Home

I still don’t understand all the uneducated lip-service being paid to Firefox as a secure alternative to Internet Explorer. Ars Technica, one of the most cynical critics of IE6, has an article based on research carried out by Symantec showing how browser vulnerabilities are on the rise. The article made it onto FF sites and instantly the Firefox fanboys leap to the defense of Firefox, claiming this and that (some of the comments demonstrate some seriously twisted logic).

What they almost all fail to notice is that the browser with the least vulnerabilities over the period of the study and the only one which saw a drop in the number vulnerabilities compared to the previous period is …. drum roll please … Opera. Opera even beats Safari for security.

The initial analysis from other sources is that the latest Firefox code is even less secure than V1.5, while the new IE7 is more secure than Firefox ever has been and far better than IE6. Also, noting the vulnerabilities discovered during 2006, an interesting statistic comes forth: 37 of the vulnerabilities in IE6 have been fixed, while only 14 of the Firefox issues have been corrected - one of the FF ‘fixes’ actually made another problem worse!

So much for the vaunted “fast open source reaction” to problems.

The biggest problem is that while Microsoft interviews and checks its employees, designers and engineers, Firefox doesn’t check anything. The ‘open source contributors’ include teens, hackers and first year coding students.

So, if you are looking for security, ditch both Internet Explorer 6 and Firefox and switch to Opera or IE7.

The Symantec report is covered in some detail at Security Fix, but there is no mention of Opera’s track record.