Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Rumors of Internet Explorer's Superiority Were Greatly Exaggerated

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread		 This topic is archived.
Home » Discuss » The DU Lounge Donate to DU
 
Commie Pinko Dirtbag Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Sep-29-05 07:55 PM
Original message
Rumors of Internet Explorer's Superiority Were Greatly Exaggerated
http://blogs.zdnet.com/Ou/?p=108

Detailed Firefox and IE vulnerability report
-Posted by George Ou @ 3:17 am

When I wrote "Is the Firefox honeymoon over" two weeks ago, it stirred up a huge debate that continued for days. Yesterday, Dan Farber interviewed the 20-year-old co-creator of Firefox Blake Ross in a podcast where he addressed the criticism of Firefox in the media and my blog in particular. Ross criticized the analysis in my blog on two main points.

* No comparisons in the severity of the flaws
* No comparisons in the response time to fix the flaws.

On the first point, Ross is absolutely right that the severity of a vulnerability is critical. Because I didn't set out to do a formal security analysis of Firefox and Internet Explorer, I created an overly simplified comparison. Since this has sparked a huge debate, my original analysis is not sufficient to be conclusive. Ross believes that Internet Explorer's vulnerabilities are much worse than Firefox vulnerabilities so we'll have to see if he's right.

On the second point, Ross believes Firefox is more responsive to security vulnerabilities and delivers more timely patches. Ross even quoted that Internet Explorer had about "10 to 15" unpatched vulnerabilities, so we'll have to see if he's right. (...)

On the issue of vulnerability severity, it appears that either camp can claim victory depending on when you look at the numbers. If you look at vulnerability activity before March of 2005, Microsoft Internet Explorer had a consistent drip of monthly vulnerabilities and a huge rash of problems in October 2004. During that same period of time, Firefox was fairly quiet. After March of 2005, the trend reversed and Firefox had a continuous drip of monthly vulnerabilities while Internet Explorer was relatively quiet. Internet Explorer appears to have had an ugly history but seems to be maturing and stabilizing while Firefox appears to be going through some growing pains in the last seven months. From these results, it is clear is that there is no clear victor and neither camp has anything to be proud of with all these security vulnerabilities.

On the issue of patch responsiveness, Ross appears to have a point in that Firefox holds an edge in this department. While it isn't the "10 to 15" unpatched Internet Explorer vulnerabilities that Ross talked about if you exclude the low risk flaws that were omitted for both browsers in this comparison, Microsoft has five "moderately critical" issues that have not been addressed yet. There is even a "highly critical" vulnerability from October 2003 that Microsoft has not addressed yet, but I'm not sure if this old vulnerability still applies to Windows XP SP2 (...)

More at link.
Printer Friendly | Permalink |  | Top

Home » Discuss » The DU Lounge Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC