Slashdot Mirror
Is The Firefox Honeymoon Over?
prostoalex writes "With Firefox market share reaching a substantial level, is the popular Internet browser becoming a security nightmare for IT administrators? George Ou takes a look at the hard numbers. From the article: 'From March 2005 to September 2005 10 vulnerabilities were published for Microsoft Internet Explorer, 40 for Mozilla Firefox. In April-September timespan there were 6 exploits for MSIE, 11 for Firefox. Conclusion? As you can see, the facade that Firefox is the cure to the Internet Explorer security blues is quickly fading. It just goes to prove that any popular software worth hacking that has security vulnerabilities will eventually have to deal with live working exploits. Firefox mostly managed to stay under the radar from hackers before April of 2005.'"
Also.. the most important factor. The Firefox community fixes the problems.
There are flaws in IE that have been known for better than 6-8 months and still there is no fix.
Digital is, by definition, imperfect. Analog is the way to go.
For Mozilla, there has been 0% of extremely critical vulnerabilities and 23% of highly critical in 2003-2005, whereas for IE 14% were extremely critical and 29% highly critical in the same time period.
Furthermore, a total of 31% (out of of 69 advisories, or 21 individual cases) of IE vulnerabilities may result in system access. In Mozilla, the corresponding numbers are 18% and 4 advisories.
You need only to look at secunia.com's summaries to see through the idiocy of this article:
vs.
Firefox: 0% Extremely Critical
IE: 14% Extremley Critical
Need we say more?