For those of you who champion firefox as your solution to the IE vulnerabilities, remember this important point: security through obscurity is not security at all.

http://it.slashdot.org/article.pl?sid=06/09/07/1423244&from=rss



Danny Begonia writes, "Some folks at Klocwork examined the large and complicated code base of the popular open source browser, Firefox. Overall, Firefox is a well written and high quality piece of software. Several builds were performed on the code, culminating in the final analysis of version 1.5.0.6. The analysis resulted in 611 defects and 71 potential security vulnerabilities. The Firefox team has been given the analysis results, and they will determine if or how they will deal with the issues."


I still think it's miles ahead of IE. I'm just saying that it's only a matter of time before browser hijacks start revealing more firefox flaws. I'm curious about the impact each of these flaws has towards real life risk to the browser/user.

Meh, at that point DL opera, I like opera it just displays things funny (yeah I know technically correct, but still funny)

For those of you who champion firefox as your solution to the IE vulnerabilities, remember this important point: security through obscurity is not security at all. :umm:

Ehh... do you even know what "security through obscurity" is? This post seems to indicate that you don't. By definition, an open source project has no obscurity because its o p e n. :disa:

:umm:

Ehh... do you even know what "security through obscurity" is? This post seems to indicate that you don't. By definition, an open source project has no obscurity because its o p e n. :disa:


"that flaws are known, but attackers are unlikely to find them"

No one's really tested firefox before...lo' and behold, it has flaws. As firefox starts grabbing up more market share, the attackers are going to find more flaws because it IS opensource. It's obscure based on the idea that not many people use it.

http://mywebpages.comcast.net/OptimizeXP/Buttons/FirefoxMyths.gif (http://www.firefoxmyths.com)

No one's really tested firefox before...lo' and behold, it has flaws. As firefox starts grabbing up more market share, the attackers are going to find more flaws because it IS opensource. It's obscure based on the idea that not many people use it. Are you kidding me? Firefox gets tested every single day. The fact that its open source means that its there every day for anyone to analyze. Not to mention the fact that the kinds of automated tests that produced these "results" are notorious for producing inaccurate results, much less results that are actually exploitable. And a 10% market share is hardly "obscure." What a pointless thread... :shake:

Are you kidding me? Firefox gets tested every single day.
Not to the same scrutiny as IE. Not hardly.


The fact that its open source means that its there every day for anyone to analyze. Not to mention the fact that the kinds of automated tests that produced these "results" are notorious for producing inaccurate results, much less results that are actually exploitable.



I guess time will tell. Many "theoretical" exploits become much more dangerous when someone finds a way to put theory into practice.


And a 10% market share is hardly "obscure." What a pointless thread... :shake:

Spyware is out to for the quickest fastest way to spread. That means taking the majority share browser with the most known holes. Compare 85% market share browser to 10% and that is obscure.


Bah...I'm done arguing with you. Get your panties up in a bunch and watch me give 2 sh!ts.

(As of July 9) "The total usage share of Mozilla Firefox increased 1.14 percent since May 2006. The total global usage share of Internet Explorer is 83.05 percent which is 2.12 percent less than at the of May."

In the US, Firefox has almost 16% of the browser "market". In Germany, 39%.

Source (http://www.onestat.com/html/aboutus_pressbox44-mozilla-firefox-has-slightly-increased.html)