Slashdot Mirror

← Back to Stories (view on slashdot.org)

Symantec Rethinks Firefox vs IE Vulnerabilities

Posted by ryuzaki0 on from the double-think dept.

chill writes "Last September security software vendor Symantec issued a report claiming IE had fewer critical flaws than Firefox and thus was more secure. Well, it seem they have now rethought that position. 'How we did it before wasn't a fair comparison,' said Oliver Friedrichs, the senior manager of Symantec's security response group. 'It wasn't an apples to apples comparison.' The key was vendor acknowledged critical vulnerabilities. Thus, if Microsoft (or the Mozilla Foundation) didn't agree it was critical, then it didn't get counted."

8 of 214 comments (clear)

  1. OneCare by ROOK*CA · · Score: 5, Interesting

    I wonder if Symantec's "rethinking" of it's position has anything to do with Microsoft Announcing a Competeing offering (OneCare Live), apparently Symantec will no longer just take Microsofts word whether a suspected flaw is actually a bug/vulnerability or not, Sorry Microsoft that ole "Naw, that's not a vulnerability, it's just an undocumented feature" doesn't look like it's going to fly anymore.

    :D

    1. Re:OneCare by ntsucks · · Score: 4, Interesting

      Perhaps the Symantec marketing trolls have embarked on a subtle campaign to undermind the general public's trust in Micro$oft's ability to deliver secure products. Basically a "Who do you trust?" positioning of themselves against OneCare Live. Strange as it may seem Joe Six Pack probably does not have the Slashdot crowd's contempt for Micro$oft's ability to deliver secure products, thus leaving some room for Symantec to discredit them.

      --
      Those who can do. Those who can't sue.
  2. But there's more... by ABoerma · · Score: 5, Interesting

    I like the other part of TFA better:

    "Windows XP Professional, said Symantec, stays safe just one hour and 12 seconds, while the Windows 2000 Server (with SP4) made it an hour and 17 minutes. An unpatched Windows Server 2003 system lasted somewhat longer.

    In contrast, unpatched Linux installations of both Red Hat Enterprise Linux 3 and SuSE Linux 9 Desktop were never compromised during their month-and-a-half exposure to attackers."

  3. Not too surprising by enigma48 · · Score: 4, Interesting

    My first thought was that this makes perfect sense - now that MS is a competitor of Symantec, they're going to discredit them as much as they can.

    But Symantec has known for ages that MS is pushing into their space. Maybe they had a Netscape-esque agreement with Symantec and maybe Symantec found new evidence that convinced them partnering with MS isn't the best way to go?

    It *could* be as simple as an upper-management type listening to the feedback the last report got, but I haven't seen an icy weather forecast for Hell today.

    (For those who missed the MS Anti-trust days: it was 'alleged' that when MS decided that the 'net was not just a fad and MS needed to throw all their resources into making IE the dominant browser, MS offered not to compete in Mac-space if they left the Windows market quietly. Netscape refused, MS bundled IE with windows, and the rest is history)

  4. Oi norton... by djsmiley · · Score: 4, Interesting

    StartKeyLogger

    another undocmented feature...

    --
    - http://www.milkme.co.uk
  5. Re:imagine that by Anonymous Coward · · Score: 3, Interesting

    Of course, the two concepts are completely unrelated, when one realizes that lying doesn't occur because the lier decided that lying was NOT in his best interest. Lying occurs because the lier, at the time, decided it would benefit him somehow. In other words, in order to profit. (Profit doesn't have to be measured in raw dollars, but can take the form of anything which an individual considers to benefit him.) Therefore, all lying is an attempt to profit, just like all truth telling is an attempt to profit. (Why would someone tell the truth if they didn't believe it was in their best interest, i.e. for profit?) People do things because they believe, at least at that moment, that those things are in their best interest.

    So there is no more connection between lying and profit than truth-telling and profit. D'oh!

  6. I can believe I am going to reply to this but... by Lightzout · · Score: 3, Interesting

    This has to be the best troll ever. I feel like I am the moth, there is the flame, gonna die, cant turn back now, going in anyway! I think this is funny for two reasons. One symantec has no interest in securing anything but profits and secondly the fact that symantec could make the "news" by publicly admitting something so obvious to most saavy consumers is all the proof I need that the joke is me. Expect Symantec to announce its Firefox browser bundle soon.

  7. Re:Number of bugs means... by mav[LAG] · · Score: 3, Interesting

    This reminds me of a friend of mine who used to be a professional game tester for an EA dev team near where I live. Although somewhat looked down upon, testers are actually a terribly important part of the game dev process. If you're looking for budget to save, look somewhere else.

    Nobody told that to the manager. For the next project my friend was given absolutely nothing to work with - no design docs, no resources, no source code, no debug version, no reporting sheets - zip. Just a crappy PC with - occasionally - the latest build on. All his requests for the basic tools to let him do his job properly went unheeded. So he started filing bug reports via email like this:

    To: Developers
    Subject: Game is broken - fix it

    To: Developers
    Subject: Game crashes - needs to be fixed

    To: Developers
    Subject: Game broken - needs fixing

    He was quickly provided with the tools he needed :)

    --
    --- Hot Shot City is particularly good.