The..(ahem)… Browser Security Test… (cough)
While reading an article posted by Mary Jo Foley on Microsoft-Watch, I noticed a link to Bruce Schneier’s blog to a post called “Internet Explorer Sucks”. I was, again, surprised to find out that people still don’t seem to get it.
On his blog, Schneier links to a webpage containing a study on browser security. If you go over to that website, you’ll notice the statistics about Internet Explorer on this page, and the statistics about Mozilla Browsers such as FireFox on this page.
According to the claims made in the study, Internet Explorer was known to be unsafe 98% of the time, and the Mozilla Browsers were known to be unsafe 15% of the time. Assuming their data is correct, this is ofcourse, true. However, I’m sure you’ve just noticed that I put part of a sentence in bold. Known to be unsafe.
You see, while the claim seems to be factually true, it sends out the wrong message. The wrong message which Schneier and Mary Jo Foley have immediately held onto, namely, that Internet Explorer sucks.
What I got out of the same data on those pages is this: Internet Explorer was not known to be unsafe 2% of the time, while the Mozilla Browsers were not known to be unsafe for 85% of the time.
Question: Would you rather KNOW most of the time that the browser you’re using has certain vulnerabilities and be extra cautious, or, would you choose to NOT know this and think the browser has virtually no vulnerabilities, while it actually does, and browse the Internet with a false sense of security?
Because that’s what it comes down to. If you look at the data on both those pages and compare them, what is immediately clear is that both browsers have had security vulnerabilities practically all year long. The only difference is that the vulnerabilities for the Mozilla Browsers were NOT publicly known. THIS IS VERY DANGEROUS. Why? Because it gave everyone using FireFox, for example, a false sense of security. People thought the browser had no vulnerabilities, while they clearly existed but were just not publicly known, and people were all switching from IE to FireFox. And while the public did not know about these vulnerabilities in the Mozilla Browsers, I’m sure the people who would want to exploit them, did. And they probably know about even more vulnerabilities which are, at the moment, not (yet) publicly known.
The point I’m trying to make is that people still don’t get that security issues on the Internet and with software in general, are a common problem that everyone and every product is dealing with, or is going to have to deal with. It’s not just Internet Explorer, people. As soon as FireFox gets popular, you’re going to see more exploits being published for it. Heck, the vulnerabilities ARE present, people just don’t feel like using them. Yet.
But hey, nobody pays any attention to that. Let’s just bash Internet Explorer and Microsoft for the lack of security.
I wrote about this earlier in the year. Just go overhere and start reading at the “Security” heading. Also note the link to this article.
And call me crazy, but I’d rather use Internet Explorer and actually know that I have to be cautious for anything suspicious while I browse the Internet, instead of blindly relying on the incredible security people seem to think that FireFox has.
Comments
There are 6 responses. Follow any responses to this post through its comments RSS feed. You can leave a response, or trackback from your own site.