Slashdot Mirror
How Can I Trust Firefox?
TheRealSlimShady writes "Peter Torr (who?) from Microsoft invites a certain flamewar with his essay 'How can I trust Firefox?' He raises some interesting security related points about the download and installation of Firefox, some of which should probably be addressed. The focus is on code signing, which Microsoft is hot on. Of course, the obvious question is 'Do I trust Firefox less than IE?'"
What's better...
Internet Explorer
Firefox
Sex with a mare
frosty penis
Too bad I can't trust Firefox due to the fact that Firefox is full of gaping security holes. Firefox has so many security flaws you could drive a truck through them. These horrible security failures include:
-Installing Firefox requires downloading an unsigned binary from a random web server
-Installing unsigned extensions is the default action in the Extensions dialog
-There is no way to check the signature on downloaded program files
-There is no obvious way to turn off plug-ins once they are installed
-There is an easy way to bypass the "This might be a virus" dialog
For more information on these flaws, Click Here for information.
aint shit, but bitches.
first post
Gotta get up earlier. The kumquat does more before 8:00 than most citrus fruits do all day.
In the case of Firefox, the code is open. So, millions of Western eyes will see anything suspicious in the code. The bottom line is that openness implies trust, and the reverse is also true.
I don't run their software period and I suggest you all just Zero your M$ infected drives and walk away.
Come fishing, hiking, swiming and all the really good things in life.
Heck become a bartender in some tropical oasis, anything, just get away from your tourmenter.
Let M$ flush itself down the toilet. The sooner the better.
I don't get your point. Once native code runs on your machine it can do just about anything. For example, it could change one the extensions you already have installed to do its nasty work.. or Mozilla itself. People can do the same with IE (and do) but that's not the point here. Five times over the last two days I've heard people shouting from the rooftops that everyone should use FireFox cause you don't get spyware. This is so stupid. The reason you don't get spyware is because it's a waste of freakin' time for the spyware makers to target 5% of users instead of 95% of users. If 95% of people were using FireFox there would be just as much spyware for FireFox as there is for IE. So shut the hell up about spyware already.
How we know is more important than what we know.
Hahaha, isn't it HILARIOUS how Microsoft patched Internet Explorer against the latest browser exploit before a similar patch was released for Firefox?
And isn't it hilarious that, even though so many open source advocates on Slashdot declared their interest as to "who would release the patch first", this wasn't covered in any follow-up articles, or mentioned in any way?
I laugh at you all, Linux pussyboys. Firefox got beaten by the "oh so bad" Micro$oft (lolol $ instead of S gettit??????//). I guess this means that Firefox (and the entire open source community) really does suck more cock than I previously thought..
Hahaha, isn't it HILARIOUS how Microsoft patched Internet Explorer against the latest browser exploit before a similar patch was released for Firefox?
And isn't it hilarious that, even though so many open source advocates on Slashdot declared their interest as to "who would release the patch first", this wasn't covered in any follow-up articles, or mentioned in any way?
I laugh at you all, Linux pussyboys. Firefox got beaten by the "oh so bad" Micro$oft (lolol $ instead of S gettit??????//). I guess this means that Firefox (and the entire open source community) really does suck more cock than I previously thought...
Hahaha, isn't it HILARIOUS how Microsoft patched Internet Explorer against the latest browser exploit before a similar patch was released for Firefox?
And isn't it hilarious that, even though so many open source advocates on Slashdot declared their interest as to "who would release the patch first", this wasn't covered in any follow-up articles, or mentioned in any way?
I laugh at you all, Linux pussyboys. Firefox got beaten by the "oh so bad" Micro$oft (lolol $ instead of S gettit??????//). I guess this means that Firefox (and the entire open source community) really does suck more cock than I previously thought....
You won, eh? Much like you won the race to release the latest patch? Oh wait, that was a miserable failure. Hahaha, isn't it HILARIOUS how Microsoft patched Internet Explorer against the latest browser exploit before a similar patch was released for Firefox?
And isn't it hilarious that, even though so many open source advocates on Slashdot declared their interest as to "who would release the patch first", this wasn't covered in any follow-up articles, or mentioned in any way?
I laugh at you all, Linux pussyboys. Firefox got beaten by the "oh so bad" Micro$oft (lolol $ instead of S gettit??????//). I guess this means that Firefox (and the entire open source community) really does suck more cock than I previously thought.
http://shit.slashdot.org/article.pl?sid=04/12/21/0 038235
Indeed, and imagine the furore if Microsoft did the same thing and disallowed installation of any "extensions" for IE that weren't "Microsoft approved".
Hello, welcome to the 21st Century. Would just like to correct you - there is such a thing as MULTIPLE users in Windows - NT, 2000, 2003, XP (Home & Professional) all have this facility. There's no shortage of security holes, no argument. Fact is, you can set user access in Windows too. Now just because peopledecide not to, that's not a windows bug. Like you said if you run things as root in Linux...
My Favourite Meme
You've never seen a Gentoo compile-fest have you?
Is that like when Furries have sex?
Freedom: "I won't!"
I have had an IE isntall eat NT4.. so *shrug*
I still don't see whats wrong with I.E. I don't have any spyware, I don't get any popups, I don't get viruses. I use Internet Explorer or exploiter or exposer or whatever monicker has been created for it now with no problems after installing the Google Toolbar a year ago. Perhaps the question isn't when will the internet explorer users wakeup to security, but when will open source nerds wakeup that sometimes good enough, is good enough, and the ability to in real time debug javascript in a web browser just isn't important to more than a handful of web developers.