Serious security flaw found in IE

[Andrea]

The Article

[administrator]

.. Here we go again.

 

 

Stef

[Bill]

What???!!! A security flaw in IE.... I find that hard to believe!

[monkeysaurus]

Interesting that on the same day Mozilla released Firefox 3.0.5, which fixed 8 security loopholes that had been alive for around a month. (Three of those were rated critical). I didn't see that reported on BBC news.

 

I'm all for a bit of Microsoft bashing, but let's not kid ourselves that any browser is 100% secure - that's a sure way to get your credit card details stolen.

Edited December 22, 2008 by monkeysaurus

[newseed]

Interesting that on the same day Mozilla released Firefox 3.0.5, which fixed 8 security loopholes that had been alive for around a month. (Three of those were rated critical). I didn't see that reported on BBC news.

 

I'm all for a bit of Microsoft bashing, but let's not kid ourselves that any browser is 100% secure - that's a sure way to get your credit card details stolen.

Whoever dominates the market are going to get the bashing whether it be MS or Mozilla. Right now, it's MS.

 

As for hackers...what's the point in creating havoc with just the small market share software when you can make news exploiting the big boys!

[administrator]

Whoever dominates the market are going to get the bashing whether it be MS or Mozilla. Right now, it's MS.

 

As for hackers...what's the point in creating havoc with just the small market share software when you can make news exploiting the big boys!

 

True.

[monkeysaurus]

Almost 1.5 billion people use the internet. (source).

 

Firefox's market share is conservatively estimated to be 28% (source)

 

That's 409,817,061 reasons to exploit the small market share software!

 

I hear what you're saying. My point is just that no-one can afford to be complacent when it comes to security. Or, to your point, rely on security though obscurity.

 

(edit - that firefox market share number is for Europe - actual market share is probably closer to the 21-22% range, but still - I stand by my point.)

Edited December 22, 2008 by monkeysaurus

[lwsimon]

How long does it take, on average, for MS to fix critical bugs, versus Mozilla?

[monkeysaurus]

Here is a list of the latest critical security issues for firefox, when they were reported, and when they were fixed:

 

Bug id 451680 - reported 21/8/2008 - fixed 16/12/2008

 

Bug id 464998 - reported 14/11/2008 - fixed 16/12/2008

 

(Can't find info for the third critical bug, here's some more info going back to the last few releases)

 

Bug id 456896 - reported 24/09/2008 - fixed 12/11/2008

 

Bug id 436741 - reported 31/05/2008 - fixed 23/09/2008

 

Draw from these whatever you want. You can browse release notes here.

 

Microsoft list their security bulletins here, but they don't make a whole lot of sense to me - I can't find any dates. I wouldn't think they'd take much longer than the dates listed above, though.

 

That's actually one of the things I love about open source; the process is transparent, and there are many more pairs of eyes looking at the code. That's why I use open source, not because I believe I'm 100% safe.

[administrator]

There is one thing I can tell you ... Firefox on the Mac is terrible.

 

... Crashes all the time.

 

Stefan

[DesignBySLS]

I actually preferred the "2" roll outs but it is still better than IE. Then again I equated IE to having a nice table set for dinner and noticing there was something "unpleasant" left by the family puppy hidden by the edge of the table cloth.

[newseed]

Almost 1.5 billion people use the internet. (source).

 

Firefox's market share is conservatively estimated to be 28% (source)

 

That's 409,817,061 reasons to exploit the small market share software!

 

I hear what you're saying. My point is just that no-one can afford to be complacent when it comes to security. Or, to your point, rely on security though obscurity.

 

(edit - that firefox market share number is for Europe - actual market share is probably closer to the 21-22% range, but still - I stand by my point.)

My post was never intended to state that no one has to worry about FX or that FX is safer than MS. The point here is that you are going to hear about it (by media headlines) when it comes to MS security flaws versus FX.

[thbp]

i hate ie it just plain out s*cks i believe (though im kinda of a mozilla fan boy)

[lwsimon]

There is one thing I can tell you ... Firefox on the Mac is terrible.

 

... Crashes all the time.

 

Stefan

 

Have you tried Camino?

 

My understanding is that it is the render engine from Firefox (Gecko), but all of the interface is native to Mac. I've heard its much more stable. I don't have a Mac, or I'd test that theory

[tpattison]

There is one thing I can tell you ... Firefox on the Mac is terrible.

 

... Crashes all the time.

 

Stefan

Tried a new profile or safe mode?

 

I actually loved IE6, thought it was the beast thing around until I happened to stumble across the "Smallest, fastest and most secure" browser that is now Firefox.

 

Actually, after all the hype that Fx3 was faster and used less memory, I found that it was worse in both areas than Fx2.

 

Have you tried scrolling pages with fixed background images in Firefox 3, terribly slow.

[lwsimon]

Actually, after all the hype that Fx3 was faster and used less memory, I found that it was worse in both areas than Fx2.

 

Have you tried scrolling pages with fixed background images in Firefox 3, terribly slow.

 

I'm to the point now where I use Firefox only for development tasks. I use Chrome for my personal browsing, as I like the interface and can overlook the shortcomings. In Linux, I use Kazehakaze sometimes, and will probably end up using Chromium if and when it becomes stable.

[administrator]

On the Mac I will flip between Firefox and Safari. On PC I use Firefox but test on IE7.

 

Stefan