Anyone see a game changer here?
Brielle Bruns
bruns at 2mbit.com
Sat Jan 23 03:42:59 UTC 2010
On 1/22/10 8:37 PM, William Pitcock wrote:
> On Fri, 2010-01-22 at 22:16 -0500, Steven Bellovin wrote:
>> On Jan 22, 2010, at 12:26 AM, Bruce Williams wrote:
>>
>>> The problem with IE is the same problem as Windows, the basic design
>>> is fundementally insecure and "timely updates" can't fix that.
>>
>> You do realize, of course, that IE is recording less than half the
>> security flaw rate of Firefox? (See
>> http://prosecure.netgear.com/community/security-blog/2009/11/web-browser-vulnerability-report---firefox-leads-the-pack-at-44.php)
>
> Consider for a moment that both Firefox and Safari are built on
> open-source code where the code can be audited. As a result, it is
> clear why Firefox and Safari are more "insecure" than IE, it is simply
> because the code is there to be audited.
>
> Frankly, they are all about the same security-wise.
>
> William
I have a feeling that most of the 'security' problems with firefox is
related to extensions/addons/plugins, rather then the firefox
application itself. You can't fault the devs for unsupported
addons/extensions/plugins that are made by a third party with
questionable levels of programming skills.
M$ tried this same thing, comparing Linux to Windows vulns, neglecting
to mention that the only reason why there was more Linux exploits was
because they were including things other then the kernel and base system.
--
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org / http://www.ahbl.org
More information about the NANOG
mailing list