Brian LePore (POWRSURG)’s personal Web siteSymantec on Firefox security
Published on 12 Mar 2006 at 7:23 pm.
Filed under Rants.
Slashdot has an article up on Symantec rethinking the report they did on vulnerabilities on Firefox vs. IE. Previously it concluded that IE was more secure because Microsoft declared less of the bugs that they found to be critical flaws than Mozilla did for Firefox. Symantec has now realized that vendor’s acknowledging something as a critical flaw does not influence the number of critical vulnerabilities there actually are in a given piece of software. In a fair comparison it turns out that Mozilla Firefox really is more secure.
Wow, you mean Firefox’s worst case scenario of having your browsing profile completely hosed and needing a new one set up is less of a problem of Internet Explorer’s worst case scenario of having your entire operating system hosed and needing to be reinstalled? I can’t believe that!
Theoretically, both have the very bad case scenario where malicious attackers could read files that contain things such as credit card information but it is my belief that having files corrupted is a higher level of attack then having them read, especially when some of those files are related to the operating system. Still, the Mozilla group has shown a much faster turn around time at fixing any of these types of bugs than the Internet Explorer team has (if I was smart about backing stuff up I could link this, but I accidentally deleted my “Web Stuff” bookmark folder the other week 🙁 ).
All this said, Slashdotters were quick to point out that Symantec’s turn of face may have something to do with Microsoft announcing that they will be competing with Symantec. Quite frankly, I think this is the case. Symantec has been very pro-Microsoft in the past because they did not want Microsoft to come out with something to compete with Norton anti-virus. They have seen how Microsoft jumping into any arena and including it with their operating system instantly makes them the giant in the field. It doesn’t matter if the product is better, most people will just stick with what they have. Microsoft knows that they can abuse their monopoly and get away with it (at least in the United States, the European Union seems to have a backbone). Quite frankly, this type of behavior out of Symantec, coupled with problems their software in the past, is why I do not use Norton to protect my system. Go AVP!