digg

Facebook Connect Join Digg About

Firefox -- new target for hackers?

desktoplinux.com Given that Firefox has already entered double-digit market share territory in just one year, grabbing users from Microsoft's Internet Explorer, is it logical that hackers will increasingly target Firefox with a whole host of exploits?

Who dugg this? Made popular Dec 10, 2005

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

52 Comments

show profanity settings
expand all
  • Craig1394, on 10/12/2007, -0/+2A friend of mine picked up a baddass virus/browser redirector/hijacker from YousendIt that totally ***** up Firefox and IE at the same time. So, while Firefox is better than IE, it is still fragile.
  • umterp09, on 10/12/2007, -0/+2Firefox is not an inherently "safer" browser, and you shouldn't stamp it as such. The reason Firefox is safer is not because noone can crack it. They have access to the sourcecode for heaven's sake, but the fact that the Mozilla Team can issue bug patches and fixes overnight. The worm/virus won't last for months on end if every browser is patched up. Microsoft's IE browser is fine (albeit less featurefull). They just don't know how to timeline and release security updates.
  • SuperSloth, on 10/12/2007, -0/+2No. Security through obscurity is the worst security model.

    IE is insecure because it was designed in an era when security was not an issue. IE 6 is based off of IE 5, which dates well back to the pre-broadband days. The entire thought process for security behind IE 6 is ancient, and that's it's problem.
  • solodigg, on 10/12/2007, -0/+1It seems to me that the geek community (us) make up a large part of the Firefox user base. Being that we constantly have our finger on the pulse of technology (slashdot, digg, delicious) I think we're much more aware of any exploits in the wild, sometimes we even get a heads up on just a proof of concept, and usually there's a fix offered in the comments of the news itself.
  • Skrag, on 10/12/2007, -0/+1Some would argue that Firefox is 'safer' which is definitely true ;) but I could still see fake extensions/themes popping up sometime soon...
  • Snorkeldick, on 10/12/2007, -0/+1I'm surprised that the Allowed Sites list for installing XPIs hasn't been taken advantage of yet.
  • inactive, on 10/12/2007, -0/+1Firfox has alread proven that it is not "perfect" by any means. Every other week it seems there is a new bug or security issue found, but the Mozilla team does usually fix the issue within days if not hours.

    Now I do believe that if the market share increases, even more issues will be found, proving that the "more eyes on the code" point of view is utter BS.

    Do I use IE, well only at work as we have to, and it's all FF at home, though my wife hates FF and uses IE because most of her sights don't work "right".

    The only thing that FF has over IE right now is tabs and security and the latter is completely market share related.

    It's a misconception to think that "any hacker trying to gain street cred, is going to hack FF just for the sake of doing it." That's BS, any "hacker" who is taking the time and effort to "hack" somthing is doing it for the MONEY, and there is no money in hacking FF at the moment, but a ton of money if you can exploit the most popular browser and allow x amount of spammers and spyware companies in...
  • antiwmac, on 10/12/2007, -0/+1and firefox is powered by hackers.
    it's opensource!
  • JMJimmy, on 10/12/2007, -1/+2The author contradicts himself in the article, version 6 of a product that has been around for years and years has 86 problems... version 1.5 of a product has 25 issues (known, I'm sure several unknown as well) and as Emilio stated, it also gets rid of a good chunk of spyware issues. To me that makes a far better product.

    The other thing that makes it a far better browser is that
    a) fixes are released a lot faster for many problems (though as with the OSX mouse problem not all)
    b) with the source code available to all there are only these 25 known issues - if the source for IE was known I'd hate to see how many more ppl could come up with.

    Additionally, this idea of things not being a target for hackers because they don't get a lot of usage is total bs - hackers will more likely be the ones on the front end of the technology finding the exploits in new technologies and taking advantage of them for as long as possible - it probably takes longer to detect the fact that hackers are taking advantage of the new techs because there are so few ppl using them to create a viable incident comparison to track them down.

    not that it matters lol - I like FF for its extentions regardless of which browser is "most" secure
  • Handcannons, on 10/12/2007, -0/+1************************
    I dont see why hackers would try to exploit firefox. I mean I believe firefox pays people to find errors in its security...but really, why would hackers target open source freeware?
    ************************

    "hackers" would target Firefox for the same reason they target IE - because they want the attention/fame/notoriety. You don't think they mostly target IE because Microsoft is evil or some other juvenile reason do you? They go after IE because exploiting IE has the biggest and most visible impact.
  • karamba_kid, on 10/12/2007, -0/+1"The author contradicts himself in the article, version 6 of a product that has been around for years and years has 86 problems... version 1.5 of a product has 25 issues (known, I'm sure several unknown as well) and as Emilio stated, it also gets rid of a good chunk of spyware issues. To me that makes a far better product."

    Where do you get 25 known issues from I only see 3. http://secunia.com/product/4227/
  • carpespasm, on 10/12/2007, -0/+1"Why does MS even care if people are using IE. It's not like they make money off it."

    They care how many people use IE because if they are doing so, they may be using the default homepage not knowing how to use it. i have seen many poeple who never liked msn who had it as their home page for lack of knowing how to change it. seeing the MSN page loaded with ads generates ad bucks for MS off of this sometimes captive audience. It also allows them to try and get you using some of their other products and services which are not free.

    when someone defects from IE, they're probably not going to MSN.com much anymore, as well as the fact that realizing that "internet explorer" isn't the term used for anything that lets you browse web pages is potentially dangerous. it could lead to other ideas of "i wonder what other software is replaceable, or to the user seeing how behind the times IE is and possibly thinking about the idea that other MS soft is as behind the times. dangerous thoughts for the revenue streams those.
  • buckdog05, on 10/12/2007, -0/+0Why does MS even care if people are using IE. It's not like they make money off it.
  • lollerskates, on 10/12/2007, -0/+0It's simple. Once FF has enough people aiming for it, we'll just move on to Opera. And then to Safari or Konqueror or something.
  • LR2_, on 10/12/2007, -0/+0I dont see why hackers would try to exploit firefox. I mean I believe firefox pays people to find errors in its security...but really, why would hackers target open source freeware?
  • burndive, on 10/12/2007, -0/+0"How are Firefox Plug-ins (not extensions) any less dangerous than ActiveX?"
    -M$Whore

    See here:
    http://en.wikipedia.org/wiki/Activex#Internet_Security
  • Aynatix, on 10/12/2007, -0/+0Linux -> None
    OS X -> None
    Windows/Firefox -> Spyware problems solved after dumping IE, virus problems remain
    Windows/IE -> Tough luck, don't call me with your spyware/virus problems
    ---
    You piss me off. Your ugly.
  • mojaam, on 10/12/2007, -0/+0Maybe... extentions is a great portal for hackers... who knows though. We'll just have to wait and see.
  • harley999, on 10/12/2007, -0/+0*****!
  • cokebottletuque, on 10/12/2007, -0/+0As far as viruses and spyware on windows goes you only have to worry about them long enough to set up anti virus / anti spyware programs. compared to hunting down possibly non existent drivers on Linux. I'm not saying Linux is bad just that it requires a more technical user, and that a user capable of installing Linux can probably handle keeping a XP system clean. as far as OSX goes I have not used it so i wont judge it.
  • dshigure, on 10/12/2007, -0/+0Of course it's a target for hackers!

    It's open source, so every hacker is free to write extensions, patch bug fixes, code late nights on 3 bottles of Jolt, steal your credit card numbers, and use the "mp3" program to steal music from your stereos.

    Damn, these hackers make me sick :-P


  • gollux, on 10/12/2007, -0/+0Firefox will be targetted just like all the other applications that are being tested for vulnerabilities. As Microsoft tightens up on security, prepare for everything else that programmers have decided needs to have unneeded internet access to become an infection vector. Veritas Backup Exec anyone?
  • waful, on 10/12/2007, -0/+0I could definitely see that happening, maybe not until even more people use firefox, but it is something that will probably happen eventually.
  • ReinMasamuri, on 10/12/2007, -0/+0I think this simply won't happen. No major virus writer would impliment something that could easily be patched the next day. IE doesn't do this, Foxfire releases a fix the next day.
    I just wouldn't be feasible to spread a virus that way.
  • penguindude15, on 10/12/2007, -0/+0I use safari it is much better for you on the mac.
    But, for you people using a windows computer, fire fox is the best.
    That pritty much sux for you guys
  • nukethewhales, on 10/12/2007, -0/+0"Active Server Pages error 'ASP 0126'

    Include file not found

    /article2/0,,1892675,00.asp, line 565

    The include file '/component/util_generate_article_discussion_info/0,1460,a=166086,00.asp' was not found.

    "

    This is what I get when I try to read the whole article.
  • compu73rg33k, on 10/12/2007, -0/+0Sure Firefox has many holes and bugs that are right now not known of. But when they are exploited, there are thousands of people around the world hurrying to fix it overnight. Over in M$ land they take their sweet time and don't give a *****.
  • skwirlinator, on 10/12/2007, -0/+0Damn idiots ruin it for the rest of us. THanx for nothing- why don't you use that intelligence to make this a better world for all of us to live in? No Digg as a matter of fact-Digg it and throw the dirt at the hackers!
  • procras, on 10/12/2007, -0/+0just because it's "open source" doesn't mean every change to the source is accepted. They are still moderated. But any hacker can download the source and look for holes to exploit with various types of malware, including malicious extensions.
  • Pooavenger, on 10/12/2007, -0/+0the only reason firefox is "safer" is because it isn't a target. now that it's the IT browsers all you people are going to eat ***** once your so-called "safe" browsers gets jacked up.
  • x2dx, on 10/12/2007, -0/+0Firefox is safer because it gets patch if a exploit comes out.
    Internet Explore will get patch once a month if its lucky.
  • RandomInsano, on 10/12/2007, -0/+0In one word. Yes.

    In two words? Use Opera.
  • kpmcse, on 10/12/2007, -0/+0Hackers should not be confused with script kiddies. The script kiddies exploit the ignorance of end users and rarely create anything original. TRUE hackers exploit systems to compromise data. True hackers also do not want to end up on the 5 o'clock news. For those that have been around the computer industry for a while you will probably remember when UNIX was known as the "Hackers Paradise". They were happy when Microsoft came into the market so they could take a break.

    If you look around you will find exploits for everything that a lazy programmer codes. Personally, I feel more at risk using an app where every hacker has access to the source code. Either way, I love hackers for all browsers and OS's. They keep me employed! :)
  • denatoc, on 10/12/2007, -0/+0@aardvark1878:

    Just because a patch is released, though, doesn't mean that it will be applied. I've seen countless computers running FF ...0.9.5. Your average John Doe doesn't realise the seriousness and/or even know _how_ to update..

    Forgive me if there are any misspelled words, etc .. 1:24am.
  • jboi, on 10/12/2007, -0/+0Just ask myself to what kind of websites u guys are surfing to...
    All i get is "bad cookies".
  • pingviini, on 10/12/2007, -0/+0well, we all could just go back to text based and use links2. If you are really worried about security/spyware-free, you could switch to another operating system (ends with an X and isn't XP)
  • steved3298, on 10/12/2007, -0/+0This theory has been disproved hundreds of times. Popularity does not mean more targeting. Apache is the leading server software and hackers still target IIS more. The Firefox team and community has also been much faster at responding to exploits and fixing them, so even if hackers start targeting it more, the exploits will be fixed either by Mozilla or the community.
  • Capand, on 10/12/2007, -0/+0yes
  • inactive, on 10/12/2007, -0/+0most people who r exploiting ie are trying to get u 2 switch to ff or linux
  • diggnationdevon, on 10/12/2007, -0/+0Yes. It is now a new target for hackers, along with IE. Firefox is getting more and more insecure.
  • inactive, on 10/12/2007, -0/+0We'll see if the "The more marketshare you have the bigger the target" theory is true. Right now the only thing that can be applied to is Windows andeven then there's a question. No one can prove that Mac OS X is more secure because of less marketshare because nobody has a controlled situation because the Mac OS started out with nominal marketshare. We'll see now if the marketshare theory is true because now we have something of a foundation. IE, through Windows has gained marketshare by virtue. Now that it's losing it we'll see if there is a trend. And we'll see if it's bad coding or marketshare that is the Achilles' heel.
  • fdv1, on 10/12/2007, -0/+0Wow! A lot of cluelessness abounds.
    Here is why IE 6 will always be less secure:
    http://blogs.msdn.com/ie/archive/2005/12/07/501075.aspx
    It's written by the IE DevTeam and explains succincly why IE is such a problem and FF cannot be a problem in the same way, as implied or stated in may of these posts.
    Plain and simple, FF doesn't have 'zones' that software can traverse.
  • jsnkc, on 10/12/2007, -0/+0I hope so..then people will stop thinking it's the best thing in the world when it really isn't.
  • redguy, on 10/12/2007, -1/+0if the user is Dumb or a pr0n addict, no browser or system is secure untill he disconnects from the internet.
  • sabotage10, on 10/12/2007, -1/+0IE is the piƱata only because its the most popular. The more firefox spreads the more attacks it will receive.
  • M$Whore, on 10/12/2007, -1/+0How are Firefox Plug-ins (not extensions) any less dangerous than ActiveX?
  • shiftless, on 10/12/2007, -1/+0It really depends on the person behind the browser and how gullible they are. Are Firefox users smart enough to catch on and avoid such exploits and will the Firefox developers continute to be vigilant in providing fixes for security threats?
  • inactive, on 10/12/2007, -3/+1Microsoft has been desperately try to spin the security nightmare that is IE as being due to 'being so darn popular.'

    Every pathetic little Microsoft fanboy has been constantly trying to find any thing they can to try to support that sad bit of damage control.

    Also, there is nothing more sad that admitting you are an IE user on the Net. Needless to say IE users are some bitter ***** these days and have been lashing out at Firefox in retarded bits of "you're browser sucks as much as mine" tantrums.

    Sypware/Virus Problems broken down by people I know and work with:

    Linux -> None
    OS X -> None
    Windows/Firefox -> Spyware problems solved after dumping IE, virus problems remain
    Windows/IE -> Tough luck, don't call me with your spyware/virus problems

  • aliendave, on 10/12/2007, -2/+0Hackers like firefox.
  • Fetching more discussions...
    Show 51 - 53 of 53 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.