Slashdot Mirror


FireFox as a Security Risk Compared to IE?

A not-so anonymous Anonymous Coward asks: "The administrator at my work gave me the following reason for not using Mozilla. What do you think? 'FireFox is a security risk. Please refrain from using it. Please continue to use IE 6.0. IE is our only supported browser. FireFox saves encrypted pages to disk and does not give you override capability. It also does not allow automatic cache clearing when closing a browser. These are security risks.'" Do any of you have information that could be used to contradict the administrators information on FireFox? Are there configuration options one can reach from about:config that a user can use to address the problem this administrator has cited?

8 of 174 comments (clear)

  1. Re:Depends on your admin by green+pizza · · Score: 5, Interesting

    How does Firefox prevent them from patching Windows software?
    It doesn't. It's just an excuse for lazy MCSE admins who don't want to add an additional step to their daily advisory-reading / patch-installing cycle.

    My point is this: in an established MS shop, it's often very hard to get the admins to approve usage of non-MS software. At my previous job we had many people using MS Publisher and that MS photo suite when InDesign and Photoshop would have been far better for their needs.

    I'm not agreeing with the original poster's admin, I'm just saying that MS shops are often set in their ways.

  2. Any non-standard app is a security risk by SoundGuy666 · · Score: 5, Interesting

    While your admin may have issues with the default configuration for Firefox, there are genuine reasons for not deploying firefox to your network. Most security concious organisations have a very rigourous patching system for the authorised applications and operating systems. Any app which doesn't fit into that patching system (whether it be up2date, apt-get, SUS/WUS/SMS, yum or another flavour) presents a massive overhead to the IT team. Every time there is an update to Firefox, it needs to be repackaged and redeployed to every desktop in your organisation. And it's not just Firefox, but by setting a precedent of deploying MyRequestedAppX, they face pressure from all sides for AppY, AppZ, etc. Then the questions come - "you support Mr X's AppX with updates and patches - why not mine?".

    Unless your organisation has the infrastructure to deal with non-baseline application patching, those apps WILL present a security risk while the IT team tries to find the resource to patch/update and deploy the latest version.

    --
    Why can't we all just get along?
    1. Re:Any non-standard app is a security risk by Damhna · · Score: 4, Interesting

      Could not agree more.

      Custom application standardisation across the install base means that issue resolution can be standardised and tweaked to meet the response/support requirement. The certification and testing processes that most serious companies use to pass apps as fitting are both rigourous and not condusive to incorporating the latest 'app du jour'. And rightly so.

      It's easy for tech saavy folks to deem these practices as a symptom of the narrow mindedness of lazy MCSE admins (who would appear to be some sort of subspecies of a real admins). It's easy to see this as an organisation being inflexible due to undereducation but I believe that that is not the case. A pestered admin will often give the sort of pseudo answer this user recieved.It's not good to fudge that way , but without taking a user step by step through the security policies and application certification documetnation, it's difficult to explain the why of decisions such as this.

      It can be difficult to meet the job function requirements of diverse departments and maintain the steady balancing act that will ensure your SourceSafe users will be as compliant as the receptionist.

      For this organisation it may be useful to do a business case analysis exploring the usefulness or otherwise of Firefox but as it is still in it's first iteration a lot of companies will be loathe to abandon the practices they have in place on a whim.

      Aa firefox moves ever closer to a dominant position the pressure will become greater and things will change. It will also become more a target and I'm betting that this will begin getting longer and looking far more serious as more and more authors start realising the potential success to be had in taking Firefox on.

  3. Nobody's Mentioned This So I am... by DiscoOnTheSide · · Score: 4, Interesting

    There's a wonderful little extension for Firefox called "Configuration Mania" and it works with 1.0. It has the ability to choose the option for the SSL disk cache mode as well as clear the disk cache every time you close the program, as well as other nifty little things. Give it a whirl.

    --
    Viva La Revolucion! Buy a Mac!
  4. Re:Even better by DietFluffy · · Score: 5, Interesting
  5. FirefoxIE by file+cabinet · · Score: 5, Interesting
  6. Re:Just pressure from MS by legirons · · Score: 4, Interesting

    "the obvious minor stuff like the government only producing documents in MSWord format or WWW sites that are in MSHTML so only work in MSIE"

    It could be worse. Your government could demand that all tax returns be filed electronically, make it illegal to not file electronically, and then create a website for filing so that it can't be used on non-Internet Explorer browsers

    Of course, no real government would ever be that retarded.

  7. "Be Anonymous" Button by cbr2702 · · Score: 4, Interesting

    What would be more useful (and currently not possible) is a "be anonymous" button that when pressed toggled the browser into a full privacy mode. In this mode, sites would not be well trusted (javascript disabled, plugins don't load), the Refered_By HTTP header would not be set, and nothing would be stored (history, autocomplete).

    --


    This post written under Gentoo-linux with an SCO IP license.