Slashdot Mirror


FireFox as a Security Risk Compared to IE?

A not-so anonymous Anonymous Coward asks: "The administrator at my work gave me the following reason for not using Mozilla. What do you think? 'FireFox is a security risk. Please refrain from using it. Please continue to use IE 6.0. IE is our only supported browser. FireFox saves encrypted pages to disk and does not give you override capability. It also does not allow automatic cache clearing when closing a browser. These are security risks.'" Do any of you have information that could be used to contradict the administrators information on FireFox? Are there configuration options one can reach from about:config that a user can use to address the problem this administrator has cited?

7 of 174 comments (clear)

  1. Depends on your admin by green+pizza · · Score: 4, Insightful

    I worked in an all-Windows shop for awhile. It wasn't too bad and the network and server admins were *very* tuned into the security notices from Microsoft. They would have every machine patched within one business day of the announcement. Maybe your company is the same way, and introducting non-Microsoft software may upset that cycle.

  2. Re:Install it anyway by green+pizza · · Score: 5, Insightful

    Just install it anyway. There's no way that they can tell you're using it, unless they're looking over your shoulder.
    That kind of attitude will get you fired. Management is edgy these days and support/admin money is tight. There just isn't room for someone who doesn't want to go along with the flow. It's not 1998 anymore. The Aeron chairs and the foosball table have been auctioned off and there are many other people just waiting to take your job. Seriously. I've seen several people canned in 2004 by doing things "their own way" despite being told not to.

  3. Even better by Safety+Cap · · Score: 5, Insightful
    You can configure FireFix to run from a keychain USB drive.

    Add an autorun.inf to fire up firefox.exe (with command-line switches -- see the first link's discussion) automatically upon insert and you're good to go.

    --
    Yeah, right.
  4. It never was "1998" by Gothmolly · · Score: 4, Insightful

    For people at any sane shop. I have local Admin rights on my laptop, as I need to install s/w. As a result, I have disabled much of the IT spyware that your profile loads. The result? When AD blows up, or Novell NDS-AD bridge goes down, I can still get on locally. The fact that you speak so readily of needing to "go with the flow" and wistfully of the "Aeron chairs" and "foosball" table tell me that your experience was markedly different, perhaps due to our differing skillsets and attitudes. Sorry for your loss.

    --
    I want to delete my account but Slashdot doesn't allow it.
  5. Re:Nobody's Mentioned This So I am... by Saiyine · · Score: 5, Insightful

    What about giving an url?

    --
    Hosting 20G hd, 1Tb bw! ssh $7.95
  6. Re:Spite him. by krymsin01 · · Score: 4, Insightful

    That's a good way to get fired, seeing as how most of the problem pages will either A) be against the AUP (porn, etc) or B) Illegal (certain porn, warez, etc).

    --
    stuff
  7. Re:that's not what he said by francium+de+neobie · · Score: 4, Insightful

    Firefox's automatic update is good for the individual. But for IT departments, they'd want to test the patches before releasing them and they'd want to centralize the patching process. I think it's well known what happens if we let the non-computer savvy users choose whether to update or not themselves, or forcing them to take on untested patches ;^) (even the Linux kernel had problematic updates, remember 2.4.11?). So depending on Firefox's automatic update would likely make a mess sooner or later.

    I don't know what you mean by "third party automatic package updates for Windows", but the third option is obviously nonsense. Converting to Linux is not a trivial undertaking for a company.