7:07:19 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 185 | View Replies]

To: softwarecreator
I worked on a project for a Ford affiliate where they used excel as their only data storage unit and backed up nothing.

Well, it's not like storage is cheap, or anything like that. ;-)

Saw a 1-gig jump drive for $60 this week. Wonder how much they paid you to try to recover their data, divided by 60? ;-)

202 posted on 09/21/2005 7:09:25 PM PDT by an amused spectator (If Social Security isn't broken, then cut me a check for the cash I have into it.)
[ Post Reply | Private Reply | To 149 | View Replies]

To: N3WBI3
Actually I have conceded that Linux and other OS's have good security features about them. However, I haven't ever heard you say the reason they aren't exploited as much is partly because of the install base.

Now keep in mind this is Linuxworld we're talking about. You know when a product like FF has more bugs than IE and it doesn't get exploited as much can be only one of two reasons. One the hackers don't want to waste their time attacking firefox because there's not enough notoriety in it. Or the hackers are supporters of firefox.

203 posted on 09/21/2005 7:10:47 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 197 | View Replies]

To: N3WBI3

I'm not here to pick fights, I'm here to correct the record from all the BS you boys post. Ever going to admit you were lying when you went on for weeks insisting Microsoft was ending all Windows 2000 support? Haven't yet.


204 posted on 09/21/2005 7:12:03 PM PDT by Golden Eagle
[ Post Reply | Private Reply | To 201 | View Replies]

To: for-q-clinton
No, what I was saying is that the premise that 'people don't bother' will small market shares is incorrect, I went so far as to provide a concrete example of where someone *DID* bother with a tiny market share.. This applies more to the anti mac folks than the anti linux folks but it does apply both places. If linux and MS had 50% of the market share linux would get hit alot more but not, in my opinion, as much as windows because of architecture issues. Maybe long horn will equalize that, MS has made great strides of late and if they continue down this path fix a few more things it will be a push..
205 posted on 09/21/2005 7:13:11 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 200 | View Replies]

To: for-q-clinton

I dont care one way or the other, whats your take on Bill gates giving money to planned parenthood? how much have you given?


206 posted on 09/21/2005 7:13:51 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 199 | View Replies]

To: for-q-clinton
This thread reminds me of the Oracle "Unbreakable" ads.

LOL! I actually have a pretty nice "Unbreakable" ballcap that I got as "graft" a few years back. Nobody knows what it means. ;-)

207 posted on 09/21/2005 7:16:28 PM PDT by an amused spectator (If Social Security isn't broken, then cut me a check for the cash I have into it.)
[ Post Reply | Private Reply | To 169 | View Replies]

To: for-q-clinton
Actually I have conceded that Linux and other OS's have good security features about them. However, I haven't ever heard you say the reason they aren't exploited as much is partly because of the install base.

You must not have been on those threads, usually I am addressing somebody saying 'when linux has .... it will be just as bad' which completely ignores the huge issue of engineering. at those times I dont bother with market share because its not what I am addressing, but I never say its all about engineering, just that engineering is more important..

208 posted on 09/21/2005 7:16:51 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 203 | View Replies]

To: N3WBI3

Actually "people" don't bother. One idiot writing a hack doesn't make "people". So you're implying (or at least one of the ways many people take what you're saying) is that people will attack all systems given an opportunity. And that's just not the case. People will attack for a couple of reasons and the biggest is notoriety. So with a small user base you protect yourself via obscurity.

As far as would linux get hacked more if it had a larger user base, I give an emphatic heck yeah! Think about all that crap on a linux distro that users would install because they don't know what they are doing. The bigger the user base the bigger pool of idiot users you have. They will install everything and they won't patch it. So Linux distros would be exploited even worse than Windows.


209 posted on 09/21/2005 7:18:02 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 205 | View Replies]

To: N3WBI3

Bunk, change the current user bases between Linux and Windows and # of exploits would switch as well. Perfect reason being you can take a Windows box, load the patches on it, run as a normal user, and that box is as hack proof as any Linux box there is. There's nothing major different between the two now but typical user and user rights, to claim otherwise is obvious fanaticism.


210 posted on 09/21/2005 7:18:04 PM PDT by Golden Eagle
[ Post Reply | Private Reply | To 205 | View Replies]

To: for-q-clinton
People will attack for a couple of reasons and the biggest is notoriety.

Yea what notoriety would there be in taking down google and amazon..

211 posted on 09/21/2005 7:20:07 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 209 | View Replies]

To: N3WBI3
I dont care one way or the other, whats your take on Bill gates giving money to planned parenthood? how much have you given?

I hate it! He does a bunch of liberal junk I don't like; however, he's definitely not a communist. And he sure as hell doesn't wear pro-communist t-shirts and propaganda.

I find it amazing you don't care about the communist ties in their advertisements. That says a lot!

212 posted on 09/21/2005 7:21:14 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 206 | View Replies]

To: N3WBI3

When Google and Amazaon have a desktop OS let me know.


213 posted on 09/21/2005 7:22:54 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 211 | View Replies]

To: N3WBI3

Easy, hackers hate "M$", and love open source. Especially in foreign countries where the worst of this crap comes from.


214 posted on 09/21/2005 7:23:29 PM PDT by Golden Eagle
[ Post Reply | Private Reply | To 211 | View Replies]

To: for-q-clinton
he's definitely not a communist.

No he just gives money to a group founded by a Nazi Eugenicist

And he sure as hell doesn't wear pro-communist t-shirts and propaganda.

Nor do I, whats your point?

I find it amazing you don't care about the communist ties in their advertisements. That says a lot!

It says that Unlike some people (you, GE, and the tee shirt wearing communist idiots) I can tell the difference between software and politics, even if howard dean cant..

215 posted on 09/21/2005 7:24:49 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 212 | View Replies]

To: N3WBI3
Nor do I, whats your point?

The heads of your favored browser are wearing pro-communist shirts and that doesn't bother you...that's my point.

216 posted on 09/21/2005 7:26:01 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 215 | View Replies]

To: for-q-clinton
Would defacing Google to say 'n3wb p0wn3d g00gl3' get notoriety. Are are you saying there is only *one* way to get it.

See I say its engineering and market share, you say its just market share..

217 posted on 09/21/2005 7:26:19 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 213 | View Replies]

To: for-q-clinton
And the head of your beloved MS gives money to a group founded by a nazi eugenicist..
218 posted on 09/21/2005 7:27:13 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 216 | View Replies]

To: N3WBI3
See I say its engineering and market share, you say its just market share..

Nope, you're mixing apples and oranges and forgetting about pineapples. The biggest factor of them all is operations. If you don't properly manage your systems (UNIX, Linux, Apple, Windows, etc...) you're in danger of getting hacked.

Now if you're slow to patch you're more at risk if you're running an OS with a large market share because script kiddies will be able to exploit your box.

219 posted on 09/21/2005 7:32:13 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 217 | View Replies]

To: N3WBI3

Gives most of his money to fight diseases. If only he would give his software away, you'd be singing his praises.


220 posted on 09/21/2005 7:33:17 PM PDT by Golden Eagle
[ Post Reply | Private Reply | To 218 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 181-200201-220221-240 ... 261-264 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson