Wednesday, October 19, 2005

Reducing browser privileges:
Security companies and researchers have made careers out of identifying the latest bugs in Internet Explorer. While Microsoft has been relatively idle, the developers of Firefox have continued to add functionality and provide what was perceived to be more secure code. The story doesn't end there, though. The past six months have seen major vulnerabilities in Firefox too, and its adoption has slowed. Some people are beginning to question the wisdom in switching to another browser that is possibly just as insecure as IE.

There are two major reasons why I would move to Firefox. First the improved usability. Whether you are a normal web surfer, power web surfer, or a web developer, there are extensions that make using Firefox essential. If that isn't enough, relative safety from having spyware installed on your system from a misbehaving ActiveX control or other similar vectors of infection should be the second reason to switch.

It seems from the articles I've been reading that the security community has forgotten all about ActiveX exploitation. At least Firefox removes that from the mix if not more. And the Firefox team are pretty good at fixing vulnerabilities in a timely manner. Isn't that reason enough for a switch?

Mozilla and hypocrisy

Right, but what about the experiences that Mozilla chooses to default for users like switching to  Yahoo and making that the default upon ...