What is Digg?56 Comments
- notkevinrose, on 10/12/2007, -1/+3as soon as Symantec releases a decent program i'll listen to them
- zbeast, on 10/12/2007, -1/+2Firefox defects that will be fixed in a timely manner.
IE. Where did all all this payware some from.
From my personally experience. I'm simply afraid to use IE except on the most public of websites. CNN, Microsoft's own website and a few others.
I run all the current patches, I have anti-spy-ware, anti-virus and still if I visit the wrong site. IE's gets hacked and attracted.
Also firefox has a better feature set. I love the plug-in's and ad blocking.
something you'll never seen as a "feature" in IE. - motionblur, on 10/12/2007, -0/+1Lame flamebait from Symantec.
- steal_apps01, on 10/12/2007, -0/+0Wait... dosen't m$ own shares in symantec, hmmm sounds a little fishy to me.
- fu_fish, on 10/12/2007, -1/+1A few things that Symantec didn't mention:
1 - IE is so tightly coupled with the OS that security problems are usually more severe.
2 - Time-to-fix. Mozilla tends to release patches MUCH faster than MS. - jasqwerty, on 10/12/2007, -0/+0@Ssullivan
I was responding to something from "TempusRob":
"And?
Of all the Moz vulns, how many granted access to the user's data or allowed execution of arbitrary code? "
They have existed, and you have been seriously at risk the entire time you douchebag zealots. LOL!!!!
Funny how TempusRob never responded back, maybe his head exploded. - CreepingDeath, on 10/12/2007, -1/+1mushroom, ever TRIED to uninstall IE completely? You can't. Its tied to the core OS.
Try this, open up my computer, and in the address bar where it says "My Computer" type in http://www.digg.com. IT dosn't even have to relaunch the window, so the browser is tied to windows explorer at the very least. - wthnow, on 10/12/2007, -0/+0active x has no point. should be discontinued.
- modeps, on 10/12/2007, -1/+1I may be completely wrong, but I would think that thanks to IE's OS integration that even if Firefox has MORE vulnerabilities, IE's issues are worse.
"OMG I just h4x3d Firefox so my own website is the user's homepage!"
vs
"OMG! I just installed software that completely shut down that dude's system!" - fozzcorp, on 10/12/2007, -1/+1When you go into the control panel and the Add/Remove programsn then windows components it does have the option to uninstall IE but I think that only disables the web browser part of it. It doest actually uninstall anything. Its like when you uninstall Windows messenger, it doesn't show up in the programs list anymore, but the process for it still starts up...
- Robstah, on 10/12/2007, -0/+0http://www.vorck.com/remove-ie.html
Problem solved. I have Windows 2000 running on a 233Mhz Pentium MMX /w 64MB RAM Tablet PC using Firefox as the main browser. It still out performs my brother's P4 3.2Ghz /w 512MB RAM and it never bogs down. I have yet to restart it at all. That says a lot about Internet Explorer as a piece of software. I also used to temp for a company with a service based website, where 98% of the userbase had Norton Internet Security installed. Talk about a waste of time trying to configure it to work. It would work on half the machines and not even bother to try on the other ones. We would have to disable the POS 9 out of 10 times. - wintermute0, on 10/12/2007, -1/+1Coming from the company that makes a security suite that alternately allows intrusions or completely prevents the end user from visiting webpages...
They also fail to mention that those in the alternative-browsers niche are also more likely to use another security suite, spyware scans, and update their software and you have a really skewed article. - JimLunsford, on 10/12/2007, -0/+0I don't really comment much here at Digg but I thought I would on this one. I think the problem here is that Symantec is losing market share (as they should be) and are trying to make themselves relevant by saying that Firefox and Mac OSX is not secure. Creating a panic so that people will come back to their product. It's been done before and it will happen again.
- Jammerdelray, on 10/12/2007, -0/+0I seriously doubt this as far as spyware goes...I've gone to sites that I went to with IE with firefox and no problems with spyware...go there with ie and you get hammered with spyware...etc...sure there are some flaws but mozilla updates their browsers alot faster than microsoft does. I'm very happy with firefox and think microsoft adapting the new firefox browser for their next version of it will only make it even more secure.
- Wang, on 10/12/2007, -0/+0The lowdown - too many people blindly believe they are super-secure because they use FireFox and not IE, then they shamelessly bash Microsoft at every given opportunity.
Fact is - both have large flaws, and browser security can vary from user to user based on your security knowledge and safe-surfing habits. I am a FireFox user - but I am pleased to see a article in IE's favour at last, and would not be at all surprised if what Symantec says is true.
I just think its sad that some people here still go "flamebait blah blah" when if this was a article about FireFox beating IE in the security-stakes the same people would be going "yeah!" and bashing MS IE. - indiefan, on 10/12/2007, -1/+1the only reason IE is still bundled with windows is because it is integrated into the OS. Good luck "uninstalling" it without modifying your shell.
- tempusrob, on 10/12/2007, -0/+0And?
Of all the Moz vulns, how many granted access to the user's data or allowed execution of arbitrary code? Find me a FF vulnerability that allows an attacker to 1) Install/execute software without any user interaction or 2) modify my system's behaviour (i.e. start up/shut down, start/stop processes) and I'll concede that Moz is more vulnerable.
Furthermore, if you RTFA instead of just trying to make sensationalist headlines, you'll see that Moz has far fewer UNPATCHED vulnerabilities than IE.
Explain THAT one. :| - Wang, on 10/12/2007, -0/+0Indeed.
- Ssullivan, on 10/12/2007, -0/+0jasqwerty-
That first vulnerability can only be exploited on *nix and the user has to be fooled to click on a link from an external application for it to work. In *nix you don't run as root anyway so a malicious user couldn't accomplish much anyways.
For the second one, it has to do with IDN URLs. But for this to work a user has to be tricked to visit a malicious web site. Plus this has already been patched, you can even do it yourself by setting "network.enableIDN" to false.
That third one is really old and has been fixed.
That last one has also been fixed. How lame is it to dig up old firefox vulnerabilities,let's dig up old IE vulnerabilities and see who has worse security. - wolfjack, on 10/12/2007, -1/+0Yeah but you forgot to mention that a third party security monitoring company state that Microsoft has an additional 19 that they haven't confirmed while Mozilla has 3.
- DaviDK, on 10/12/2007, -2/+1Rejoice Microsoft minions, now we have ammo for your trivial debates.
- andrei, on 10/12/2007, -1/+0Eighteen of these flaws were classified as high severity.
- MarkByers, on 10/12/2007, -1/+0Unpatched vulnerabilities:
Internet Explorer: http://secunia.com/product/11/
Firefox: http://secunia.com/product/4227/ - gandell, on 10/12/2007, -1/+0It truly doesn't matter to me. If people want to continue using IE, that's fine. And when Active X allows a compromise of their system and they have to call me to fix it, I'll be glad to install Mozilla.
I'm with several people here...Symantec's security suite is the most useless piece of trash I've ever had the horror of uninstalling. They should know better than to release 2bit results like this without examining the bigger picture.
Trend Micro or even Free AVG over that. - Koushiro, on 10/12/2007, -1/+0So long as Firefox doesn't have Active X, there is little to worry about. :P
- CreepingDeath, on 10/12/2007, -1/+0I'd like to see a side by side comparison of the vulnerabilities, too. I'd bet most of Firefox's are things like "blah blah blah would let the attacker trick the user into visiting X site when they though it was Y", which is bad, and needs fixed, but not nearly as bad as "blah blah blah would let the attacker have full control of the end users pc and run completely arbitrary code at a system level" which is where most of IE's flaws seem to fall.
I wish I had the time to compile said list myself, but alas, I won't till the weekend at best. - alarion, on 10/12/2007, -1/+0Symantec is the laughing stock of the security community for good reason.
The reason there are "less" flaws in IE? Because we have already found how many hundreds in the past couple years?
If you pull back and synch the beginning of Firefox's lifecycle up with that of IE, you will probably notice IE has many many many more security flaws in the same time span. The reason we are finding less and less with IE is because we have already found the bulk of them, and many of them were critical. - vann, on 10/12/2007, -1/+0That's like saying the guy who admitted to a hit and run is more likely to kill than the serial killer because there's no concrete evidence he did it.
A better metric for security is the number of unpatched critical bugs, which we'll never, ever get from Microsoft. - inactive, on 10/12/2007, -1/+0Yeah, OK... I'll believe it when I see it.
- almostmanda, on 10/12/2007, -1/+0Typical Mozilla flaw: someone might be able to see the last ten entries of your history.
Typical Microsoft flaw: someone might be able to take over your entire system and steal your personal information.
This study is highly flawed because Mozilla makes all of its bugs public and fixes the severe ones within a couple of days. Microsoft does not publish most of its vulnerabilities because they don't fix them fast--some bugs are as much as SIX YEARS old. You can't compare the two because they have different philosophies regarding security. If I have 8 apples, and you don't tell me how many apples you have but I've only seen you eat two, I still can't assume that I have more. - inactive, on 10/12/2007, -1/+0I wonder when Symantec received Micro$oft's check...
- mushroom, on 10/12/2007, -1/+0integrated:To make into a whole by bringing all parts together; unify.
im worng i guees it is integrated but its easy to get rid of it - mflagler, on 10/12/2007, -1/+0Related to the Opera digg, and CreepingDeath's post on security, here's the Opera issues - 0 unpatched
http://secunia.com/product/4932/ - Memo, on 10/12/2007, -1/+0Firefox may have security issues but they are fixed faster and better than their IE counterparts. It's that simple.
- Jaymoon, on 10/12/2007, -1/+0How do they determine the security flaws? Cause with IE obviously it's a flaw that allows access to your data, and/or being able to comprimise Windows.
But since Firefox is cross-platform, what if somebody on Linux is using Firefox, and they visit a malicious site? Does it like steal their passwords in the Pass manager? - manfesto, on 10/12/2007, -1/+0I believe the workaround for the last Mozilla vulnerability was released within six hours of it being found, with the patch by the end of the day. Since 1.0 was released, I don't think any vulnerability was out for longer than maybe a week before a patch or workaround came out.
One must also consider that Firefox is open source, almost guaranteeing that, with that many eyes poring over the code, more vulnerabilities are going to be found. All the better I say - as everybody else has pointed out, this means these vulnerabilities will be patched quicker. That is why I don't feel like a liar stating that Firefox is more secure than IE. No browser is perfect, but I feel better using a piece of software that has a great track record for patches as opposed to a product that still to this day acts as a gateway for non-techie people to infest their computers with spyware and viruses when they hit fake porn sites.
Or use Opera, which I think has zero vulnerabilities at this moment. - ntufar, on 10/12/2007, -1/+0I switched to Opera today. Keyboard are a bit awkward but I guess I will get used to it.
- Nullifidian, on 10/12/2007, -1/+0NoDigg because anything symantec puts out is second rate.
- apotropaic, on 10/12/2007, -1/+0@mushroom - Go ahead and delete/uninstall IE, since you say its so easy... then again, open up My Computer and type in a web address... and you will say... WTF?! cause IE will open.
- mousky, on 10/12/2007, -1/+0Gandell: Not quite correct. Internet Explorer is the graphical shell for the MS web browser. What you see when you type in www.google.com into explorer or my computer is mshtml.dll. A number of 3rd party apps (Musicmatch for example) use mshtml.dll to render web pages.
- monolith, on 10/12/2007, -1/+0Also I think that the fact that I can fix the bugs myself if I have to is a bonus for FireFox.
- jasqwerty, on 10/12/2007, -1/+0http://secunia.com/advisories/16869/
" be exploited to execute arbitrary shell commands"
(This is even in *nix)
http://secunia.com/advisories/16764/
"Successful exploitation crashes Firefox and may allow code execution"
http://secunia.com/advisories/16043/
(This one has a bunch of:)
"Successful exploitation allows execution of arbitrary code."
http://secunia.com/advisories/15292/
"A combination of vulnerability 1 and 2 can be exploited to execute arbitrary code."
http://secunia.com/advisories/14938/
(Multiple ones again)
"Successful exploitation may allow execution of arbitrary code."
etc....
When Mozilla has a bug it has a SERIOUS SYSTEM DAMAGING bug dude. IE is the one with stupid exploits that change your homepage and such, if you disable ActiveX.
So...
STFU TempusRob, no one likes a retarded zealot. LOL!!!
(I use Opera anyway, pwnz all this ***** so hard. :-D ) - gandell, on 10/12/2007, -1/+0Fozz is mostly right.
"Uninstalling" IE consists of removing a few shortcuts from the start menu. IE still functions. Don't believe it? Try removing it, then open my computer and type google.com into the address bar. Surprise! Internet Explorer opens.
IE is completely embedded in Windows, and you can't remove it without using a 3rd party tool or manually deleting files and editing the registry.
Truthfully, IE's holes may not be any worse than Mozilla's. But with Active X, holes in the app are the least of your concerns. - JoshuaH, on 10/12/2007, -1/+0Firefox's had a bad year
- inactive, on 10/12/2007, -1/+0ok, the whole reason this is true is because IE 6 has been out for how many years? like 4? yeah, that's kind of a lot of time to fix up all the security flaws, and there are still more found every year!
- mousky, on 10/12/2007, -1/+0Let's put this in perspective. First, the article talks about the number of security flaws over a 6-month period. It would be more useful to talk about the number of security flaws since the release of the version (Firefox 1.0 and IE6). Second, I do not recall Mozilla ever stating that Firefox was more secure than IE. Users and reviewers of Firefox, maybe. Final and more importantly is how quickly the developer fixes those flaws. There is no need to turn this into an "us versus them" thread. Competition breeds innovation and improvement.
- steal_apps01, on 10/12/2007, -1/+0flamebait blah blah blah so there u go
- CreepingDeath, on 10/12/2007, -1/+0MSIE 6.x - http://secunia.com/product/11/
Firefox 1.0.x - http://secunia.com/product/4227/
Taking a look at those two pages, it still seems Firefox is much safer the IE, as IE still has major unpatched issues, whereas firefox only has minor unpatched issues.
Wish I'd found these before I posted initially, or could edit my other post, ahh well. - JoshuaH, on 10/12/2007, -2/+0Firefox **
-
Show 51 - 54 of 54 discussions
The Digg Toolbar for Firefox lets you Digg, submit content, and keep track of Digg even when you're not on the Digg site. Download the official 
© Digg Inc. 2009
— Content created and posted by Digg users is