Mozilla Plugs Firefox Code Execution Hole

Just trying to keep score …;-)

A new version of the open-source Firefox browser ships with “significant security and stability improvements.”


[Via eWEEK.com Messaging and Collaboration]

Peter de Haas
Peter de Haas

Peter wordt gedreven door de grenzeloze mogelijkheden van technologische vooruitgang en heeft meer dan 35 jaar ervaring op het snijvlak van business en IT. Gedurende zijn carrière heeft hij talloze ontwikkelingen zien opkomen en de impact ervan op organisaties en mensen van dichtbij meegemaakt. Met een scherp oog voor het vinden van oplossingen waar anderen obstakels zien, heeft hij zich ontwikkeld tot een vertrouwde expert in digitale transformaties.

Met Designing a Better Workday. als zijn missie helpt Peter individuen, teams en organisaties nieuwe vaardigheden te ontwikkelen en baanbrekende oplossingen te implementeren die werk slimmer, efficiënter en betekenisvoller maken. Zijn inzichten en ervaring maken hem een gewaardeerde bron voor iedereen die technologische trends wil begrijpen en benutten.

Artikelen: 3841

17 reacties

  1. BJ,
    Glad you enjoy it 😉
    What I honoustly find is that the presscoverage on this type of news is always rather mild and not very wide spread, so keeping score is fun 🙂

  2. only fair to give full details for those msft flyboys 🙂
    every product written has bugs. apart from the fact that usabilitywise, standardwise and speed of development, ff is /by far/ a better browser, the “given enough eyeballs” principle holds true as well for mozilla (and most most of the “Wideley Reagrded As Mature (opensource) Software” products.
    So it is not just howmany bugs a cetrain products has, it’s also what the impact is of the bug (local exploit, remote exploit, root/admin access ect) and the days between the day the exploit was known, and the day an official (! 🙂 ) patch was available.
    now given that, take a look at
    http://www.webdevout.net/security_summary.php
    🙂

  3. Bert,
    Thanks for the summary.
    With my post(s) about Firefox I am not trying to give the impression that Firefox has more issues that IE; unfortunatly (from my perspective) this is not the case. I merely want to illustrate firefox, as any other sw product, is not flawless …
    Thanks for your links, they do give a good impression of where the browsers stand these days.
    I do have the impression that vulnerabilities discovered and exploited do have a thight relation with the marketshare.
    I am very glad firefox came along, because Microsoft did go to sleep on that one. I look forward to IE 7 …

  4. Whether or not you are “trying not to give the impression that Firefox has more issues that (sic) IE…”, you are doing just that by only ever talking about Firefox in the negative and never (so far as I found anyway), discussing the (many) issues with IE. I understand that you are heavily biased towards commercial software and microsoft in particular (my opinion based on the content of your blog) but, don’t say your not trying to give an impression when, by all appearances, you certainly are. It does more to paint a disingenuous picture of you than to help your cause. If you don’t like Firefox – just simply say it and say that you don’t care about it – don’t try to pass your comments about it off as innocuous at the first sign of someone’s feathers being ruffled. I mean who cares – right? in summation: just be real.

  5. @Carl,
    You are correct on my biased view of the world with regards to commercial software.
    I a merely paying attention to the fact that also Firefox has challenges as would any other sw product. You are correct that the blogposts I do only are related to issues with Firefox as for promotional stuff there’s plenty of other sources.
    At the end of the days the figures don’t lie. Microsoft is losing marketshare in the browser business and needs to step up. The introduction of Firefox has made this very clear and it is being worked on.
    Meanwhile I try to follow what is happening (“keeping score”) by also looking into the challenges Firefox has. Relative to IE they’re still more positive, yet aparent …

  6. peter, i am glad you are pro /commercial software/, so am i. this includes however opensource software, something fud-spreaders either dont know or care about.
    so once again: oss can be commercial software!
    regarding carl: yes, this is a msft flyboy blog with the “lets pretend it is still 1995 and we are still the naked emperor of the desktop” attitude. in time ppl will understand the benefits of oss.
    i do agree with peter that mozilla is the best thing that could happen for msft. otherwise msft would wake up from its coma and we wouldnt want to see that happening right? 🙂
    well, if you think ff is something that waked msft up, msft seemed to have missed dozens of alarmbells. just wit, we will have World Dominition [tm] and msft will be a synonym for mainframe, cobol and commodore.
    regarding marketshare and number of exploits, sure that one was bound to happen. i personal think it has something to do with the code being open so exploits are /far/ easier to make and fix! see why “master hacker” kevin prefers to hack ossoftware:
    http://www.tectonic.co.za/view.php?id=839

  7. last thing peter: how would markteshare of browsers explain the difference in time between exploit and patch?

  8. and euuh, do you know that this blog is partly running on quality opensource software?
    Server: Apache/2.0.54 (Fedora)
    and sometime ago I saw squid as a reverse proxy as well before the box. you should not know or care about that however, since it all this oos stuff do is deliver high uptime for a low cost 🙂

  9. @Bert
    On your marketshare question. They don’t.
    On the other hand the difference in time between exploit and patch is, olthough a very important aspect, not the only driver for marketshare I think.
    I am very certain security is a very important criteria in the development of IE 7, as is the time between exploit and patch.
    In general, outside the browser discussion, lies a more fundamental question as well : How do you get the average user to actually apply patches in order to prevent from exploits ?
    I am glad to see Microsoft goes through considerable effort to address this as they should do.

  10. @ Bert,
    Thanks for the check up.
    Yes my blog is hosted by Typepad, so open source is part of the deal.
    When moving from Blogger (yes …Google) to another solution I primairly looked into the features and capabilities a blogging solution could provide.
    Blogger misses out on a lot of things, as does MSN Spaces from my perspective.
    Today TypePad provides me the best solution an I frankly don’t care what it runs on. I am not that much of an “MS fly boy”;-)
    Although the perception is easily created (and maybe my lack of knowledge on the details is to blaim), I am not against OSS. I just believe in the business model of commercial software …

  11. re: “I just believe in the business model of commercial software …”
    i am repeting myself. but i am pro commercial software as well. that does not however exclude oss. so i like the advantages of commercial software combined with a license that is non restrictive in terms of how to use and less restrictive in how to change and redistribute the software, the community part and the developement cycle (“agile software development”).these three (license, comunity, development way) together make what oss stands out from unfree software but still /can/ make commercial software.

  12. Same old FUD… Suggesting that OSS and commercial S/W are opposing views of the same thing is just plain disingenious.
    Open Source v.s Closed Source
    Commercial v.s Non-commercial

  13. “I am not that much of an “MS fly boy”;-)” […] “because Microsoft did go to sleep on that one.”
    Have you had a bad day?
    Or should I say
    “Peter, do not comment when you are drunken!”
    Anyway no reason to take a week off or have you been instructed to join the Redmond Bootcamp to get reinizialized 😉

Reacties zijn gesloten.