We hope you enjoy your visit.

You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free.


Join our community!


If you're already a member please log in to your account to access all of our features:

Username:   Password:
Add Reply
  • Pages:
  • 1
  • 2
FireFox and Panda Titanium 2005
Topic Started: May 19 2005, 05:06 PM (796 Views)
Aaron
Member Avatar
A blast from the past.

some ligment sites are also "giving" out spy ware and stuff. >_< :no:
Quote:
 
http://windowssecrets.com/paid/0745465284 (subscription required?)


Some remarkable statistics comparing the major Web browsers have been
developed by Scanit NV, an international security firm. The company
painstakingly researched the dates when vulnerabilities were first
discovered in various browsers, and the dates when the holes were
subsequently patched.

The firm found that IE was wide open for a total of 200 days in 2004,
or 54% of the year, to exploits that were "in the wild" on the
Internet.

The Firefox browser and its older sibling Mozilla had no periods in
2004 when a security flaw went unpatched before exploits started
circulating on the Net. With the latest 1.0.4 upgrade, Firefox has
retained its "patch-before-hackers-can-strike" record so far in 2005,
as well.

These statistics are so important to understanding the "attack
surface" of the major browsers that we should break down this study
into its individual findings:

....IE suffered from unpatched security holes for 359 days in 2004.
According to Scanit, there were only 7 days out of 366 in 2004 during
which IE had no unpatched security holes. This means IE had no
official patch available against well-publicized vulnerabilities for
98% of the year.

....Attacks on IE weaknesses circulated "in the wild" for 200 of those
days. Scanit records the first sighting of actual working hacker code
on the Internet. In this way, the firm was able to determine how many
days an IE user was exposed to possible harm. When Microsoft released
a patch for an IE problem, Scanit "stopped the clock" on the period of
vulnerability.

....Mozilla and Firefox patched all vulnerabilities before hacker code
circulated. Scanit found that the Mozilla family of browsers, which
share the same code base, went only 26 days in 2004 during which a
Windows user was using a browser with a known security hole. Another
30 days involved a weakness that was only in the Mac OS version.
Scanit reports that each vulnerability was patched before exploits
were running on the Web. This resulted in zero days when a Mozilla or
Firefox user could have been infected.

The Opera browser also experienced no days during which unpatched
holes faced actual exploits, but Scanit began keeping statistics on
Opera only since September 2004.

Another security firm that tracks security holes in IE, Firefox, and
many other applications is Secunia. As of today, Secunia reports that
there are still 19 unpatched security flaws in IE, the most severe of
which is rated "highly critical." Firefox has only 4 unpatched flaws,
all of which are rated "less critical" or "not critical," the lowest
severity rating. Opera has none.

http://forum.iamnotageek.com/t-1819071507.html
Offline Profile Quote Post Goto Top
 
1 user reading this topic (1 Guest and 0 Anonymous)
« Previous Topic · Community Chat · Next Topic »
Add Reply
  • Pages:
  • 1
  • 2