News Flash: No Browser is Safe!

Symantec also observes that water is wet, fire is warm, and that a brick is hard

Published on September 26, 2006 By Zoomba In WinCustomize News

Ok, everyone takes it as generally accepted fact that Internet Explorer under Windows has a track record of being horribly insecure unless the user takes steps to tweak security settings, install pop-up blockers, bog their system down with AntiVirus, and run regular sweeps of the system to make sure nothing nefarious ever makes it through. But then there's the rest of the computing population that has turned their noses up in contempt and gone off to use Firefox and Opera under Windows. A few have taken it a step further and even ditched Windows completely in favor of Linux or MacOS with their respective browsers. We think ourselves safe, secure and more or less untouchable by those vile malware and spyware coders, those hackers of ill-repute who are determined to hijack our computers via our own web surfing.

However, according to Symantec Corporation, a company with absolutely no vested interest in this issue at all, it is merely a placebo, a lie we tell ourselves to feel better. We are in fact no more safe using these alternatives and still are in dire need of their help and software to secure our systems from Mr. Hacker.

Symantecs' yearly Internet Security Threat Report documents the relative security of browsers such as IE, Firefox, Opera and Safari. In the grand Firefox/IE debate, Symantec says that while IE compromises account for 47% of all attacks, Firefox actually clocked more reported vulnerabilities in the first half of this year than IE (47 versus 38 for IE). It paints a picture where the perceived insecurity of IE and strongbox reputation of Firefox is more a result of volume of users as opposed to inherent security of the code.

For more analysis of the report, check the BetaNews article linked below.

I think Symantec wins the "Obvious Observation" award today for their stunning revelation that all browsers have vulnerabilities.

Comments (Page 1)

Threi

on Sep 26, 2006

what is called "safe"?

it should be called "no browser is goofproof from stupid surfing"

im getting so sick of this recent paranoia about security...

whiterabbit007

on Sep 26, 2006

It's great to see companies like Symantec take the time to do a thorough and unbiased research into security issues plaguing so many of us. Not only do they provide cheap, fast and efficient products to protect our computers but they also make sure we know what programs have most vulnerabilities so that we are better educated and have safer experience with computers. Kudos to Symantec.

/sarcasm off

I had you there for a moment, didn't I.

Other than that it's not even worth commenting on Symantec's "findings". What I will say is that while I never had the kind of nightmare experiences with IE as I see floating around the web, ever since I switched to FF surfing the web has become 99% painless. Almost no popups, almost no ads (thank you AdBlock!

) and just in general a much more pleasant experience.

dagwud

on Sep 26, 2006

It paints a picture where the perceived insecurity of IE and strongbox reputation of Firefox is more a result of volume of users as opposed to inherent security of the code.

Let's also not forget the rapidity with which Microsoft corrects IE flaws when they are identified. How many "moderately critical" flaws remain unattended by Microsoft versus those unaddressed by Firefox?

I can't recall a third-party ever releasing instructions on how to "patch" Firefox because Mozilla was taking too long to address a "critical" issue.

Excalpius

on Sep 26, 2006

dagwinn, I think the monthly patch cycle, augmented with emergency patches if something becomes critical have worked fine so far. I also think Firefox's lil "hey, want to install the new version" pop-up when I run it (occasionally) works well.

DesignCaddy

on Sep 26, 2006

Not only do they provide cheap, fast and efficient products to protect our computers

oh, man.. that made my week.

don't kid yourselves, symantec has every interest in reporting that you need protection on all platforms with all browsers.

DesignCaddy

on Sep 26, 2006

I have less problems using explorer, than with other browsers. FF makes very specific sites look better, but has less functionality through developer's web applications. Opera is the same. Both get hurt when i use certain forms, and things like image databases or shared systems. Opera on a mac mostly decides it won't do anything at all on certain days ( it calls those days 'weekdays' ) yet is suprisingly still vastly superior to safari. IE7 for me. Lovin' it. Draws everything great. Easy to use. Faster than its predecessors.

AiTakahashi

on Sep 26, 2006

Something I always tell my customers, although they seldom listen, is this; "The best form of defence is common-sense". If it looks too good to be true, it probably is... DON'T CLICK IT!!!

...and they then promptly click it, and in they trudge, PC underarm, bitching about how this nasty piece of software found its way onto their system, (without their intervention of course

), and we find ourselves one job richer.

Sorry if this seems overly critical or cynical, but when it comes to browsing the 'net, the general public are completely f***** thick, and deserve anything they "get" as a result. Ignorance is no excuse - tell 'em, and they ignore you, complaining endlessly when their previously pristine PC is knackered with trojies, spyware, malware and crapware within a week of them getting it back, reinstalled, updated and protected.

I want to drive trucks.

Phoon

on Sep 26, 2006

tell 'em, and they ignore you, complaining endlessly when their previously pristine PC is knackered with trojies, spyware, malware and crapware within a week of them getting it back, reinstalled, updated and protected.

Oh that is sooooo true.
It drives me nuts when people ask for PC advice and fail to heed the warnings and solutions that I have given them.

mr.bo

on Sep 26, 2006

...according to Symantec Corporation, a company with absolutely no vested interest in this issue at all...

but then goes on to say that due to Symantec's findings we the consumer

...are in dire need of their help and software to secure our systems from Mr. Hacker...

in the very next line.

lol.

Koasati

on Sep 26, 2006

Symantec also observes that water is wet, fire is warm, and that a brick is hard

I knew that..... no, really I did!

dagwud

on Sep 26, 2006

Excalpius wrote:

I think the monthly patch cycle, augmented with emergency patches if something becomes critical have worked fine so far.

My comment was not about the frequency of patch releases. It was about how quickly a patch is released after a flaw is identified.

For example, an article from May 2006 (Link) noted that about 25% of 85 IE advisories from 2003 to 2005 remained unpatched. Forty percent of those unpatched flaws were capable of compromising a system.

The point I was trying to make is that a monthly patch cycle isn't helpful if flaws remain unpatched.

Dark-Star

on Sep 26, 2006

You know is sad.. we all worry about protecting our selves from hackers and what not on our PC's and in the end, we get screwed some other way. I got a nice letter in the mail today from Chase financial group. In the letter they go on to explain, "we recently discovered that computer tapes that contained personal information about you that was provided in an application you submitted..." "...were mistakenly identified as trash and thrown out." "We deeply regret that this has occurred and apologize..."

Oh goody, so for everyone out there who dumpster dives, you'll be happy to know where you can find my info. Thanks Chase! So you see, no matter how well you protect your information, someone out there is going to screw up for you....

Life is a Game

on Sep 26, 2006

I think that the bigest threat to a computer represent users themselves by not knowing what is safe to open and what not.

5x5

on Sep 26, 2006

Uhm. Call me crazy....I think it's idiocy to say that Symantec has 'absolutely no vested interest in this issue at all' when the fact that so many people are migrating to FF is a direct threat to their business. Did they pay you to say that?
Regarding Symantec's alleged 'honor', it has even been hypothesized that the big anti-virus companies are the main culprits releasing certain strains into the wild to increase the need for their product. They can say what they want. Since switching to FF well over a year ago, I have had no problems whatsoever. By the way, I also switched from Symantec products to TrendMicro and lo and behold, I have much more available system memory as well. Hmm.

I think it's time people gave Symantec less of their own 'vested interest'.

whiterabbit007

on Sep 26, 2006

@rdbchick: I believe that Zoomba was being sarcastic, and I think, but it could be just me, that the story's subtitle makes the tone of the piece fairly clear

Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:

Richer content, access to many features that are disabled for guests like commenting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!