Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Pros and Cons of Firefox Critically Evaluated?

timothy posted more than 9 years ago | from the but-all-I've-got-is-cancer dept.

Mozilla 674

A Dafa Disciple writes "Fred Langa of Information Week has written an article claiming to discuss the 'Pros and Cons of Firefox'. At first I was excited because I thought I was going to get to finally read an enlightening, in-depth article that critically examined the browser. I should have known better. Aside from the usual criticism of open source software, it contains a reference to a Symantec Internet Security Report which claims that more security vulnerabilities in the last six months of 2004 were found in Firefox than IE. I'll leave it to you to analyze Mr. Langa's opinion and scrutinize Symantec's study and reputation as a security software developer."

cancel ×

674 comments

Sorry! There are no comments related to the filter you selected.

fp (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#12271522)

first post.

Re:fp (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#12271544)

Bravo, my pet - you shall be champion!

A beautiful and smart woman (0, Funny)

Anonymous Coward | more than 9 years ago | (#12271721)

Damn, she's hot [timeinc.net] and smart too.

The biggest downside to Firefox (4, Interesting)

DeadSea (69598) | more than 9 years ago | (#12271524)


Is all the plugins, extensions, chrome, files, and settings that have to be configured after you have the Firefox browser up and running [ostermiller.org] . It would be really nifty to be able to bundle all the things that I do when I install firefox into one mega "extension bundle" or some such that I could install with one click.

Re:The biggest downside to Firefox (5, Interesting)

Blaskowicz (634489) | more than 9 years ago | (#12271594)

this extension should be useful :
http://mozilla.doslash.org/infolister/
InfoLister is an extension for Mozilla Firefox, Mozilla Thunderbird and Nvu that collects various information about Firefox/Thunderbird and saves it to a file. Currently it prints the list of installed extensions, themes and plugins.

Re:The biggest downside to Firefox (5, Insightful)

meisenst (104896) | more than 9 years ago | (#12271597)

-Have to- install? I downloaded one additional theme for Firefox and apart from the occasional plugin such as Shockwave, I never have to do anything to enhance Firefox for daily use.

It's nice that you have everything worked out -- but this is like saying that Internet Explorer is as much of a hassle because of all those security updates you have to download. No thanks.

Re:The biggest downside to Firefox (2, Informative)

Mick Ohrberg (744441) | more than 9 years ago | (#12271722)

A couple of plugins you may want to consider is adblock and flashblock. The combination seems to work very well to prevent pesky popup problems.

Re:The biggest downside to Firefox (2, Interesting)

AdamWeeden (678591) | more than 9 years ago | (#12271606)

Indeed, I would love to see something where you could choose out of a few different profiles (Minimal, Power User, Everything, etc.) which would add certain extensions preinstalled with the browser. Another idea would be to be able to select what packages to add on before you download and install it. This raises a serious issue though. This then puts the burden of support on the Firefox team to support any bundled software, which I'm sure they have no interest in doing so. Granted they could put in some disclaimer before download about third-party support, but I doubt "Joe User" is going to read it, and if something breaks will still attempt to contact the Firefox team for help.

Re:The biggest downside to Firefox (5, Insightful)

Eyeball97 (816684) | more than 9 years ago | (#12271632)

???

Why is this a "downside"?

Would you prefer a 50Mb download, with 45Mb of stuff you don't ever need or use, or a 4Mb download where you can optionally add bits you want

Not everybody wants "chrome" (or themes), Flash, etc etc.

Personally I love the lean approach, with the ability to add and tweak stuff that I want over the bloated, switch off all the crap you don't want approach...

XEmacs Approach (1)

bsd4me (759597) | more than 9 years ago | (#12271756)

I think the XEmacs approach would work out well. You download and install the base system, and then you either get the packages you want or install the sumo package with everything.

Re:The biggest downside to Firefox (5, Insightful)

FreeLinux (555387) | more than 9 years ago | (#12271783)

I'd prefer the 50 megger with all the plugins that my users would likely need as well as all the necessary performance tweaks, proxy settings, policy settings and anything else I can't think of right this minute.

Oh, I'd also like it in the for of an MSI so that I can roll it out to 1,000 systems at a time via script or GPO.

You see there are users out there besides home users and their requirements are a little different than your own.

Re:The biggest downside to Firefox (5, Interesting)

Zocalo (252965) | more than 9 years ago | (#12271637)

Perhaps some kind of "shopping basket" download system on the Mozilla update site would be a good way to go. Personally, I quite like the "Download Basket" that Microsoft uses on its Windows Update site when you do a manual update. Something like a standard shopping cart to choose the plugins that you are interested in, followed by a Windows Update style confirmation and install process would be ideal. If you could also save the baskets and reuse them on multiple PCs that would make widescale deployment of Firefox sooo much easier...

Re:The biggest downside to Firefox (0, Flamebait)

John Hurliman (152784) | more than 9 years ago | (#12271706)

1) Create javascript-driven frontend allowing you to choose your plugins, add e-mail client or calendar, etc.

2) Tie the frontend to the NSIS installer and generate a customized installer. Use caching to alleviate CPU stress.

3) ...

4) Profit!

Re:The biggest downside to Firefox (4, Insightful)

sterno (16320) | more than 9 years ago | (#12271709)

You mean the shopping basket that always tells me that most of the updates I want have to be downloaded and installed seperately? :)

Re:The biggest downside to Firefox (1)

jim_v2000 (818799) | more than 9 years ago | (#12271646)

I wouldn't call that a downside. If you want addons, you have to go get them yourself. Why bloat the DL size with all the addons, when what the have packaged right now is small works for 90% of users?

Re:The biggest downside to Firefox (4, Informative)

ikkonoishi (674762) | more than 9 years ago | (#12271659)

They have that.

Its called mozilla.

Firefox is mozilla with most of the extra stuff besides the browser cut out.

Re:The biggest downside to Firefox (1)

hanssprudel (323035) | more than 9 years ago | (#12271689)

# [update] Google Pagerank extension

You really think informing Google about EVERY page you surf to is a good idea?

Between the search engine, gmail, and Orkut, don't they know enough about us already?

google (2, Funny)

khujifig (875862) | more than 9 years ago | (#12271765)

They haven't got our inside leg measurements yet.

Actually, I'd better check...

Re:The biggest downside to Firefox (1)

ssj_195 (827847) | more than 9 years ago | (#12271771)

Is there any way of installing extensions from the command line? If so, just pop your extensions (.xpi's), userprefs.js and a few other odds and ends together with a batch script that just installs them one-by-one and take this with you whenever you do an install.

Or just create a blank profile with no sensitive history or signon data, install your extensions on it, arrange all your settings and just carry this profile around with you.

So in other words (-1, Flamebait)

Anonymous Coward | more than 9 years ago | (#12271527)

you can't handle the truth.

A few good (pieces of software) (5, Funny)

Lead Butthead (321013) | more than 9 years ago | (#12271631)

"You can't handle the truth! Son, we live in a world that has (fire) walls. And those walls have to be guarded by men with (antivirus software.) Who's gonna do it? You? ... I have a greater responsibility than you can possibly fathom. You weep for (FireFox) and you curse (Microsoft.) You have that luxury. You have the luxury of not knowing what I know: that (IE6.0 vulnerabilities,) while tragic, probably saved lives. And my existence, while grotesque and incomprehensible to you, saves lives...You don't want the truth. Because deep down, in places you don't talk about at parties, you want me on that wall. You need me on that (fire) wall."

Firefox vs IE (0, Offtopic)

Rementis (656260) | more than 9 years ago | (#12271530)

First!

Langa langa langa langa (-1)

Anonymous Coward | more than 9 years ago | (#12271540)

Someone explain to me where he deserved his guru status...

Enlightening... (3, Insightful)

siphoncolder (533004) | more than 9 years ago | (#12271543)

It's enlightening until it's critical. I see.

The two aren't mutually exclusive. You weren't looking for enlightenment, you were looking to see someone agree with you.

Re:Enlightening... (2, Insightful)

Anonymous Coward | more than 9 years ago | (#12271608)

No, it's not enlightening because this is the EXACT same argument against Firefox we've seen 80 million times on /., and every time we come to the same conclusion: even 50 patched security holes is better than 1 open one. How can something that has been discussed to death already POSSIBLY be "enlightening" ?

Re:Enlightening... (5, Insightful)

lpp (115405) | more than 9 years ago | (#12271627)

Disregarding the validity of the position, apparently the OP felt that the cons were based largely on positions already proven false. As a result, enlightenment in this case would have been based on cons based on results considered less inflammatory.

Assuming the OP truly was not looking for a 'yes man' style of article, it is reasonable to believe a review detailing true failings of Firefox without resorting to questionable statistics would have met the requirements for 'enlightenment'.

Re:Enlightening... (2, Insightful)

KillerDeathRobot (818062) | more than 9 years ago | (#12271658)

Assuming the OP truly was not looking for a 'yes man' style of article, it is reasonable to believe a review detailing true failings of Firefox without resorting to questionable statistics would have met the requirements for 'enlightenment'.

In fact, one that didn't detail its true failings would NOT meet the requirements, as the OP was looking for something that "critically examined" the browser.

Re:Enlightening... (5, Insightful)

Rahga (13479) | more than 9 years ago | (#12271681)

Just because it's critical doesn't mean it's enlightening. I could give my five year old daughter a stack of printouts detailing vulnerabilites found by group XYZ, and in a second she can tell you which stack was bigger and might even count them out if she felt inclined to. That's not enlightening... What matters is quality, not quantity.

Also, anybody can get access to the source of Firefox, while IE doesn't have publicly viewable source code. Comparing vulnerabilities among the two browsers is an apples and oranges afair thanks to this.

Critical? Pfft... i've seen better. (5, Insightful)

Spy der Mann (805235) | more than 9 years ago | (#12271698)

I assume you haven't RTFA, but here's more or less the criticism that Firefox gets:

1) "Oh look! It has more vulnerabilities than IE!" (tho they fail to state how critical these are. And don't forget that Firefox 1.03 was just released, fixing these. How long it took IE to release theirs?)

and 2) "BWA! Firefox fails to render my favorite IE-only pages!" complains from users.

And that was on the last 1 1/2 pages. The others were just straw words (your usual columnist intro).

This columnist isn't enlightening, nor critical. He's just giving another misinformed opinion.

Re:Enlightening... (2, Insightful)

Tsiangkun (746511) | more than 9 years ago | (#12271707)

It's one thing if there are 1000 people and 50 people using the fake products, blah blah blah as per the article.

In this case though, the 50 people of fake product B, have used large corporation's product A and are expressing their preference for B over A, and not merely cheerleading for product B. Users of product A, have not tried product B, and are basing their preference on absolutely nothing whatsoever.

Further more, a lot of the users for product B have log files that indicate users of product A are morons who let their machines become compromised and cause havoc for a lot of users around the world, so it would be a slight of hand type of deal to place equal value on the opinions of the two groups of users.

Re:Enlightening... (-1, Troll)

siphoncolder (533004) | more than 9 years ago | (#12271807)

Thanks, you dictionary dickweeds. I had no idea what enlightenment and criticism were all about. This submitter wasn't interested in EITHER - this article is just a pawn in the popularity contest that is OSS.

symantec (5, Insightful)

rizzo420 (136707) | more than 9 years ago | (#12271549)

i have begun to doubt symantec's expertise. i work in a college where virus outbreaks are pretty common. now i've seen a computer with the most up to date, newest version of norton/symantec anti-virus and it seems that it still does not find all the viruses. viruses and trojans that are relatively harmful to the system. i would take this story with a grain of salt...

Re:symantec (1)

bardothodal (864753) | more than 9 years ago | (#12271618)

Well colleges are a target every script kiddie trying to to be l33t as well as 0-day exploits. That high bandwidth and the excessive number of unsecure PC's is very tempting.

Re:symantec (2, Insightful)

superpulpsicle (533373) | more than 9 years ago | (#12271626)

Geeee... lemme see. Until Symantec joined forces with Veritas, its products were primarily 100% windows based.

Hmm.... since they favor Microsoft so heavily, wouldn't it be natural for them to talk smack about non-M$ browsers like Firefox.

Re:symantec (1)

VoidWraith (797276) | more than 9 years ago | (#12271762)

Well, as an addendum, they did say that they'd found no security flaws with Safari... although they underplayed it as much as possible.

Re:symantec (1)

Evil Adrian (253301) | more than 9 years ago | (#12271644)

What viruses specifically aren't being found? Which version of antivirus? When are the definitions dated? You have to be more specific... otherwise it sounds like you're making it up.

Re:symantec (2, Informative)

dlZ (798734) | more than 9 years ago | (#12271743)

My shop had a computer with a variant of Klez on it that an up to date copy of Norton's missed. Considering the age of Klez, any virus scanner should find it and prevent it without an issue. Norton was on the machine and running at time of infection, too.

Only time I saw it miss something that major completely, but it killed the little hope I had left for the product.

Re:symantec (5, Informative)

jim_v2000 (818799) | more than 9 years ago | (#12271774)

I used to work for Symantec's tech support (used to--now Mike in India handles it) and the official line that we gave customers when they get a virus that Norton didn't detect was "Wait for the new definition file...it comes out next Wednesday." And when Norton wouldn't get rid of a virus, the line was "Norton Antivirus is a detection tool, not a removal tool." Which is total BS. If you read their website, the advertising for Norton AntiVirus says "Removes Viruses". That always troubled me, and I'm actually glad to be working elsewhere now.

I personally run Grisoft's AVG for free, and Zone Alarm, and not only have I never had a virus/worm, they run a zillion times faster than Norton AntiVirus and Personal Firewall.

Symantec makes bloatware that doesn't work well. Avoid it like the plague.

Re:symantec (5, Informative)

LnxAddct (679316) | more than 9 years ago | (#12271805)

This [secunia.com] says it all [secunia.com] . Not only has Firefox had 1/7 the vulnerabilities of IE, but those that it did have were patched quicker and were of less severity in most cases.
Regards,
Steve

GPO Control (2, Insightful)

Anonymous Coward | more than 9 years ago | (#12271563)

if I could control it centally from MS active directory, that would be great..

other than that, I see not problems with it at all..

Re:GPO Control (5, Interesting)

numbski (515011) | more than 9 years ago | (#12271616)

http://www.frontmotion.com/Firefox/

Have you tried this by chance?

I haven't personally, but I keep hearing good things about it.

Sorry but... (5, Funny)

hanssprudel (323035) | more than 9 years ago | (#12271565)

At first I was excited because I thought I was going to get to finally read an enlightening, in-depth article that critically examined the browser.

And I thought my life was dull. You need help my friend. Now!

OT: your sig (0)

Anonymous Coward | more than 9 years ago | (#12271729)

There are too many mod points: thirty +5 posts per story is a joke. I only moderate down!

So as slashdot's population increases and there are more people posting, it follows that there will be more +5 posts. Maybe for you ten +5 posts are sufficient, but when the population triples then you should expect thirty +5 posts.

More exploits? (2, Insightful)

sp3tt (856121) | more than 9 years ago | (#12271569)

Do they have the source code for IE? Security by obscurity is no security.

And, at least Mozilla does something about it - three patches in what, two months? How many has IE had the last three years?

Cons of Mac Firefox (0, Troll)

Gob Blesh It (847837) | more than 9 years ago | (#12271571)

Those of us with Macs know that Firefox is really obnoxious on our platform. It makes a very halfhearted attempt at elegance, but fails miserably on almost all counts. Scrollbars don't disable in background windows, HTML controls are rendered in ugly beveled grays, the Preferences dialog is inexplicably a sheet, proxy settings aren't inherited from the System Preferences, text areas in forms aren't beneficiaries of Cocoa's text-editing magic, popup menus are rendered in the wrong font, and on, and on, and on.

If Firefox wants to be taken seriously as a native browser on the Mac, it has a long way to go to catch up to Safari in terms of aesthetics and usability.
--
perl -e '$??s:;s:s;;$?::s;;=]=>%-{<-|}<&|`{;;y; -/:-@[-`{-};`-{~" -;;s;;$_;see'

Mod Parent Down-Malicious Perl Code in Sig (2, Informative)

JLavezzo (161308) | more than 9 years ago | (#12271628)

Please mod the parent down. He has put un-labled malicious Perl code in his sig. Evidently as a prank or due to some sort of simple-mindedness.

Re:Mod Parent Down-Malicious Perl Code in Sig (1)

rufo (126104) | more than 9 years ago | (#12271670)

For those of us who don't speak mangled Perl, what does it do?

Re:Mod Parent Down-Malicious Perl Code in Sig (4, Funny)

Chicane-UK (455253) | more than 9 years ago | (#12271674)

You've got whats coming to you if you just copy and paste, and then run random code that you found on the internet quite frankly.

Re:Mod Parent Down-Malicious Perl Code in Sig (1)

Evil Adrian (253301) | more than 9 years ago | (#12271677)

Who cares? What kind of an idiot runs code if they don't know what it does?

Stick to the topic, quit bitching.

Re:Mod Parent Down-Malicious Perl Code in Sig (-1, Offtopic)

Gob Blesh It (847837) | more than 9 years ago | (#12271680)

Some Slashdotters love to preach that (1) only idiots would run untrusted code, and (2) you can't do damage without root privileges. I think my sig demonstrates quite handily their folly on both counts.
--
perl -e '$??s:;s:s;;$?::s;;=]=>%-{<-|}<&|`{;;y; -/:-@[-`{-};`-{~" -;;s;;$_;see'

Re:Cons of Mac Firefox (1)

onebuttonmouse (733011) | more than 9 years ago | (#12271672)

Camino [caminobrowser.org] is what the Mac incarnation of Firefox should look like.

That said, I'm torn, I like my Mac but I need to use Windows and Linux at work, so I'm pleased to find a browser that behaves more or less the same on all of my computers.

Re:Cons of Mac Firefox (1)

DrEldarion (114072) | more than 9 years ago | (#12271682)

Function before form. First priority is getting everything working correctly, THEN make everything look nice. Safari, while it looks nice, seems to not work with a lot of pages that other browsers do.

Re:Cons of Mac Firefox (-1)

Gob Blesh It (847837) | more than 9 years ago | (#12271768)

Remember the Acid2 challenge [slashdot.org] mentioned on Slashdot a few days ago? Safari and Firefox both failed miserably, but Dave Hyatt, an Apple developer working on Safari's WebCore, has made amazing progress [mozillazine.org] (in less than a week!) at compliance using the Acid2 test as a guide.

It would be nice to see the same pace of development on Gecko, but I'm not holding my breath.
--
perl -e '$??s:;s:s;;$?::s;;=]=>%-{<-|}<&|`{;;y; -/:-@[-`{-};`-{~" -;;s;;$_;see'

Re:Cons of Mac Firefox (2, Informative)

As Seen On TV (857673) | more than 9 years ago | (#12271779)

Boy, do you have that backwards.

The reason why everything looks the same on a Mac is that developers use the system frameworks to draw their on-screen controls. If a program has a control that looks wrong, as Firefox does, that's because the program actually is wrong. If it were using the correct frameworks to draw its controls, the controls would look right.

This is a case where the fact that it looks wrong is a sign that it really is wrong.

Now, as for Safari, it's not perfect. But then again, neither is Firefox. Our internal guys assure us that Safari is just as compatible as Firefox with well-formed Web pages, and degrades gracefully with badly-formed pages. And unlike Firefox, Safari is an actual Mac application, with support for Bonjour and Spotlight and (most importantly) the Keychain built right in.

Firefox isn't a Mac application. It's a third-party application that was ported badly to the Mac.

Re:Cons of Mac Firefox (1)

Daedala (819156) | more than 9 years ago | (#12271684)

Also, basic keystrokes (like tabbing to checkboxes so you can check them with the spacebar, or backspace = Back) just don't work. I do have keyboard access turned on.

Now that I've posted this, half a dozen people will tell me how to fix it. However, it's a widespread complaint. [applenova.com]

Re:Cons of Mac Firefox (1)

generic-man (33649) | more than 9 years ago | (#12271803)

To fix:

1. Uninstall Firefox.
2. Install Camino.

Buttons don't have their usual halos around them when you tab to them, but aside from that Camino works great with keyboard access.

By the way, Firefox still subscribes to the Netscape4 model of "click-and-hold is the same thing as right/CTRL-click." The context menus it pulls up are Mozilla-specific, not Cocoa-based, so Mac OS X's navigation tools (i.e. speech nav) won't work with them either. Pathetic.

Re:Cons of Mac Firefox (1)

generic-man (33649) | more than 9 years ago | (#12271708)

Firefox on the Mac is the second-ugliest browser ever produced for Mac OS X, better than only Opera (and at least Opera is fast and includes a mail client that Google decided to imitate). Thunderbird is pretty lousy too from a UI perspective. Some moron decided that preferences should be sheets, but then drilling down to a second preferences dialog should close the first sheet and open a new one.

This sort of crap is fine on platforms like Linux that have no UI standards, but on the Mac it's embarrassing. Plenty of programs (Garageband, QuickTime Player, etc) deviate from the Mac UI standards, but at least they still look good.

At least there's Camino. You get the Gecko renderer and real Cocoa look-and-feel. It also doesn't beach-ball as often as Safari does, though it has the same memory leaks that Firefox is legendary for.

Re:Cons of Mac Firefox (1)

99BottlesOfBeerInMyF (813746) | more than 9 years ago | (#12271726)

If Firefox wants to be taken seriously as a native browser on the Mac, it has a long way to go to catch up to Safari in terms of aesthetics and usability.

I disagree. Firefox serves a valid need by maintaining as much as possible across a variety of platforms. For people who regularly switch from platform to platform, Firefox's interface can be a great boon.

If you want a more native interface to the codebase try the Camino variant. It uses the native UI elements form OS X. That said, it still fails to make proper use of services, like spellchecking and translation.

If only it was as good as Mozilla. (0)

Anonymous Coward | more than 9 years ago | (#12271578)

I just wish that you could type something into the address bar, press up and enter, and have it search Google, like you can with Mozilla. The tiny google search box on the top right is nowhere near big enough.

Re:If only it was as good as Mozilla. (1)

E IS mC(Square) (721736) | more than 9 years ago | (#12271671)

This [mozilla.org] will be useful.

You can also try this [mozilla.org] - pretty good!

Pros & Cons (1)

Princess Tarja (876619) | more than 9 years ago | (#12271582)

hmmm, symantec/ms dont like opensource? wow, I never would have seen that coming. This seems like another of those bait the readers and watch em attack back games

timeframe of patches (4, Insightful)

rizzo420 (136707) | more than 9 years ago | (#12271585)

one question should be asked... who releases patches and security updates in a more timely manner? mozilla or microsoft? while firefox may have had more security flaws than IE, it gets patched almost immediately.

Re:timeframe of patches (0)

Anonymous Coward | more than 9 years ago | (#12271712)

Bingo. Microsoft's drunken snail-like speed is what makes IE a securtiy risk to use. If they released patches for all the gaping holes more often than one OS service pack every year or two, maybe I'd run it. If they also put tabs in.

Re:timeframe of patches (2, Insightful)

Shdwdrgn (162364) | more than 9 years ago | (#12271776)

I would have to agree with that. The number of bugs isn't as important and the number of -unpatched- bugs. Want to really impress me? Who has the fewest unpatched bugs that are a week old?
A month?
A *year*?

Seriously, you can't have critical bugs floating around out there. Sure not everyone updates the instant a patch comes out, but I want to know that a fix is at least available.

Open Source Security (1, Insightful)

BlacBaron (875559) | more than 9 years ago | (#12271595)

As far as I can see, open source security is a double edged sword.

On one side you've got a large base of coders checking the code for bugs, and submitting patches to fix them.

On the other hand you've got people looking through the source for bugs to exploit. However once these exploits become known its usually a small amount of time before someones submitted a patch to the problem.

Closed source doesn't tend to have either of these (as not many ppl have the source) and as such shouldn't have so many exploits discovered for it.

The open source method should however eventually produce more secure code.

Re:Open Source Security (2, Insightful)

rudy_wayne (414635) | more than 9 years ago | (#12271785)

On the other hand you've got people looking through the source for bugs to exploit. However once these exploits become known its usually a small amount of time before someones submitted a patch to the problem.


Closed source doesn't tend to have either of these (as not many ppl have the source) and as such shouldn't have so many exploits discovered for it.
Closed source doesn't have those problems? What planet are you from? New exploitable flaws are found in Windows and IE on almost a daily basis. Seriously. Connect a computer to a broadband connection, with an old unpatched version of Windows, and it will be taken over within minutes.

And this was accomplished with no access to the Windows /IE source code.

Translation (0, Flamebait)

kaosrain (543532) | more than 9 years ago | (#12271598)

At first I was excited because I thought I was going to get to finally read an enlightening, in-depth article that critically examined the browser. I should have known better.

Should be read as:

At first I was excited because I thought I was going to get to read an article about how Firefox is the best thing ever. It turns out it wasn't written by me and is therefore wrong.

Print Version of the Article (5, Informative)

Anonymous Coward | more than 9 years ago | (#12271599)

Print version of the article [informationweek.com] fitting nicely onto one page.

CON!? (-1, Redundant)

Anonymous Coward | more than 9 years ago | (#12271600)

Firefox has no cons, it is perfect and all that is holy. It is everything Internet Explorer is not. It will protect you from spyware, not molest your dog, not set your house on fire, and basically will do all the things Internet Explorer can't.

I have to go now, someone just used IE, and now they're hiding in a corner sucking their thumb.

Here we go, AGAIN... (2, Insightful)

stanleypane (729903) | more than 9 years ago | (#12271625)

Ugh... Less must mean more in the I.E. world. It's amazing how marketing can put a spin on Microsofts *horrible* track record when it comes to releasing patches in an expedient manner. The more and more Microsoft waits to release a fix, the more these guys make it look like a good thing.

Acording to their philosophy, Firefox isn't as secure as I.E. because Firefox has fixed more bugs? Give me a fscking break.

Firefox eased my pain (5, Informative)

jimboisbored (871959) | more than 9 years ago | (#12271629)

I used to run adaware with IE, I've run it once and a while since I switched to firefox and it'll occasionally find a cookie or two that doesn't bother me. With IE it'd find a couple hundred problems.
Security vulnerabilites my ass.
(yes I know spyware and security is different, but firefox sure is a lot less of a pain in the ass)

there's no cure-all (3, Interesting)

QQoicu2 (797685) | more than 9 years ago | (#12271643)

Maybe Firefox is a more stable, more secure browser than IE, but everything is gonna have its flaws. And the more people use it, the more it's gonna get targeted. This sounds kinda selfish, but I almost wish the geek crowd would have "hoarded" Firefox and kept it as their own. It's nice to give Microsoft the shaft, sure, but the more Firefox creeps into the mainstream, the more it's gonna inherently open itself up to exploits.

Same old "more people use it" analogy... (4, Insightful)

Anonymous Coward | more than 9 years ago | (#12271746)

And the more people use it, the more it's gonna get targeted.

Just because more people drive cars than armoured vans, doesn't mean that cars are targeted more just because they're greater in number. In fact, the payload would be greater attacking armoured cars. In reality, some things are just designed with greater security in mind, from the offset.

Lost all credibility with me. (1)

bardothodal (864753) | more than 9 years ago | (#12271650)

He lost it not far into article. it was about at this point. "Much of Windows' internal development in Windows 3.1 and 3.11 was to make Windows network-aware and largely self-configuring. The Windows developers mostly succeeded, and Windows became easy to network..." If this is true , why am I still helping people network there computers 10 years later?

Con: You can't use autocomplete (3, Interesting)

GigsVT (208848) | more than 9 years ago | (#12271651)

Since the article concentrated on security, but didn't mention this:

If you leave autocomplete on, Firefox will save your credit card numbers in plaintext on your hard disk.

This bug has been known about for years. They won't fix it.

Re:Con: You can't use autocomplete (1)

Narchie Troll (581273) | more than 9 years ago | (#12271764)

Doesn't Firefox ask you if you want to use autocomplete for a given form?

Re:Con: You can't use autocomplete (3, Insightful)

Anonymous Coward | more than 9 years ago | (#12271799)

How does Fx know it's your CC number? Should Fx start refusing to store all 16-digit numeric entries? That would defeat the purpose of "auto-complete", wouldn't it?

If you're entering your CC number on a publically-shared computer, shouldn't you be manually clicking "clear" yourself? Or should the Fx developers be forced to protect you from your own carelessness?

Wait a minute (3, Insightful)

KinkifyTheNation (823618) | more than 9 years ago | (#12271655)

Isn't finding more vulnerabilities a good thing? I mean as long as they're getting patched and all, the browser is becoming more secure with every bugfix.

Quick summary (5, Funny)

nizo (81281) | more than 9 years ago | (#12271656)

Pros: It isn't explorer*
Cons: It isn't explorer**


*potentially more secure
**some pages don't render right since some people only test with explorer

Stupid liberal media (-1, Troll)

As Seen On TV (857673) | more than 9 years ago | (#12271665)

It's the liberal media again. Let's disregard this opinion because it fails to coincide perfectly with our own. After all, we're right and everybody else is wrong, and that's just all there is to it.

I suggest we launch a Power Line-style fatwa against the author of this article. If we all look really hard, I bet we can find evidence that he's gay or something.

This just in... (3, Interesting)

00squirrel (772984) | more than 9 years ago | (#12271678)

All software has bugs, security and otherwise.

Let me put forward a little statistic of my own, gathered from what I've seen over the last few years as a network admin.

Number of computers compromised as a result of IE usage: 8 this year. Number of computers compromised as a result of Firefox usage: 0 (ever)

From TFA : (0)

Anonymous Coward | more than 9 years ago | (#12271686)

All software is imperfect



I would like to direct him to my masterpiece 'Hello_World.c'

Well yes and no. (1)

VanillaBabies (829417) | more than 9 years ago | (#12271693)

He makes some valid points in that there are security holes avialable in almost all browsers. His big main point is a big "duh" for anyone who has ever used a computer attached to the internet.

However, then he starts blaming security holes in the browser on uneducated users. This is where i started to lose him. Understandably as more users switch there are going to be more users who do not understand what is happening. This is hardly the fault of the browser though, and should not be counted against it.

When comparing two programs that do the same thing on security merits, several things should be considered, including number of known security risks, severity of risks, rate of patching known risks, and then farther down that list user knowledge.

This does bring up an important point though, there is no patch process for Firefox(atleast the Mac version). So it's possible that security releases are not be disseminated to normal users. If this is true, then you can release all the security patches in the world and it won't do a damn bit of good. Perhaps an incremental auto-patch is in order?

News flash: IE has fewer bugs (2, Insightful)

WillAffleckUW (858324) | more than 9 years ago | (#12271699)

because MSFT won't call them bugs and denies they exist.

In related news: Zombie World Population skyrockets.

Seriously, metrics are not useful unless all the measurements are done to the same or comparable standards. An IE bug tends to be what I would describe as a collection of 80-100 mozilla bugs - and even then is usually reported a year late after they refuse to admit they fixed it but the release is different on the MSDN disks for a program that's already been "updated" ...

Well, I've heard enough! They must be biased! (1)

Cereal Box (4286) | more than 9 years ago | (#12271703)

it contains a reference to a Symantec Internet Security Report which claims that more security vulnerabilities in the last six months of 2004 were found in Firefox than IE.

It seems to me that the author is implying that this claim just has to be invalid, because come on, we all know that Firefox MUST be more secure than IE. I mean, how can you argue that it's not? It's open source! It's an irrefutable fact of life that it's more secure! Duh!

Sarcasm aside, there are valid complaints about Firefox, Mozilla, and other open source products, but submissions like these really drive home the attitudes you're likely to see here on Slashdot and other open source message boards. That is to say, criticism is rarely accepted. Those making the criticism are called corporate shills, biased, etc. Or better yet, the old "if you don't like it, fix it."

Re:Well, I've heard enough! They must be biased! (0)

Anonymous Coward | more than 9 years ago | (#12271802)

That's cuz these dorks have nothing better to do.

It's quite possible there are more bugs in Firefox (4, Insightful)

rben (542324) | more than 9 years ago | (#12271710)

Firefox is still under active development. It's not surprising that occasionally a new bug, including ones that compromise security will be introduced. IE, on the other hand, has been unchanged, asside from bug fixes. All development work on IE was stopped until Firefox forced their hand. I don't think there have yet been any new releases of IE since Service Pack 2, which put 6.0.2900.2180 out in the world.

So, I wouldn't be surprised if more new security problems were located in Firefox in the recent past than in IE during the same time period. That doesn't imply that there are fewer problems in IE than in Firefox, just that fewer were found in a given time period.

Which means.... practically nothing. The relevant information would be total numbers of security problems over the total number of lines of code or some similar metric, if you want to discuss the quality of the code.

If you want to know which browser is the most secure, you should look at the total number of security bugs known to exist and the severity of those bugs.

For my money, Firefox is the only browser that I trust. I run IE only when I have no choice and when that happens I send an email to the manager of the site telling them why I won't visit again.

Microsoft abandoned good engineering practices in order to grab at market share. As a result, they crippled both their browser and their operating system.

Information week (2, Informative)

0kComputer (872064) | more than 9 years ago | (#12271713)

There will always be reviews out there you don't like. First, this is information week, the WSJ for the pointy haired bosses, I would expect nothing less than a shitty review, actually, I'm glad he gave it a shitty review.

Second, the guy looks like a total Asshat [wikipedia.org] . Look at his picture for christs sakes Fred Langa [cmpnet.com]

The problems of been known (1)

abuendia (718124) | more than 9 years ago | (#12271744)

I'm a Firefox user from about 2 years ago.
My old time versions seemed to be flawless and now, since there are more eyes on Firefox, it seems to be more buggy and insecure.
That's the problem. Firefox boom atracks even more eyes and that will be a bigger problem. Same as QMail or Postfix on Sendmail. They were more tasty 'cause there were less people looking over them.

A better title (1)

portwojc (201398) | more than 9 years ago | (#12271747)

How about naming the article title "Pro and Cons for the Pro" instead. It seemed to just go on and on about how bad Firefox is or how equal in unreliability it is.

Issues with numbers (5, Interesting)

ppz003 (797487) | more than 9 years ago | (#12271759)

<rant>
I have an issue with people who quote numbers of security notices and the like. They always seem to fail to mention the average severity of these notices or even the account for duplicates.

We see a large number of nitpick vulerabilities for open source because everyone can look at the source code and try to break it every which way. OTOH, finding exploits in IE is done by testers and hackers.

Regarding dupes, visiting Secunia shows many vulnerabilies for linux distros, but you see the same ones over and over again for each distrobution.

So while I agree that no software is perfect, and Firefox does have problems that arise from time to time, as does any software, I'll still be using the fox for my net browsing.

As for those testimonies in the article from people who can't get Firefox or Thunderbird working properly, wow. I've switched people's grandparents with no computer literacy with no problem. All I can say is that their system must be jacked up.
</rant>

The switch from ie is worth it, but... (2, Interesting)

Sprotch (832431) | more than 9 years ago | (#12271760)

Before everyone starts flaming me, I'll state that Firefox has become indispensable to me now. Mostly because the RSS bookmarks, tabbed browsing, and best of all, the extensions. Dictionary search, ad-block and the spell checker have all become indispensable to me now. However explorer remains the superior browser with regard to resources and stability. If I want a fast and simple stable browser, explorer is the way I go. While Firefox is loaded with useful options, I find it interesting that I stayed not because it was technically superior to ie, but provided better and actually useful features.

If Firefix is as (4, Insightful)

g0bshiTe (596213) | more than 9 years ago | (#12271772)

iffy a program as IE then how come in 5 years of using Mozilla based browsers ( on Windows ) have I not been befuddled with the plethora of malware ( autodownloaders, backdoor spyware, ad nauseum ) products that freinds using IE recieve? He can say "it's the userbase" till he turns blue in the face, I wanna know why when I go to a site using IE I immediately get inudated with BHO's yet in a Mozilla based browser they get shrugged off? Yet it is just as unsafe as IE states the author?

In my opinion of using the software as long as I have, I would never use IE again unless forced to. And that small amount of time I do use IE, I spend twice as much afterwards cleaning out the damn mess made by malware.

I think because of it's Open Source nature when Moz or some derivative gains market share and becomes the primary target of ad companies, it still won't make that much of an impact on the browser as a whole.
Given enough eyes all bugs are shallow

Firefox fails to enter the Elysian Fields (-1, Redundant)

Anonymous Coward | more than 9 years ago | (#12271782)

Without reading the review I am not surprised at the attack.

I introduced the browser to my boss at work only to have her switch back to IE because of 'issues'.

I myself am a staunch user, but have been troubled by popups from some sites and unexpected crashes at work.

For a browser hailded as a IE beater, and it is on certain fronts, it still has a bit to go to gain complete user confidence.

All I want from Firefox (1)

hkb (777908) | more than 9 years ago | (#12271786)

All I want from the Windows version of Firefox is for cut/copy-and-paste to work reliably. Every so often, the copy function refuses to work in Firefox and its so utterly annoying that I end up using crappy IE most of the time now.

This issue has been in since the Phoenix builds. And yes, I submitted a bug report long ago, which looking now, seems to have disappeared.

When I need to copy-paste, its for important stuff.

He has a web site (3, Insightful)

Jaspers (876338) | more than 9 years ago | (#12271789)

Well Mr. Langa seems to have a web site. Here is the link [langa.com] ! And here you have a link [langa.com] to the article on his homepage (in case it gets /.ed on the front page).

Well taking a quick look at what he wrote i think it's the type of guy who actually enjoys starting flame wars so i wouldn't bother too much by him!
I would only like to tell him that I dissagree with him and he is a terrible writer cause he is using too much sarcasm in his writing. take for example this part from his essay:

The last time I mentioned a similar US-CERT finding, by the way, Linux partisans leapt up to tell me that US-CERT didn't know what it was doing. Linux *couldn't* have more security flaws than Windows! Everyone *knows* that Open Source software is so much better than anything from Microsoft--- right?

Also take from example this:

I wrote that article to try to help readers interested in FireFox in particular and Open Source in general to make an informed decision. There are many, many excellent, proven, objective benefits to switching to Open Source software--- but there's also a lot of misinformation, and some very, very *bad* reasons to switch.

I think that he is doing what he is preaching against: Misinformation

The article makes big unfounded asumptions (1)

s1283134 (660354) | more than 9 years ago | (#12271798)

The article can be summed up to say that MS software doesn't have a higher number of bugs, just a higher install base. If Firefox had just as high of an install base then it would have an equal amount of bugs.

This is just not the case. You can't say that the bugs are purely based on the number of people taking a swing at it. It defends buggy software. Most of the "bugs" are render problems, mentioned at the end of the article. If designers used standards then things would render fine.

"Open" what now? (0)

Anonymous Coward | more than 9 years ago | (#12271810)

Thank you, Dafa Disciple, for providing a Wikipedia link for the mysterious term "open source". Yes, thanks to you, people reading Slashdot now know what that means. Not one of us had ever heard of this "open source" before, so the enlightenment is most appreciated.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?