1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Secunia: Firefox most vulnerable browser

Discussion in 'Article Discussion' started by CardJoe, 16 Apr 2009.

  1. CardJoe

    CardJoe Freelance Journalist

    Joined:
    3 Apr 2007
    Posts:
    11,343
    Likes Received:
    292
  2. Mentai

    Mentai New Member

    Joined:
    11 Nov 2007
    Posts:
    758
    Likes Received:
    1
    The fact that having the most security holes doesn't actually equal being the most vulnerable makes this whole thing very misleading. It's bad statistics when the variables give such subjective results. I'd be a bit pissed off with Secunia if I were Mozilla.
     
  3. Bauul

    Bauul Sir Bongaminge

    Joined:
    7 Apr 2007
    Posts:
    2,173
    Likes Received:
    38
    So just because Firefox announced more vulnerabilities than anyone else, surely makes them more secure, as they're patching them, where as IE are ignoring them.

    Stupid research. God I hate bad statistics.
     
  4. V3ctor

    V3ctor Tech addict...

    Joined:
    10 Dec 2008
    Posts:
    583
    Likes Received:
    2
    Blasphemy!!
     
  5. azrael-

    azrael- I'm special...

    Joined:
    18 May 2008
    Posts:
    3,846
    Likes Received:
    124
    You must NEVER question Danish research quality. It's the world's best!

    By the way, that was sarcasm... :)
     
  6. V3ctor

    V3ctor Tech addict...

    Joined:
    10 Dec 2008
    Posts:
    583
    Likes Received:
    2
    Yes it was... :) I love FF, if it wasn't for it, we would still be in the internet with IE6,2 or something. They really rocked the place. I just think that they should come back to a "light" FF... It's becoming heavier at every update... :(
     
  7. hitman012

    hitman012 Active Member

    Joined:
    6 May 2005
    Posts:
    4,877
    Likes Received:
    19
    They did nothing of the sort. If you actually read the report, they simply give the number of vulnerabilities, along with some other statistics, for each browser. No conclusions are drawn - in fact, they note that the statistics necessarily include only those vulnerabilities publicly disclosed.
     
  8. yakyb

    yakyb i hate the person above me

    Joined:
    10 Oct 2006
    Posts:
    2,064
    Likes Received:
    36
    yay for opera
     
  9. cjoyce1980

    cjoyce1980 New Member

    Joined:
    17 Jul 2007
    Posts:
    404
    Likes Received:
    0
    which is what research and reporting is..... try doing a degree or a PhD, thats all you will spend 3+ years doing as well as drink till your kidneys hurt
     
  10. alpaca

    alpaca llama eats dremel

    Joined:
    27 Jan 2009
    Posts:
    1,132
    Likes Received:
    45
    at least firefox is a honest browser. i like that.
     
  11. bowman

    bowman Member

    Joined:
    7 Apr 2008
    Posts:
    363
    Likes Received:
    10
    Open source, and higher disclosures.

    Comparing the disclosed security vulnerabilities from open source projects to proprietary projects is completely ridiculous.
     
  12. azrael-

    azrael- I'm special...

    Joined:
    18 May 2008
    Posts:
    3,846
    Likes Received:
    124
    Is it bearded too? :D
     
  13. airchie

    airchie New Member

    Joined:
    22 Mar 2005
    Posts:
    2,136
    Likes Received:
    2
    I think the number of machines compromised through FF compared to IE would give a much more accurate account of which browser is safest.

    I agree though that FF is getting more and more bloated which allows more and more avenues for attack and exploits to be found. :(
     
  14. fargo

    fargo New Member

    Joined:
    13 Feb 2006
    Posts:
    178
    Likes Received:
    0
    I think the number of machines compromised through FF compared to IE would give a much more accurate account of which browser is safest.

    I think this sentence gets to the meat of the issue.....right on airchie
     
  15. Cobalt

    Cobalt New Member

    Joined:
    24 Feb 2006
    Posts:
    309
    Likes Received:
    2
    Didn't a similar report come out a while ago? Conclusion is basically that proprietary products are made by companies which have a vested interest in not revealing how many vulnerabilities they have.
     
  16. naokaji

    naokaji whatever

    Joined:
    8 Dec 2006
    Posts:
    1,879
    Likes Received:
    10
    ActiveX gets a :wallbash::sigh::duh: from me.


    Anyway, I think the better way to measure browser safety would be measuring something like how many % of the vulnerabilities are patched within a set period of time.
     
  17. dicobalt

    dicobalt New Member

    Joined:
    21 Mar 2009
    Posts:
    169
    Likes Received:
    2
    I would have to agree with these findings. If you ever actually bother to look at the fixes though you will notice almost all security problems are due to javascript in one way or another. That's why I use noscript + adblockplus. That combo makes almost all javascript vulnerabilities just bounce off you like a raindrop on glass. I wont stop using firefox. BTW I have seen plenty of firefox browsers with spyware toolbars. Myway is one of them, the search results skew to things that will give you more malware also. Too bad large OEM's package that **** on new computers, I can smell a lawsuit.
     
  18. airchie

    airchie New Member

    Joined:
    22 Mar 2005
    Posts:
    2,136
    Likes Received:
    2
    NoScript+FF=Win tbh :)

    Its unfortunate that so much of the nice features we rely on in turn rely on scripting.
    Still, its better than activeX... :D
     
  19. azrael-

    azrael- I'm special...

    Joined:
    18 May 2008
    Posts:
    3,846
    Likes Received:
    124
    Well, almost all "Web 2.0" content relies on AJAX. Take a wild guess what AJAX actually is... :)
     
  20. dicobalt

    dicobalt New Member

    Joined:
    21 Mar 2009
    Posts:
    169
    Likes Received:
    2
    Indeed it does, but the thing is that scripting really doesn't need to be accessing the domain xycb9865.zxcvb.1vnfv.cn in order to work. That is where noscript comes in. Blocking all sites that are not specifically allowed hence making the virus code unable to do anything useful. While the allowed code on the allowed domain runs just fine. I use all the popular javascripty sites and have zero problems.
     
Tags: Add Tags

Share This Page