[121607] in North American Network Operators' Group
Re: Anyone see a game changer here?
daemon@ATHENA.MIT.EDU (William Pitcock)
Fri Jan 22 22:37:57 2010
From: William Pitcock <nenolod@systeminplace.net>
To: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <464D77DC-FEBE-4EB2-ABED-C4D93036EC38@cs.columbia.edu>
Date: Fri, 22 Jan 2010 21:37:19 -0600
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Fri, 2010-01-22 at 22:16 -0500, Steven Bellovin wrote:
> On Jan 22, 2010, at 12:26 AM, Bruce Williams wrote:
>
> > The problem with IE is the same problem as Windows, the basic design
> > is fundementally insecure and "timely updates" can't fix that.
>
> You do realize, of course, that IE is recording less than half the
> security flaw rate of Firefox? (See
> http://prosecure.netgear.com/community/security-blog/2009/11/web-browser-vulnerability-report---firefox-leads-the-pack-at-44.php)
Consider for a moment that both Firefox and Safari are built on
open-source code where the code can be audited. As a result, it is
clear why Firefox and Safari are more "insecure" than IE, it is simply
because the code is there to be audited.
Frankly, they are all about the same security-wise.
William
