| This 31 message thread spans 2 pages: 31 (  2 ) > > || |
|Firefox Users Most Secure on Internet, Study Reveals|
Firefox Users Most Secure on Internet, Study Reveals
5:03 PM EDT Wed. Jul. 02, 2008
ChannelWeb Story [crn.com]
|...Failure [to] update browsers exponentially increases the chance for remote attacks executed by hackers, the study found.... |
...Firefox users were far and away the most likely to use the latest version, with an overwhelming 83.3 percent running an updated browser on any given day....
It's true, Firefox users are the most secure.
IE users, other the other hand, tend to be clingy losers who, in their insecurity, blame others for the problems in their life and then expect yet others to fix their problems.
Safari users, despite their outward wannabe-like-Apple-hip attitude, tend to be not trusting of others who are not like them.
Opera users are immature. They fear commitment, wasting too much time looking for something better.
Or, are you talking about something else?
I'm sorry, but I personally think hackers tend to target IE users rather than Firefox, so it would be hard to tell which is really the most secure. The experienced internet users tend to use firefox, which is why is more likely to be up-to-date. Yes, some IE users could be classed as clingy to IE, but I find a lot of IE users are not even aware that there are other types of browsers.
Hey Weeks, do you do horoscopes as well? ;)
I'm sure to a lot of IE users, Internet Explorer is THE Internet. "What's a browser? I just load the Internet"
Well, Seb, whatever it takes, eh? Ask any Mac user.
What the article doesn't get into, and perhaps the study doesn't either, is whether Firefox is inherently more secure that IE, or whether only the awareness of users and their updating patterns appear to make it so.
It also doesn't discuss whether FF vulnerabilities are less targeted by hackers than IE vulnerabilities are targeted.
Safari and Firefox are on par I would say. IE.. ehh.. Never was a fan of..
"Firefox Users Most Secure on Internet"
I think there's an irony on that study...
The use of Firefox as the only Web browser in a Windows computer could lead to serious security risks because of one important factor.
Firefox doesn't permit to update a Windows computer with the latest security updates from Microsoft.
The latest security updates from Microsoft are obtainable via Internet Explorer. Hence a user that keeps his-hers computer with Windows Update 'on' all the time should be quite secure. Obviously a good firewall and antivirus with antispyware are a must in addition to Windows Update.
If a user only uses Firefox in his-hers Windows computer could easily be subject to security risks. The user could totally ignore the need to use Windows Update.
I'll rather show a user how to properly use the latest version of IE with Windows Update 'on' than having the user update his-her Firefox installation. A Windows computer with the latest version of Firefox doesn't indicate that such computer is fully secure.
By the way, that study was "a collaborative effort conducted by researchers at The Swiss Federal Institute of Technology, Google and IBM Internet Security Services". No wonder the irony exists in the study.
|an overwhelming 83.3 percent |
Call me cynical, but I can't help noticing that 5 ÷ 6 = 83.3% (1dp), which makes me wonder how many users were polled
i always think IE is the best, i don't like firefox, don't care if it has better security, the only reason i have it downloaded it is to test my website and to access websites which to make 1$ per download make their website firefox only and give the google refferal link... i think the IE is also more user friendly then firefox. But thats just my opinion, no need to argue ;P.
|Firefox doesn't permit to update a Windows computer with the latest security updates from Microsoft. |
A browser is not required to get updates these days: updates are downloaded by a windows component: you don't even need to visit the update site any more.
|I'm sorry, but I personally think hackers tend to target IE users rather than Firefox, so it would be hard to tell which is really the most secure. |
You obviously haven't tried many extensions! ;) (Try Web Developer [addons.mozilla.org] and Firebug [addons.mozilla.org] for starters, then add All In One Gestures [addons.mozilla.org] and a few other usability-related extensions and I think you'll be hooked. Colorzilla and MeasureIt are also very good for developers.)
|i think the IE is also more user friendly then firefox. |
think it's a bit chicken and egg,
FF/Win users are the Windows aware users, they already know why they choose to not use that Blue E
if they know that and they're also Windows users, they will generally know how to have their WINDOWS (note not that's not IE dependant) updates on too.. I get my updates, not forced either, and I only have a 'standard' version of IE (i.e. no toolbars or favourites, prefs etc)
so it follows that as they realise IE is not the internet they also learn how to secure/customise their own installations as best they can, something that's not so easy with IE
and as for FF on a Mac well I can only presume that's a 50/50 with Safari, they're already using a browsers not tied to an OS :)
so between the 2, FF/Mac and FF/Win the figures are bound to look better than anything else, IMHO of course :)
|FF/Win users are the Windows aware users, they already know why they choose to not use that Blue E |
Good summary, SuzyUK. I know lots of people who use IE only and I would never suggest that they switch - they don't even know what a browser IS, and they'd only make a (further) mees of their computer. Automated updates and security are especially designed for that kind of user, and it's good that they are. Microsft serves that demographic and they are improving in their service.
Shortly after I launch Firefox, it asks for permission to install the latest update if one is available. I've never seen IE do that, so that alone could account for the difference in updates.
As for inherent security, I would certainly expect fewer security issues with an open source project. Still, defect rates at Microsoft are better than most people realize, and I applaud Microsoft's moves to sandbox the browser and separate it from the OS.
|As for inherent security, I would certainly expect fewer security issues with an open source project. |
Let me shatter your theory: WordPress
Most hacked blog software on the planet and it's an open source project.
I think the difference is Mozilla has SQA which is a major step up from most open source that relies on the users to test the product instead of a trained SQA professional with a automated test tools and a test plan to validate the product.
let me unshatter, not of all of us use Wordpress!
As Deep Throat said to Washington Post reporters Woodward and Bernstein during the Watergate investigation:
"Follow the money".
When I first saw the title of this thread, cynic that I am, I reflexively asked myself, "Who paid for this?"
(Not casting aspersions on Robert_Charlton, there really is an article from an outside source to read. Intentions here may be pure.)
But I couldn't help but smile when I saw who funded the study:
The Swiss Federal Institute of Technology, Google and IBM (NYSE:IBM) Internet Security Services.
I try to always refer to FireFox by it's full name: Google Firefox, I wish that everyone else would do the same, it lends clarity, I think.
Wouldja like a reality check? Open FF, go to Help- About and click Credits and then watch all the corporate names scroll by.
If you smoke, light a cigarette, it'll take awhile.
So where's the money coming from for all the Microsoft fanboyz?
I don't see a big difference in security right now between IE and Firefox on Windows: I'm scared stiff to trust a computer with any valuable information on the internet with either browser, because Windows is so fundamentally insecure. (Last study of vulnerability windows (no pun intended) showed that if someone got the Microsoft updates on the day they were released, their system would only have been exposed to known vulnerabilities for, um, 362 out of the last 365 days.
That does probably represent an improvement, and possibly a 200 or 300% improvement, but, still, all things considered, hardly a significant one.
And, of course, I consider Microsoft Update one of the scariest thing you can do to a computer. How many weeks has it been since they pulled an update that was blue-screening users right and left, only to replace it with an update that was ... blue-screening users left right and center? Throw in WGA false-positives, and you'd be insane to trust them.
I agree, there is probably a class of users whose own ignorance of computers is so great that they're better off with automatic updates than without. It may be a large class.
And that's the scariest thought of all.
You should judge any piece of research on its own merits, not on the basis of who funded it, or even who wrote it. Otherwise, you'll end up not hearing any opposing views whatsoever.
If we assume there was bias, then this should be easy to demonstrate on the basis on the report alone. Then we can start to question the research credentials of a respected technology university, and two of the largest IT companies on the planet.
So, where did the bias creep in?
Was it in the research methodology? Did they collect the wrong data? Did they interpret the data incorrectly? Such factors could easily imply biased research, and might warrant questions about those conducting the study. Of course, if companies can be found to repeatedly allow self-interest to skew research, then they deserve closer scrutiny.
The headline created from the research paper itself [techzoom.net] hinges, of course, on what "most secure" means. The researchers determine this by looking at web browser user-agents, and then comparing this to unpatched vulnerabilities. In this instance, Google-supplied data (600 million users' worth) seems to have proved a pretty significant asset.
It looks like a major problem that users of browsers from all manufacturers are failing to keep their system up to date, and therefore exposing themselves to unnecessary risk. Interesting that such a high percentage of Opera users are running unpatched editions when compared to firefox users. It might even say something about the update process across all the browsers tested.
There are other interesting comments in the research, a snippet about browser adoption, for instance:
|it has taken 19 months since the initial general availability of IE7 (public release October 2006) to reach 52.5% proliferation amongst users that navigate the Internet with Microsoft's Web browser |
Of course, coming from Google data, it's a nice insight: they have a pretty good spread of users ;)
|You should judge any piece of research on its own merits, not on the basis of who funded it, or even who wrote it. |
right. For a vested interest that is funding research, the advantage is often just in getting the information you want to be researched, not necessarily in inventing false information. ie, focus-changing rather than fabulation.
A headline from a few days ago: Firefox 3 suffers its first vulnerability
source: [news.cnet.com ]
Are Firefox users most secure on Internet? Probably not.
I'd hazard a guess it's security through obscurity mostly since MSIE still dominates then it's the biggest target for the most low hanging fruit.
What scares the heck out of me if the opportunity for vulnerabilities in all the little Firefox plug-ins written by armchair programmers cranking out cool little tools.
IMO, that's where the real threat to FF lies, the plug-ins.
Love the phrase "security through obscurity" but do you realize how funny the term "armchair programmers" is when you think about it?
(Even funnier in that I know what you're saying!)
I mean, as opposed to who? - battle-scarred, veteran, cigar-chomping programmers who've seen it all?
I can just hear one of these mercenaries reminiscing: "And then there was that project back in '98. The encryption module was hell on wheels, let me tell you. Lost a couple of buddies on that one."
I am, as of today, removing the arms from my chair lest I, too, be accused.
--But I couldn't help but smile when I saw who funded the study:--
It's true of so many studies that make the headlines, they aren't there to further science but to distort it, because the person picking the tab wants a pre-ordained result.
The same goes for opinion polls, many of them (especially from pressure groups) are so slanted as to be laughable, often using leading questions that aren't mentioned in the final results.
To follow up on gibbergibber's comment and the thrust of some others:
Nobody's got the time to check the veracity of all the stuff we get bombarded with.
It comes down to trust. Who do you trust to deliver you accurate unbiased information? Even more important, who do you trust to sift through all the stuff and condense it down into a digestible form for you?
In the days before the Internet and, before that, cable television (yes, children, there was such a time), in the US we had the "big three" TV networks plus a handful of print publications that, mostly, one could trust to deliver a fair approximation of "the truth".
I have my list of trusted sources but it gets smaller all the time.
Credibility is a fragile thing.
Funny how these things work out. In the news today, a Microsoft Update makes computers SAFER.
"Microsoft released four patches - all rated important - as part of its regular Patch Tuesday update cycle, one of which left ZoneAlarm users locked out the internet."
That's right, if you have ZoneAlarm your MS-Windows machine is completely safe from the internet--EVEN if you have Firefox 3.
Thank you, Mr. Ballmer, and may angels sing you to your rest.
hutcheson, lol, true.
|SuzyUK said: |
let me unshatter, not of all of us use Wordpress!
Is Jeffrey Zeldman [zeldman.com] (co-founder of The Web Standards Project and publisher of A List Apart) wrong to advocate it?
|Why WordPress? |
This site is powered by WordPress. For nearly eleven years, it was powered by hand-coding. Let me put “nearly eleven years” into perspective. It’s 3924 days. And it’s about how many times I opened an HTML editor to update this site’s content. I loved every minute. It took a great publishing environment to make me switch.
Thinks like a writer
Thinks like a designer
For thems as wants
I’m supposed to like it because it’s free, but I don’t mind paying for software — I like supporting people who create things.
I use WordPress because I like it and it works for me
| This 31 message thread spans 2 pages: 31 (  2 ) > > |