Slashdot Mirror


FireFox as a Security Risk Compared to IE?

A not-so anonymous Anonymous Coward asks: "The administrator at my work gave me the following reason for not using Mozilla. What do you think? 'FireFox is a security risk. Please refrain from using it. Please continue to use IE 6.0. IE is our only supported browser. FireFox saves encrypted pages to disk and does not give you override capability. It also does not allow automatic cache clearing when closing a browser. These are security risks.'" Do any of you have information that could be used to contradict the administrators information on FireFox? Are there configuration options one can reach from about:config that a user can use to address the problem this administrator has cited?

4 of 174 comments (clear)

  1. Re:Depends on your admin by green+pizza · · Score: 5, Interesting

    How does Firefox prevent them from patching Windows software?
    It doesn't. It's just an excuse for lazy MCSE admins who don't want to add an additional step to their daily advisory-reading / patch-installing cycle.

    My point is this: in an established MS shop, it's often very hard to get the admins to approve usage of non-MS software. At my previous job we had many people using MS Publisher and that MS photo suite when InDesign and Photoshop would have been far better for their needs.

    I'm not agreeing with the original poster's admin, I'm just saying that MS shops are often set in their ways.

  2. Any non-standard app is a security risk by SoundGuy666 · · Score: 5, Interesting

    While your admin may have issues with the default configuration for Firefox, there are genuine reasons for not deploying firefox to your network. Most security concious organisations have a very rigourous patching system for the authorised applications and operating systems. Any app which doesn't fit into that patching system (whether it be up2date, apt-get, SUS/WUS/SMS, yum or another flavour) presents a massive overhead to the IT team. Every time there is an update to Firefox, it needs to be repackaged and redeployed to every desktop in your organisation. And it's not just Firefox, but by setting a precedent of deploying MyRequestedAppX, they face pressure from all sides for AppY, AppZ, etc. Then the questions come - "you support Mr X's AppX with updates and patches - why not mine?".

    Unless your organisation has the infrastructure to deal with non-baseline application patching, those apps WILL present a security risk while the IT team tries to find the resource to patch/update and deploy the latest version.

    --
    Why can't we all just get along?
  3. Re:Even better by DietFluffy · · Score: 5, Interesting
  4. FirefoxIE by file+cabinet · · Score: 5, Interesting