Chris, compare like and like. The last major release of Internet Explorer was in 2001. The last (only) major release of Firefox was in 2004.

Microsoft have had four years to find and fix all the security holes in Internet Explorer 6.0. The fact that they are STILL finding them on a regular basis is damning. The fact that there are some in a relatively new piece of software like Firefox is expected and nothing out of the ordinary.

I’m not too pleased with Firefox’s security record myself. But it’s worlds apart from Internet Explorer’s.

On the other hand I find it harder to get information about strange FF behaviour (program starts but doesn’t show, or buggy profiles/screwed up themes) than it is to find a solution for similar IE behaviour. But that is probably a matter of the number of users.

But I will never switch back. The only real issue with FF is that a clean fresh install is hard to do. It picks up where you left before uninstalling and reinstalling. But hey, try uninstalling IE is impossible without risking your computers stability

Yup.. definitely quicker than Microsoft.

Chris, a new product is certain to have more bugs found than an established, million time patched app like IE.

However, as has already been stated, the difference is that Mozilla will react quickly to any public or non-public security hole found in their products, where-as MS usually doean’t do anything for months or until there is a public outcry.

However, the MS attitude does seem to be changing – they have recognised that they need to be pro-active with security and semm to be fixing problems before they become big issues.

But in the end, I think it comes down to motives – the MS motive is to make profits, the Mozilla motive is to build a reputation for producing good sfotware.

It’s another one of those unwinnable holy wars – and although I’m a big Firefox fan, I won’t be getting involved in any crusades.

So much for Firefox being secure by design – Secunia.com reports 12 FF vulnerabilities found so far in 2005, vs. six for IE. And this is despite the fact that there are an order of magnitude more people using IE (hence bigger target and more people to report bugs). These damning statistics also confound Mozilla’s secretive bug-reporting policy and make me wonder how many other critical bugs are lurking in Firefox.

Glad to see Matt recognises the hypocricy surrounding Firefox advocacy, although “double standards” doesn’t even begin to describe it.

I use netscape navigator.

Man that’s hilarious.

“Ya… And Mozilla makes how many programs? Something in the range of 5?

On the flip side Microsoft makes how many programs? I don’t really know, but I assure you it’s a lot more then 5…

And what’s that huge thing they do… Oh Windows…

So… Keep all their programs very up to date, or just 5…

With out pretending like I know for sure (because I can’t) I would say under the same conditions as that of Mozilla Microsoft would have many more security fixes. “

I normally hate responding to trolls, but I’m not certain that this is meant to be a troll, so…

See, Microsoft has these things called “billions of dollars” and “thousands of employees”. The Mozilla Foundation has, I think, somewhere under ten full-time employees. I would assume that Microsoft has at least that many people dedicated to maintaining IE.

The difference is in the two types of behaviour. One (yours and Mozilla’s) is ethical, although mistakes are made. The other (Wallace’s and Microsoft’s) is unethical because they don’t have their priorities right and don’t correct their behaviour to act better in the future.

http://jdk.phpkid.org/index.php?p=1182

JD

Mozilla in general is very quick about patching security holes, especially ones that have exploits in the wild. Microsoft has taken as much as 6 months (if not longer) to patch known security holes that have exploits in the wild.

Let’s face it, just about any piece of software has security holes (WordPress even). The key is how fast they are fixed and the design of the software to prevent security holes (or at least lessen the danger posed by them).

There have been only a few instances of ‘sluggish’ response times from firefox developers – considering the differences in budget, it pretty much speaks volumes.

Microsoft often go for weeks or months even before plugging known vulnerabilities. They have a massive budget compared to the Firefox team – yet the FF team seem to be on top of issues shortly after they become apparent.

Perhaps it’s that ‘fix first, ask questions later’ philosophy, versus the ‘fix it, but only if a large number of people notice’ method that causes folk to cut the FF team some slack – we know they’re aware and plugging the problem, with MS, you just never can tell.

On the flip side Microsoft makes how many programs? I don’t really know, but I assure you it’s a lot more then 5…

And what’s that huge thing they do… Oh Windows…

So… Keep all their programs very up to date, or just 5…

With out pretending like I know for sure (because I can’t) I would say under the same conditions as that of Mozilla Microsoft would have many more security fixes.