My husband uses firefox and i still use IE, I love it as its what i was brought up using When designing though i do look at my websites through his brouser and mine as there are so many problems that you dont get in IE but you do get when shown in firefox, so i fix so it looks good in both normally
I'll concede that these days all browsers are roughly equal in security, but IE was more easily exploitable. You can't deny that. Perhaps you've forgotten how bad it was, so here's a refresher from June 2004 (which was prior to the August 2004 release of XP SP2). http://news.com.com/IE+flaw+may+boost+rival+browsers/2100-7355_3-5250697.html Which led to this gem from US-CERT*: http://www.kb.cert.org/vuls/id/713878 *The United States Computer Emergency Readiness Team (US-CERT) is a partnership between the Department of Homeland Security and the public and private sectors.
I just realized my choice of links probably won't convince you that IE was more easily exploitable. Well, here's another link. http://news.com.com/IE+flaw+may+boost+rival+browsers/2100-7355_3-5250697.html It starts off with a comment in support of what you're saying... Ah ha, they're not done yet...
How about something more recent? AFTER SP-2? Like less than two months ago? http://news.zdnet.com/2100-1009_22-5873273.html?tag=nl.e589
minstrel, what part of "I'll concede that these days all browsers are roughly equal in security" don't you understand? At the time of this posting secunia has the following to say. http://secunia.com/product/4227/ http://secunia.com/product/11/
What part of following that statement with two posts about security vulnerabilities in IE did you miss? I just balanced the books - I can post a lot more of them if you wish...
Ill always use IE, its much faster than Firefox on my machine plus most people dont know or care about getting their sites to work in both and so I would rather use the buggy but working IE for my work.
The only thing I wanted to prove was that IE was a security nightmare, and for more reasons that just it's the most popular browser. I hate to use an anecdote to argue a point, but I remember back when I used IE a few years ago, I went to a lyrics site (notorious for underhanded ads), and later was surprised to find that some spyware had found its way onto my computer. I never accepted any ActiveX components. It was caused by some exploit in IE. I owe this vulnerability to the fact that Microsoft used to prefer ease of use over security in regards to their ActiveX technology. These days all browsers have an acceptable enforcement of security, so if you want to use IE, then that's fine with me. The exploits that have been happening lately are things like buffer overflows, which I don't blame on a blatant disregard for security. Oh, and I love one quote from the last article you quoted. Those ever-creative hackers have found ways to enter your system through Firefox, and then exploit IE. Who would you blame that one on?
Since they're entering the system via Firefox, I'd blame Firefox. As for buffer overruns, you are aware that Firefox and many other bits of software have also had that problem, aren't you? I'll use one of your own examples: http://secunia.com/product/4227/ Look at the vulnerabilities listed there - spoofing issues, dangerous download issues, "control of your computer" issues, etc., etc. As with your IE example, most have been "patched". The problem for Firefox is that "patched" means that a patch has been issued - many people running Firefox do not update frequently if at all, partly because of the hype that says Firefox is secure so they believe they no longer have to worry about such things. Microsoft, on the other hand, has an autoupdate service that is enabled by default (meaning you have to specifically and intentionally disable it to turn it off) that automatically patches vulnerabilities each time the individual connects to the net.
That is exactly what I meant by that. Buffer overflows are everywhere. You're not willing to give an inch, are you. To show you I'm a good sport, here's an article that seems fair to both our points. http://www.linuxpipeline.com/160902333 My point: Your point:
Thanks. That is exactly my point. I'm not anti-Firefox - I just don't like it personally as much as I like IE. But I have family members who prefer FF and the problem is that they, like many others, believe this makes them invulnerable. And when they discover that's not true, I get a call to clean it all up.
As a sort of conclusion... I switched to Mozilla back when IE had fundamental security issues, but I'm sticking with FF because I like the features. I believe Firefox 1.5 makes security updates automatic (user can opt out), which puts it on the same level as Microsoft. Just as Microsoft hasn't gotten all of its users to turn on automatic updates, I'm sure Mozilla will have the same problem. Hopefully they're able to get their updates working at least as good as Microsoft. If they don't, then that definitely hurts my opinion of Firefox.
To clarify: The default is "ON". Therefore, you need to deliberately and intentionally turn it "OFF" - and when you do, Windows warns you that it's a bad idea...
I use both. Fire Fox for personal use and IE to develope. I see 90%+ visitors coming to my sites using IE therefor I need to develope with IE in mind.