Anyone see a game changer here?

Brielle Bruns bruns at 2mbit.com
Fri Jan 22 21:42:59 CST 2010


On 1/22/10 8:37 PM, William Pitcock wrote:
> On Fri, 2010-01-22 at 22:16 -0500, Steven Bellovin wrote:
>> On Jan 22, 2010, at 12:26 AM, Bruce Williams wrote:
>>
>>> The problem with IE is the same problem as Windows, the basic design
>>> is fundementally insecure and "timely updates" can't fix that.
>>
>> You do realize, of course, that IE is recording less than half the
>> security flaw rate of Firefox?  (See
>> http://prosecure.netgear.com/community/security-blog/2009/11/web-browser-vulnerability-report---firefox-leads-the-pack-at-44.php)
>
> Consider for a moment that both Firefox and Safari are built on
> open-source code where the code can be audited.  As a result, it is
> clear why Firefox and Safari are more "insecure" than IE, it is simply
> because the code is there to be audited.
>
> Frankly, they are all about the same security-wise.
>
> William

I have a feeling that most of the 'security' problems with firefox is 
related to extensions/addons/plugins, rather then the firefox 
application itself.  You can't fault the devs for unsupported 
addons/extensions/plugins that are made by a third party with 
questionable levels of programming skills.

M$ tried this same thing, comparing Linux to Windows vulns, neglecting 
to mention that the only reason why there was more Linux exploits was 
because they were including things other then the kernel and base system.



-- 
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org    /     http://www.ahbl.org




More information about the NANOG mailing list