Tuesday, April 19, 2005

Be careful what you wish for

Like most of the world, I use Internet Explorer as my primary browser. A few months ago, I downloaded the final version of the new Firefox browser from the Mozilla Foundation. I like it a great deal, but I still use IE as my primary browser -- more for convenience than for any other reason.

IE has long had security vulnerabilities which hackers and virus writers love to penetrate. Both Mozilla and Apple developers scoff at Microsoft saying their browser is much more safe to use and does not have these vulnerabilities. I've long assumed that IE is the target not because it's less secure than Firefox or Safari (Apple's browser), but because it has the largest installed base and a virus writer is more inclined to spend their time working with IE code than others.

Now that Firefox is making inroads into IE's installed base, it is also finding itself a target for hackers. Firefox just released a set of patches to fix some security vulnerabilities. This is on top of patches released several weeks ago. I'm not aware of any problems with Apple's Safari browser, but I also suspect that Mac's small customer base makes it a less attractive target than Windows-based browsers.

The point is that no browser is 100% secure. Companies stating that their browser is foolproof only serves to challenge hackers and virus writers who will eventually find a vulnerability.

Firefox, Apple...be careful what you wish for!