![]() ![]() Inconsistent results allowed us to get beat. “Over time, IE had developed 13 or 14 different places in the code where we place URLs. According to Microsoft’s Tony Chor, a Group Program Manager on the Internet Explorer team, part of the problem was old, sloppy code. Will IE7 improve this spotty record? Perhaps. The theoretical edge goes to Firefox, but both companies have kept busy in recent years making updates available, and there’s no evidence that any widespread outbreak of malware has been attributable to unpatched vulnerabilities in either one. For at least 256 days last year, Internet Explorer contained unpatched vulnerabilities where the exploit method had been publicly disclosed but was not necessarily being used.įor Firefox, there were about 35 days in 2005 where exploit code for a known vulnerability was available for an unpatched flaw, and zero days when a worm or virus was known to be taking advantage of an unpatched flaw. The challenge for the browser designer is to give the user enough information so that he or she can make an intelligent decision.īrian Krebs, of the Washington Post, compared the records of Mozilla Firefox and IE6 and concluded:įor at least 38 days in 2005, IE was vulnerable to unpatched critical security flaws that were being exploited actively by viruses, worms and spyware. A computer user who has administrative rights over a computer can override any security feature or protective program. Some of these threats are technical, but the majority take the form of social engineering. A rogue program can be merely annoying – hijacking your home page and spewing unwanted pop-ups – or it can take the form of a Trojan horse or dialer that can drain its victim’s bank account. The most popular form of browser-based crime in 2006 is the phishing e-mail, which tries to sucker its victim into filling in valuable personal information – bank passwords, credit card details – in a phony web form. Some of the nastiest bits of spyware and malware walk through the front door, disguised as or piggybacking along with benign or harmless-sounding programs. This is the worst threat of all, because a successful attack can give an intruder complete control of your computer and every bit of information on it. Exploits that attack unpatched vulnerabilities in program code.Both browsers are officially out in widely available public beta releases ( Internet Explorer 7 Beta 3 and Firefox 2 Beta 1), so it’s a good time to compare how well each one performs.įor this report, I’ve put together an image gallery that shows exactly how the Windows XP version of each browser performs when faced with common security threats.Īnd what are those threats? Basically, everyone who spends any significant time on the Internet has to be mindful of the following four threats:
0 Comments
Leave a Reply. |