The Active Network
ActiveMac Anonymous | Create a User | Reviews | News | Forums | Advertise  
 

  *  

  Firefox drawing fans away from Microsoft IE
Time: 11:22 EST/16:22 GMT | News Source: CNET | Posted By: Robert Stein

Open-source browsers Mozilla and Firefox have won over a significant number of defectors from Microsoft's Internet Explorer in the past nine months, Web site metrics suggest. The gains for Firefox, which was released in a version 1.0 preview on Tuesday, and for Mozilla are most noticeable at Web sites popular by geek-chic early adopters. For example, W3Schools.com, a Web development tutorial site found that Mozilla-based browsers were used by 18 percent of its visitors in September, up from 8 percent in January. Internet Explorer use dropped to 75 percent from 84 percent in the same period.

Write Comment
Return to News

  Displaying 1 through 25 of 334
Last | Next
  The time now is 10:14:12 AM ET.
Any comment problems? E-mail us
#1 By 2332 (66.228.91.60) at 9/16/2004 11:44:11 AM
First of all, good. Firefox is great. If you don't use it, you should.

Second, it doesn't really matter. Microsoft's original fear was that the web would make Windows obsolete. Microsoft made sure that didn't happen. They won the browser war, even if people are now defecting.

With Longhorn, Microsoft is going to change the way we view the web. Literally. They will blur the lines between the web and Windows. It will take years for others to catch up to Microsoft on this, and by that time it will already be too late.

Microsoft has nothing to fear from this exodus. It's temporary and inconsequential.

#2 By 21705 (142.213.176.140) at 9/16/2004 11:48:50 AM
Maybe they'll consider working on IE7 now...

#3 By 2960 (68.101.39.180) at 9/16/2004 1:21:14 PM
RMD,

This 'further integration' with windows in Longhorn is what scares me the most.

Out of a 50 to 60 hour work week, I spend 1/3 of that removing Spyware from users machines. Some of it is so bad that the only way we can (efficiently) fix the issue is to re-image the system. Some of the spyware out ther is getting _that_ bad.

If Spyware can affect the users machines to this point now, what is going to happen when the 'browser' has even _more_ access to the system?

As someone who supports corporate clients on the move, this concerns me greatly.

TL

#4 By 2960 (68.101.39.180) at 9/16/2004 1:23:44 PM
#4,

Are we gonna start this _again_ ?

EVERYTHING has security issues. My DOG has security issues (he would lick a robbers face and show him the good stuff).

But Microsoft's "Golden Retreiver" mentality towards IE is unacceptable and is the primary issue the world is over-run with Spyware right now. Spyware is the #1 cause for calls to support help desks at the moment, and it's because of IE's "Golden Retreiver" mentality towards security.

Match the list of holes IE has had with the list for FireFox and keep on telling me FireFox is less secure than IE.

TL

#5 By 10896 (142.167.148.13) at 9/16/2004 1:33:14 PM
Firebox has had over 20 major security updates since June. At that rate it probably is the most unsecure piece of software ever made. The just hide the security updates as a new version.
How many of you knew that 1.0PR fixed 10(count them) critical security updates. A lot of them have been known for over years and shows you fast(laughter) these open sores amateur developers are concerned with security.

Stop the lies about how secure Firebox is.
I think most of the downloads were users keeping up to date with security fixes and not any sudden popularity of Firebox. CNET sure knows how to lie especially with statistics.

#6 By 10896 (142.167.148.13) at 9/16/2004 1:52:59 PM
Since December 2002, over 93 security problems have been fixed in Mozilla. How many others have not been fixed?

I would asssume that is so far ahead of IE that it is really not even a contest on which brower is more secure.

#7 By 2332 (66.228.91.60) at 9/16/2004 1:55:35 PM
#4 - Firefox has severe security issues.

And guess what! It DOESN'T MATTER. Firefox is still safer. At least for the time being. GIVE IT UP.

#7 - How?

I suggest you head over to msdn.microsoft.com/longhorn and start watching some of their demo videos. It will give you a good idea of the future.

In short, Microsoft is going to make it so that there is no "web application" and no "windows application". In fact, there will really be no "applications" at all. Instead, there are people and data.

Let's say my buddy sends me some kind of graph document. I don't have the "application" to open that, but when I double click the document Longhorn uses things like Indigo to grab the necessary application from the web and seemlessly install and run it. (Yes, securely... this is all managed code running with code access security.)

The application renders itself in the same window that all other application render themselves, regardless of whether or not they reside on my location machine or on a remote server. As far as I'm concerned the only thing I need to know to view a document is to double click it. There will be no more concept of a "Word Application" versus a "Word Document" or a "Movie Player Application" versus a "Move file". There is just people and data.

Sure, there will still be people browsing web pages. That won't go away for a long time. But I suspect that web pages will slowly give way to web-based applications that run under the rich framework provided by Longhorn. Eventually, users will demand the rich experience it provides... and web pages like those that exist today will die... just like gopher and veronica did.

They have said smart tags would do this

Huh? I don't recall them ever saying that. Smartags are really just a tiny peek at the future of interconnected applications.

they have said that hardware would be free and software would be provided as a service

I don't think they ever said hardware would be free. I have heard them, among many, say that hardware would be a commodity. Indeed, that's exactly what appears to be happening.

And software is quickly becoming more and more service based. There is a huge industry providing service based software, although most of it is being consumed not by end users but by other software companies. It's still too difficult to deliver these things to end users reliably. That's where indigo and longhorn come in.

their own web services (MSN, MSN Search, Hotmail) were all bought or copied

Hotmail was bought. MSN was created from scratch. MSN Search uses technology bought from another company. Your point?

their own browser was bought and copied

Huh? IE was created from scratch... and how can something be both bought AND copied?

they barely realized the potential of the 'net in time to take advantage, what makes you think MS are the ones to realize this?[i/]

You're correct, they almost missed the boat. But they didn't. They've turned it completely around, and are now easily the leaders. I think they're going to realize this because I've been following their progress. They're the ONLY ones really innovating in this area right now. Why don't you go and check it out for yourself.

Why? Catch up to what exactly?

Again, go read up on Longhorn, Indigo, and the next version of .NET. It will take other companies years to catch up if they can catch up at all because Microsoft has spent billions and probably close to 7 or 8 years working on getting us to Longhorn.

Continued on next post...

#8 By 2332 (66.228.91.60) at 9/16/2004 1:55:56 PM
Continued from previous post...

#9 - This 'further integration' with windows in Longhorn is what scares me the most.

I'm really not sure what you mean. IE's integration with Windows has nothing to do with the security problems it has. IE makes Windows vulnerable for several reasons.

First, it's buggy as hell. Second, basically everybody uses it. Third, the whole point of the application is to connect to remote machines and get data from them. Fourth, it had technologies like ActiveX which made the attack surface area much larger.

The fact that it is also part of a lot of Windows libraries makes absolutely no difference.

Any application that runs as admin (since most users run as admin) and connects to remote, unknown hosts is bound to be a great attack vector. Simple as that.

Your spyware problem is the result of a combination of the tendency for users to click OK to every dialog (like ActiveX dialogs), and the buggy code in IE. That's it. It has nothing to do with integration with Windows.

Longhorn solves many of these problems by using managed code that runs with code access security.

#9 By 2960 (68.101.39.180) at 9/16/2004 3:54:10 PM
#11/12,

I'm sure this is all fact. But the other fact is, like RMD has stated, for whatever reason (we know a few), FireFox is STILL safer.

I have never had any piece of malware installed on a computer running strictly FireFox/Mozilla. None. Nada. Ever. Neither have any of my friends or co-workers.

Will that change? Maybe. But until IE gets a LOT smarter about allowing ActiveX installations, or at least help the _average_ user understand and know what's going on better, then IE will never be as safe as FireFox/Mozilla.

IE in SP2 is a grand start. The fact that Microsoft is not updating IE in the other OS's is, IMHO, unacceptable however. If they _really_ cared about IE, they would fix the damneed thing _everywhere_.

TL

#10 By 10896 (142.167.148.13) at 9/16/2004 4:23:16 PM
#17

Great reasoning. Despite all facts showing that Firebox and Mozilla have more critical security vulnerabilities, you just know it is safer. Based on what?

I have never had any malware /spyware on my personal computers running both 2000 and XP(before and after SP22), exclusively using IE as I dont allow open sores crapware on my computers. Yoou may be right that stupid users are the main cause of problems with IE which I definitely have seen at work.

If you dont like Active X controls it is easy to disable them.

#11 By 2332 (66.92.78.18) at 9/16/2004 6:27:55 PM
#18 - We have been over this MANY times on these boards.

Firefox is safer because fewer people use it, and it is therefor targeted far less often than Internet Explorer.

Simple as that.

For the same reason, Macs are safer to use than Windows machines. Fewer people use them, so fewer bad guys target them with malware.

#15 - Ah yes, you are correct. Regardless, one can hardly say that today's browser in anyway resembles Mosaic. (That was the implication of the original poster.)

#12 By 21203 (208.252.96.220) at 9/16/2004 6:39:34 PM
I'll just add to that statement from before, to my own version:

I have never had any piece of malware installed on a computer running strictly MSIE. None. Nada. Ever. Neither have any of my friends or co-workers.

You know why? We know how to secure our systems.

I do know people who have gotten spyware, viruses, and trojans using Firefox. Why? Because they don't know squat.

Now lets turn this around:

If you're an intelligent admin, you can secure either product.

If you know where the holes are, you can secure them. Don't run as root, don't execute unknown code, turn off any automatic execution.

Beyond that, it's a feature comparison of both products because right now Firefox is showing more targets than IE. Wild exploits are irrelevent because you still are obligated to patch.

#13 By 10896 (24.25.182.11) at 9/16/2004 7:38:23 PM
#19

I dont agree with that reasoning. Either something is inherently secure or it isn't, and it doesn't matter whether 1 million or 200 million users employ it.

When Firebox is finally targeted by hackers, I bet it will be the worst security problem ever seen.
I still maintain with over 20 critical vulnerabilities, since June, it has to be the most unsecure piece of software ever made.

From what I have seen Firebox/Mozilla has sevre memory problems that appear to be getting worse with each new release.

#14 By 61 (65.32.168.114) at 9/16/2004 10:10:09 PM
Halc: So tell me, if IE is included features that were already available eslewhere, how was it quite literally the most advanced browser with the release of IE4? There was NOTHING that was as feature rich as IE until the Mozilla project, finally, got out their first release.

Not that it really matters anymore.

Also, one thing that is really nice about the updated version of IE with XPSP2 is it allows you to enable or disable installed 'plug-ins' (ActiveX controls).

#15 By 143 (68.77.74.101) at 9/16/2004 11:36:21 PM
I like both IE and Firefox.
Is that a bad thing?

#16 By 61 (65.32.168.114) at 9/17/2004 12:40:55 AM
IE4 was BY FAR the best browser of its time, and only enhanced in IE5, from there it just stagnated, but to state otherwise is ABSOLUTELY rediculous.

#17 By 7797 (68.142.9.161) at 9/17/2004 7:43:54 AM
Parker it would be wiser if you would be quiet on this issue from now on. We all know your opinion. You have fanfared it loudly many many times. Why don't you stop, be patient and wait until you can say HAHA, I told you so! And I'm not talking about speaking up again when the next security flaw in firefox is released. Be bold. Make a longterm doomsday prediction for firefox and stick with it, but shut up about it until it either comes true or not. It should be abundently clear by now that you're not convincing anyone here. The only reason for your continued anti-firefox spouting is the need to troll this site. We are all aware of your views and you haven't brought anything new to the table.

RMD, Firefox is more secure even IF it ever gets a noteworthy marketshare, making it a target to hackers. Why? Because is deeply integrated into windows while Firefox is not. A browser is an application that by definition faces the many malicious threats on the internet by its day to day use. A flaw in IE can be a flaw in the underlying OS, a flaw in Windows itself due to this integration. A flaw in Firefox never equals a flaw in the OS. The browser should be seperate from the OS for the same reasons why you have an internal network and a DMZ.

#18 By 2960 (68.101.39.180) at 9/17/2004 9:01:48 AM
#26,

Actually, I'd have to call IE 5.01 the best version of IE ever. It brought stability, speed and (for the time) a good feature set.

IE turned into a bloated pig starting with version 5.5 and it has been every since.

TL

#19 By 2960 (68.101.39.180) at 9/17/2004 9:52:45 AM
Speaking of XP SP2, did you guys catch this ?

http://www.pcwelt.de/know-how/extras/103039/

#20 By 61 (65.32.168.114) at 9/17/2004 10:09:39 AM
I don't see how IE6 is a bloated pig, all it's features are nice and easy to get to, it's not cluttered up or anything... An app is only bloated when it is slow, clunky, and has a bad UI, IE has none of these charactaristics.

Now a bloated browser would be MyIE2.

#21 By 7797 (63.76.44.69) at 9/17/2004 2:06:17 PM
Parkker, Firefox has a LOOOOOOONG way to go before it ever catches up with IE in terms of security holes.

You're not on target!

#22 By 7797 (63.76.44.120) at 9/17/2004 6:50:25 PM
"So for 2004, Firefox already is in the lead!!!!!!!!!!!!!!!!!!!!! "

Just because its in the lead for 2004 doesnt mean its anywhere NEAR catching up.

#23 By 61 (65.32.168.114) at 9/18/2004 10:59:28 AM
Halc: My IE only uses 15mb....

Edit:

Firefox is using 30mb...

This post was edited by CPUGuy on Saturday, September 18, 2004 at 11:00.

#24 By 23275 (68.17.42.38) at 9/18/2004 4:18:33 PM
I remain concerned that people who claim that when using Firefox that they get "no" mal-ware, including spy-ware. Since these browsers differ in significant ways from IE, store objects in different locations, etc... I question the ability of detection programs to detect mal-ware/spy/ad-ware that may be acquired by these browsers. Most, if not all cleaning and anti-mal-ware programs are designed to work with IE - primarily. I can share only what I see and know, but with Pest Patrol Pro Plus, free Spyware Blaster 3.2 and some common sense, even prior to XP SP2, IE was entirely safe and a lot better experience [for me in any case].

After SP2, it has been even better and I do check often, but less so, because since SP2, I have seen no mal-ware of any kind.

Of course not going to adult sites, P2P activities, or warez sites eliminates about 90% of the risk to begin with. The nasty secret is that the majority of malicious code out there resides in the worst parts of the web.

#25 By 23275 (68.17.42.38) at 9/18/2004 10:45:10 PM
Hi Hal,

DEP - even in its native non-hardware state, removes the attack paths that may have existed between the public interface and the OS - most especially any systems level files. Data Execution Protection is a lot more sophisticated than has been discussed in any open press. Arbitrary access to even the LMZ simply cannot happen in the ways it has in the past - not even logged users with Domain or Enterprise Admin rights can cause it on a remote system - not without logging in - and if such a login were compromised, one would have a heck of a lot more to be concerned with than IE centric ad-ware. As far as any open debate is concerned opposite real-world security, I'd be all over OpenSSH "yeah I know, diverting, here..." but very seriously, unpatched OpenSSH daemons are my biggest concern for all of us... I say this, because so many management systems use it and privsep was not available before version 3.7.2 [3.9.x recommended with privsep set to true]. My point is, if security focus is the issue - then there are some truly big fish out there to fry. Just a hint fellows...check for hidden .ssk dirs in your directories and lock down who can use SSH in and out bound - about 80% of systems we examine have compromised daemons under the full control of external users - each using elevated root level permissions - regardless of password compromise. The cracking community like to target default install /games directories on most distro's - don't BS me, either - most have never cleaned these out... again, 80% It can be done in seconds, too and full control gained in under two (2) minutes on any Linuces running SSH.

Write Comment
Return to News
  Displaying 1 through 25 of 334
Last | Next
  The time now is 10:14:12 AM ET.
Any comment problems? E-mail us
User name and password:

 

  *  
  *   *