Welcome to WebmasterWorld Guest from 184.108.40.206
Forum Moderators: incrediBILL
How can you say its built with more security in mind? There is no proof, and we've had holes in pretty much every component.
-Posted by: Doron at October 19, 2004 09:18 AM
A very, VERY interesting thread with comments from some of the Moz developers stepping in to "dispel" some of the security myths.
What this means is that the IE engine, the IE direct connection to the OS, is a ball of spagetti code, in about as bad shape as Windows 9x before MS finally had to dump the whole tangled mess. The IE kernel is still largely based on the IE 4 kernel as far as I know, this stuff can't and won't be resolved until MS does a full browser engine rewrite, and even then it's going to be suspect since MS simply cannot seem to grasp that integrating components on a deep level exposes that deep level to attack.
Thinking any piece of software is 'secure' is fooling yourself, the moz guy is right to point this out, but standalone applications that don't use active x or any similar technology have a built in limiting mechanism for such insecurities. So it's good to point out that you are not suddenly entering into a secure kingdom when you use firefox, it's just that the amount of damage that can be done can be expected to be much less.
I've spent the last month working in a big organization part time doing networking, most of my time is spent on the following:
-installing Windows/Office service packs manually because the autoupdate engine doesn't work correctly without admin priviliges, SMS server coming but not here yet.
-removing active x installed trojans, malware, and viruses. Cleaning out some of the better pieces of malware and trojans takes me upto 3-6 hours per box. Firefox would have eliminated at least 95% of the malware installed. Text only Email would have eliminated probably 95+% of viruses and trojans.
So far Firefox is more secure simply because its too small of a fish to target
That may be true today, and it may be true tomorrow.
(Though it may not be -- compare the safety record of market-leader Apache with that of runner-up IIS).
But if the day comes when it is no longer true, Firefox will still be more secure where it matters.
As stated in previous messages in this thread, Firefox problems are fixed usually in one day -- that's at least 30 times faster than a typical MS fix.
And if someone does break into Firefox, there is no access to the important internal components of Windows.
It's like, if you can break Firefox, you get into the lobby of a building with zero further access possible. Break IE though, and you get into a fully operating express elevator to all floors, and a master key to all doors.
It's the same pattern emerging, the latest viruses are being created in tandem with spamming networks, these depend on Outlook/outlook express vulnerabilities to install themselves, outlook products of course using the IE rendering engine, with its holes.
Then those spammers are using botnets created by similar methods to use as smtp servers, almost all these exploits depend on the structural weaknesses and insecurities of windows and IE to propagate themselves. If those weaknesses were not there, there would be nothing to exploit, but they are.
There's money in this game now too, hackers have to make a living too, just like the rest of us ;-)
The recent story about a script which can regularly produce markup which can crash every browser other than IE is interesting but not a case for favoring IE (which can crash on valid HTML). That's not to say that Mozilla/Firefox, Opera or Safari/Konqueror are invulnerable or that such problems shouldn't be dealt with, just that the research (done by a researcher who has consistently favored Microsoft products in all his work, and who recommends IIS as being more secure than Apache) is incomplete, marginal and one-sided.
Alternative browsers have to take seriously any crash or buffer-overrun situation, and they will have to raise their game to build even higher-quality code. Also, if you think that running an alternative browser or even an alternative OS (Linux, MacOSX) will make you somehow immune to viruses, hackers and the like, then you're seriously mistaken.
However, it has been shown month after month, vulnerability after vulnerability, that IE is plagued by security problems, and that alternative browsers, even though less than perfect, are a better choice.
There also might be a few more issues involved with the moz developpers being more open about security flaws.
First: They don't want to take a "burried head in sand" approach. MS has a bad rep for ignoring security issues, even well publicised ones, until they absolutely have no choice but to deal with it. Some vulnerabilities in IE have been known and discussed for over a year before MS got around to patching. Moz can't afford to take that sort of complacent approach. They're the little guy, and could be crushed quickly if they're seen as complacent.
Second: It's an old truism that the surest way to get hacked is to claim loudly and publicly that you're unhackable. Putting a damper on such claims, from the development team itself, might help mitigate the "attraction" to try and hack FF and other Moz products.
Third: Good marketing. Relying on the "FF is more secure..." line as your main marketing point has its limits (if you've never been hit by a serious security problem in IE, then why would you care?) and creates a vulnerability in that when a security flaw IS exposed, there goes your whole marketing campaign and image like a collapsing house of cards. I think the developpers are (justly) proud of FF as a simply better, more agile browser, with better features and usability. In the long run, this will most likely win over more converts than security alone.
Myth: There's Safety In Small Numbers
Perhaps the most oft-repeated myth regarding Windows vs. Linux security is the claim that Windows has more incidents of viruses, worms, Trojans and other problems because malicious hackers tend to confine their activities to breaking into the software with the largest installed base.....
This reasoning backfires when one considers that Apache is by far the most popular web server software on the Internet. According to the September 2004 Netcraft web site survey,  68% of web sites run the Apache web server. Only 21% of web sites run Microsoft IIS. If security problems boil down to the simple fact that malicious hackers target the largest installed base, it follows that we should see more worms, viruses, and other malware targeting Apache and the underlying operating systems for Apache than for Windows and IIS. Furthermore, we should see more successful attacks against Apache than against IIS, since the implication of the myth is that the problem is one of numbers, not vulnerabilities.....
Perhaps this is why, according to Netcraft, 47 of the top 50 web sites with the longest running uptime (times between reboots) run Apache.  None of the top 50 web sites runs Windows or Microsoft IIS. So if it is true that malicious hackers attack the most numerous software platforms, that raises the question as to why hackers are so successful at breaking into the most popular desktop software and operating system, infect 300,000 IIS servers, but are unable to do similar damage to the most popular web server and its operating systems...
and so on. Myths are fun, but not as fun as facts. This is why I only use Apache running on freeBSD for all my websites [except one legacy one, on Windows IIS, that is the source of ALL my current webhosting problems], that helps me dump that whole set of problems and deal with more interesting ones.
If you install a decent Linux distro you will soon realize that installing stuff on that is simply much harder, and requires more conscious action, than on a standard windows box. Not immune, just harder.
If you limit the access of the script engine, it is entirely possible to create a browser that is 100% secure.
I don't know how secure Firefox is, but the architecture is fundamentally more secure than IE.
If the first link I posted is too technical, here's a synopsis of the above article [theregister.com]
Generally, the argument 'security through obscurity' is applied to closed, proprietary software and os's, not open source OS's and apps. You also have to look at how these systems actually work. The first link I posted to will give you a decent idea of that.
IE is fundamentally linked to the OS, at a deep level. This is the problem. It's not how much market share it has, or doesn't have. It's a structural design problem. It's unlikely MS will ever abandon its current roadmap, so your current best option is to abandon MS as far as practical, Linux is still pretty focused on power users, which is a good thing I think, there's still a pretty significant learning curve.
When you see unix type os'es in the hands of expert users, it's pretty wild, it's a different thing altogether, built around servers, powerusers, network admins, it's got a lot of very impressive tools, mostly command line when used right. And now it has some reasonably user friendly apps to go ontop of it, but it's not windows by any means, you're never more than a step away from the command line.
I've been using Linux more, there's a lot of rough edges on the gui stuff, less the closer you get to the command line, that part works pretty well. KDE 3.3 is really good, looks way better to me than XP, not as homogenous, things that are easy on windows can be pretty hard on linux, but then again things that are pretty easy on linux can be pretty hard on windows, just depends I think what you want, windows is focusing too much on maximum 'user friendliness', you pay a price for that, it's security.
And the monolithic OS model, I don't like that, but it works really well for standard users who really just want a toaster type thing to send emails and surf and do some wordprocessing or make websites, whatever, windows is fine for that as long as you don't really care that you basically have no control and no say over your primary tool.
The apache model is more interesting, compare apache and IIS, apache is amazingly configurable and extensible, but it's also a lot harder to learn initially, that's where the power and flexibility come from, I've worked with IIS too, and it's a nightmare to secure, you have almost no control over it, that's why it's such a huge hacker target, same for IE, windows.
Small example: I just thought to myself, oh, it would be nice to get Links browser, opened my command line, typed in apt-get install links, a few seconds later there it is, another browser. Try that on windows.