Web Apps Since 2004.

Is your website boring?  Kick it up a notch.  Encodable apps easily drop into your website to make it modern, fun, and interactive, with features like file uploads, user accounts, paid subscriptions, protected pages, live chat, visitor logging, mailing lists, and more.
All apps include:
• Money-back guarantee
• No monthly fees
• Free tech support
• Easy setup (we can even do it for you!)

IE More Secure Than Firefox?

# Filed on Nov 15, 2005 by Anthony DiSante 2 replies

The other day, someone told me that they believed Internet Explorer was more secure than Firefox.  If it had been just some random person, I would have simply written them off as part of the uninformed/uneducated/unwashed masses, but this was someone who works in the computer industry and knows a ton about these kinds of things.

I was flabbergasted; I didn’t even know how to respond.  I didn’t know there actually existed people who could believe something like that.

When I regained my wits, I did some quick research to make sure it wasn’t me who was crazy.  Here’s what I found:

SecurityFocus:
IE: 64 vulnerabilities
Firefox: 0 vulnerabilities (select latest version after page loads)

CERT:
IE: 161 vulnerability notes
Firefox: 34 vulnerability notes

Secunia:
IE: 89 vulnerabilities, 21 unpatched; rated "Highly critical"
Firefox: 25 vulnerabilities, 2 unpatched; rated "Less critical"

It’s hard to argue with numbers like that.

Comments:

01. Oct 31, 2006 at 01:48am by Eric:

"Itís hard to argue with numbers like that."

Actually, it’s easy to.

What you found were databases that contained *known* vulnerabilities. The reason there are so many known vulnerabilities in IE is the same reason there are so many known vulnerabilities in Windows compared to MacOS and Linux: because there are orders of magnitude more people *looking* for vulnerabilities in IE compared to Firefox.

Almost everybody on the planet uses IE.

There, I said it.

It’s not "most people", it’s not merely a "majority", it’s an *overwhelming* majority; almost everybody. If you’re a thief, you don’t waste your time learning to crack a safe that 1 bank out of 10 uses, you learn to crack the safe that the other 9 use.

If Firefox had 85+% of the marketshare, exploits would be coming out of the woodwork.

In fact, it’s safe to say, that in Vista, with IE7 running in protected mode, Firefox will be *far* more vulnerable to hackers (assuming it ever gets enough marketshare for the hackers to care).

02. Oct 31, 2006 at 07:25am by Anthony:

The reason there are so many known vulnerabilities in IE is ... because there are orders of magnitude more people *looking* for vulnerabilities in IE

That’s true to some extent, but it’s not the whole story, and your final comment regarding Vista illustrates it nicely.  One of the reasons IE is so insecure is because Windows is so insecure and IE hooks into Windows in insecure ways (hello, ActiveX).  With IE running in "protected mode" as it should have been all along, and on a new version of Windows that actually has half-decent privilege separation, IE will be much less insecure.

Reply to this message here:

Your name
Email (why?)
Website (if you have one)
Subject
search posts:

home | archives ]

Shopping Cart

Your cart is empty.

Client Quotes

I just want to say you guys really stand alone in that you have a quality product and you provide genuine customer service.  It's sad but those qualities are seldom found separately, much less together.  Thanks again for your time and help.
– Alex S.
Thank you VERY much for all of your help.  You've really impressed me.  We have support agreements for other software that costs thousands of dollars / year (just for the support), and most of them aren't as helpful as you have been.
– Keith Y.
I just installed the demo of your product and got it up and running in no time.  I searched high and low for a decent login script and thank God I found yours.
– Adrian F.
Do you know how rare it is to have a "canned" shopping cart that can easily do complex pricing options on a single item?  Basically, they don't exist!  I have looked.  Everywhere!  And the few that might even come close to CornerStore's functionality cost a fortune!
– Tashina P.
FileChucker is a great drop-in solution for file uploads, and worth every penny of its very reasonable cost.  Encodable's support is excellent to boot.
– Loren A.
The work, the thought and the organization you put into this app is incredible.
– Bruce C.
You've done a wonderful job with FileChucker and UserBase, and they have made a big difference to how our website runs.
– Nicholas H.
FileChucker is helping drive the backend of several high profile entertainment sites for people like Shania Twain and Dolly Parton.  We're also using it to drive backend file uploads for a multi-billion dollar banking institution.  It's a great product.  We've tried other "chucking" upload solutions with progress bars using flash and php, but nothing works as reliably as FileChucker.
– Michael W.
Just one word: Fantastic.  10-minute job to plug FileChucker into my app, and it now works a treat.  It's through the hard work by people like yourselves that make my job so much easier.  Congratulations on an outstanding product... Many many thanks.
– Sean F.
Why didn't I just do this from the get-go?  So much easier.  Thanks for your work.  FileChucker makes my work easier.
– Dominic M.
I looked all over trying to find a simple cgi script.  I found that FileChucker was by far the best.  If you have issues with your hosting service's php.ini max upload size then this is the way to go.  Looking forward to future enhancements.
– Bob C.
Our members think your software is fantastic...  I would recommend your software and your company to anyone.  Thanks for all your help.  It has been a pleasure dealing with you.
– Tommy A.
I just wanted to say that yours is the first product that I've tested so far that hasn't failed on handling uploads.  This is going to work for a print company, so they are handling nothing but large files and all the other solutions I've tried so far have not been reliable.  So far yours has been 100% successful in my tests.
– Kevin H.
FileChucker is working great...  Clients love it.  Vendors love it.  We love it.
– Gerry W.
The amount of customization in the program is incredible.  I was able to integrate it into my existing page layout relatively simply.  I was also able to easily customize the look/feel to match the current site.
– Jason M.
Nice script, it's saving the day on our project.
– Aaron W.
Thanks again for a great product and great support - beyond expectations.
– Greg S.