The diary and photos of Chris Beach. I'm into windsurfing, coding, badminton, drawing and composing music using computers and synths.

Let's start with a quote:
"I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours" Stephen Roberts


email: password:
Sign in with Google

is firefox more secure than internet explorer?

(updated 11/09/2004)

In their FAQ, Mozilla answers with the following five points (annotated by me):

Yes, Firefox and all other Mozilla-based products are more secure. Why? Here is a list of the most important reasons:

It is not integrated with Windows, which helps prevent viruses and hackers from causing damage if they somehow manage to compromise Firefox.
Firefox, like IE, has access to system files, the registry, the system environment and memory. This makes a Firefox vulnerability just as compromising as an IE vulnerability.

There is no support for VBScript and ActiveX, two technologies which are the reasons for many IE security holes.
Instead there is support for XUL (the spoofer's dream), XPCOM/XPI (Mozilla's ActiveX), system-privileged JavaScript and 3rd party extensions, which leave the browser open to manipulation. It's worth noting that SP2 locks down concerns with scripting and ActiveX in IE.

No spyware/adware software can automatically install in Firefox just by visiting a web site.
Interesting - it was only the other night that a clever bit of Java managed to break it's sandbox in Firefox and almost wrote to my registry. Luckily, anti-virus software identified it just in time (it was the ByteVerify trojan).

Firefox doesn't use Microsoft's Java VM, which has a history of more flaws than other Java VMs.
See above - I think I prefer MS's Java VM already... the ByteVerify trojan doesn't affect me at all in IE

You have complete control over cookies.
How curious to see this comparison when Internet Explorer actually has a more powerful cookie-management feature than Firefox. In particular it has privacy zones, compact privacy policies, algorithms to detect personal info being disclosed in cookies, per-site enabling/disabling, full cookie browsing and more.

So, again, Mozilla is responsible for disinformation about Internet Explorer in order to promote their own product. If they were a commercial entity, they would already be in court under libel litigation.

written by Chris Beach
05/09/04 3:56pm
(10 years, 3 months ago)
comment 10 comments

photoadd photo

 33 links
more journal entries from tech journal