Slashdot Mirror
Criminals Prefer Firefox, Opera Web Browsers
An anonymous reader writes "Security researchers at Purewire have leveraged vulnerabilities in malware infrastructure to track the criminals behind it. In a three-month long project, they used security flaws in exploit kits to get operators to expose themselves (Obnoxious interstitial ad between link and content) when they access the kits' admin control panels. Data collected shows that 50% of those tracked use Firefox, while 25% use Opera."
crim.. *cough* technically inclined people tend to use firefox and opera rather than IE.
Shocking!
The guy who took the phone off my lap on the train uses Firefox as well. Right?
What's next, golfers prefer cars that cost more than $100,000?
Give me a break.
What does this article even mean?
Tech savvy IT security enthusiasts prefer alternative browsers to Internet Explorer?
Criminals prefer Firefox?
Firefox users have criminal tendancies?
Firefox encourages exploitation of inferior browsers?
Or, Internet Explorer sucks.
What.
The problem with slashdot is that most of its users were bullied and stuffed into lockers as kids!
Interestingly, Opera, which by some measures has only a 2 per cent market share, ranked second among the kit operators, with 26 per cent. "I think that's probably because operators have a familiarity with the web threat landscape," Royal told The Register, suggesting that many black-hat hackers take a security-through-obscurity approach to making sure they themselves don't get hit. "It makes them wary of using mainstream browsers."
Huh, and here I was thinking that maybe, just maybe, these hackers knew the security history of the various browsers and knew that Opera had a better security history than Internet Explorer?
I'm reminded of an old observation: whenever ice cream sales rise, so do shark attacks. So does eating ice cream cause sharks to attack you? No.
The observation that more Criminals prefer Firefox over IE, doesn't associate Firefox use with criminal behavior.
It most likely just means that there is a common occurence that causes technically savvy computer users to prefer Firefox.
People who build malware infrastructure are technically savvy, otherwise, they would not be able to understand and defeat technical security measures.
Non-technically savvy users often use IE because they don't understand the alternatives.
Also, they don't understand the weaknesses in IE's security defenses, the technical advantages of using Firefox (or Chrome) over IE, or the basic security principle that installing and using less-popular software (alternatives to the most popular option) means there are fewer people interested in devising a way to attack your software.
Eg Opera is not a very ripe target that hackers are highly interested in attacking, because it has so few users, it's a low value target.
IE's lack of security being a reason for this. This is not true of recent versions of IE, and in fact, IE is sandboxed in recent versions of Windows, unlike FF and Opera. The Pwn2Own hacker winner rated it at 9/10 in security, and so on. I highly doubt this has anything to do with real security, more like hackers are faddish gullable kids who believe the "IE is teh insecure!" hype that the typical slashdotter believes. Ya mod me down, I don't care.
"...I think the Microsoft hatred is a disease." - Linus Torvalds
A better reading could be "people that exploit vulnerabilities of browsers prefer to not use those vulnerable browsers".
In particular:
"People who create websites containing malware that takes over the browsing computer NEED to use a browser that is immune to their own takeover tools for their command-and-control console."
Jeez. Think about it a moment. How the heck are they going to work on the thing if it eats their machine when they touch it?
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way