 JMan0948Where's The Background Music?Premium
join:2003-03-25
Gilberts, IL | AND STILL!! And still IE is ahead. |
|
 JHBCalifornia Dreamin'
join:2002-02-08
California | Being a IE user, I love all the attention Firefox is getting. When Firefox becomes so big and more malware is written for it, IE will then have someone to share all the attention with. I wonder what new browser DSLReports will then advertise on this website. Keep it up Firefox, less attention for IE users. |
|
| said by JHB:
I wonder what new browser DSLReports will then advertise on this website.
They'll just keep pimping Firefox. To the fanboys, problems with Firefox mean nothing.
--
I do not trust Firefox. Spread anything besides that horrid piece of crap. |
|
bmn? ? ?Premium,ExMod 2003-06
join:2001-03-15
hiatus | Sort of the same way that IE fanboys think that the problems with IE mean nothing...  |
|
| said by bmn:
Sort of the same way that IE fanboys think that the problems with IE mean nothing...
Well, I'll just say that since I began using this version of IE almost a year ago, there have been no vulnerabilities discovered in it. I'd like to see Firefox go that long without a vulnerability. Firefox problems seem to crop up all the time, yet they're rarely reported. It's like the Firefox lovers think that if they don't talk about the problems, they'll just go away.
--
I do not trust Firefox. Spread anything besides that horrid piece of crap. |
|
|
|
 elboricuaEl SubestimadoPremium
join:2001-08-12
Bronx, NY
1 edit | said by Jeremy341:
Well, I'll just say that since I began using this version of IE almost a year ago, there have been no vulnerabilities discovered in it. I'd like to see Firefox go that long without a vulnerability. Firefox problems seem to crop up all the time, yet they're rarely reported. It's like the Firefox lovers think that if they don't talk about the problems, they'll just go away.
Unpublished vulnerabilities and no vulnerabilities found are two very different issues. When an IE vulnerability is found it is kept under wraps, and often as in the case of the phishing exploit not patched for months. When exploits have been found in Mozilla/Firefox they have been patched within days. And BTW all software has flaws and vulnerabilities. It is how those flaws are dealt with that separate software. And Firefox exploits are not kept underwaps like you claim. »www.mozilla.org/releases/mozilla1.8a4/ |
|
| said by elboricua:
When an IE vulnerability is found it is kept under wraps, and often as in the case of the phishing exploit not patched for months.
OK, let me rephrase what I said. No exploits have come out for IE6 SP2 since it entered beta. Any vulnerability, no matter how bad, is meaningless until an exploit exists. I'm not saying vulnerabilities shouldn't be patched until an exploit exists, but as long as they get patched before one exists, it doesn't really matter.
said by elboricua:
When exploits have been found in Mozilla/Firefox they have been patched within days.
That's true of some of them, but not all. The same can be said about IE.
said by elboricua:
And Firefox exploits are not kept underwaps like you claim.
Most of them aren't, but Mozilla can mark any exploit as confidential, and keep it under wraps. They've done it before, and who's to say that there aren't several vulnerabilities that they know about, but are putting off? You don't have full access to the database, so you don't know.
--
I do not trust Firefox. Spread anything besides that horrid piece of crap. |
|
bmn? ? ?Premium,ExMod 2003-06
join:2001-03-15
hiatus | reply to Jeremy341
said by Jeremy341:
Well, I'll just say that since I began using this version of IE almost a year ago, there have been no vulnerabilities discovered in it.
Strange... It must just be because I work with Windows and system security a lot more, but in the last year, I've applied a few patches to IE that were security related. The severity of which varied...
In fact, here are the CERT advisories about IE that I've received just this year...
»www.us-cert.gov/cas/techalerts/T···12A.html
»www.us-cert.gov/cas/techalerts/T···63A.html
»www.us-cert.gov/cas/techalerts/T···33A.html
quote:
I'd like to see Firefox go that long without a vulnerability.
Its called BETA software... Hate to tell you this, but its expected to have problems in the pre-1.0 stage... Only a pointy haired boss or someone ignorant of software development would expect software before version 1.0 to have few bugs.
quote:
Firefox problems seem to crop up all the time, yet they're rarely reported.
Wrong again... They are reported, but you apparently don't know where to look. The bug tracking section of the Firefox project site lists problems, security or otherwise, that are found. You just have to look.
Microsoft, on the other hand, does not report any bug publically until they feel the need to do so. This is a problem.
quote:
It's like the Firefox lovers think that if they don't talk about the problems, they'll just go away.
Microsoft fans have been doing that for years (and some still do)...
*sarcasm*
If they can do it, so can the people who use Firefox that don't follow the security notices...
*sarcasm*
--
Victory Not Vengeance
Viva La Fee' Verte! |
|
| said by bmn:
I've applied a few patches to IE that were security related. The severity of which varied...
In fact, here are the CERT advisories about IE that I've received just this year
Please make note of the fact that I'm only talking about IE6 SP2. None of those patches or advisories you referred to have to do with IE6 SP2.
--
I do not trust Firefox. Spread anything besides that horrid piece of crap. |
|
| reply to bmn
said by bmn:
quote:
Firefox problems seem to crop up all the time, yet they're rarely reported.
Wrong again... They are reported, but you apparently don't know where to look. The bug tracking section of the Firefox project site lists problems, security or otherwise, that are found. You just have to look.
I'm sorry, I meant reported as in news reports on sites like Slashdot or DSLR, not a bug reporting site.
--
I do not trust Firefox. Spread anything besides that horrid piece of crap. |
|
| reply to bmn
said by bmn:
Its called BETA software... Hate to tell you this, but its expected to have problems in the pre-1.0 stage...
Yes, and how many years have they been hiding behind that beta tag? You can't have it both ways. You guys want to tout this browser as the solution to every problem, but you still want to be able to hide behind the beta tag. Either stop recommending this browser to the general public (because it's a beta, and betas are expected to have problems, right?) or stop calling it a beta.
--
I do not trust Firefox. Spread anything besides that horrid piece of crap. |
|
bmn? ? ?Premium,ExMod 2003-06
join:2001-03-15
hiatus | reply to Jeremy341
said by Jeremy341:
I'm sorry, I meant reported as in news reports on sites like Slashdot or DSLR, not a bug reporting site.
That's another issue entirely...
Editorial decision making will dictate what is reported, more so than technical merit and level of severity... As I've learned from doing research, secondary sources rarely give you the whole picture.
--
Victory Not Vengeance
Viva La Fee' Verte! |
|
bmn? ? ?Premium,ExMod 2003-06
join:2001-03-15
hiatus | reply to Jeremy341
said by Jeremy341:
Please make note of the fact that I'm only talking about IE6 SP2. None of those patches or advisories you referred to have to do with IE6 SP2.
Mmmkay... That makes more sense....
quote:
Yes, and how many years have they been hiding behind that beta tag?
Less than two years... And that's not an unusually long period of time either.
quote:
You can't have it both ways. You guys want to tout this browser as the solution to every problem, but you still want to be able to hide behind the beta tag.
There is nothing wrong that... Its hardly unique to this project. In fact, I remember the Windows 2000 Beta test and having read similar stuff about Windows 2000.
Yeah, its probably pre-release hype, but at 1.0, Firefox will have outpaced IE in several areas and will deserve at least some of the hype...
quote:
Either stop recommending this browser to the general public (because it's a beta, and betas are expected to have problems, right?) or stop calling it a beta.
Tell it to the people who do that then... I've only recommended to power users and people who know what's going on with their systems.
--
Victory Not Vengeance
Viva La Fee' Verte! |
|
| said by bmn:
quote:
Either stop recommending this browser to the general public (because it's a beta, and betas are expected to have problems, right?) or stop calling it a beta.
Tell it to the people who do that then... I've only recommended to power users and people who know what's going on with their systems.
I'm glad to hear that you're responsible with your recommendations, but you've got to admit that a lot of people aren't.
--
I do not trust Firefox. Spread anything besides that horrid piece of crap. |
|
 drewAutomaticPremium
join:2002-07-10
Port Orchard, WA
kudos:6
 ·wavebroadband
| reply to Jeremy341
Alright, you're cut.
said by Jeremy341:
I'm not saying vulnerabilities shouldn't be patched until an exploit exists, but as long as they get patched before one exists, it doesn't really matter.
That is totally asinine. You actually believe there aren't exploits? Just because it isn't big doesn't mean it doesn't exist.
You claim that some vulnerabilities (an exploit isn't fixed, it's a method of how a vulnerability is used. learn terminology please) of IE are fixed within days. This is simply NOT true. Microsoft takes weeks upon weeks to even acknowledge vulnerabilities, let alone write the code to fix them.
I love XP and am by no means a Mozilla/Firefox fanboy, but when there's shit spewing out of someone's mouth, I have a duty to the people reading it to put a cork in it.
--
|DSLR IRC||hostingking.us||quotes| |
|
| reply to elboricua
said by elboricua:
And Firefox exploits are not kept underwaps like you claim.
Actually, they are, until there is a patch or new release available. The "security-sensitive" flag in BugZilla prevents public viewing of security-related bugs. Some lingering security issues remain publically undisclosed for years.
I'm not saying that is a good thing, nor am I say it's right, but just .. that's the way it currently is. I don't agree with it either. Generally, they "open" the security bugs to the public, once they are disclosed somewhere else, like BugTraq, etc. |
|
| reply to drew
said by drew:
(an exploit isn't fixed, it's a method of how a vulnerability is used. learn terminology please)
Where did I say an exploit was fixed? Please read what I said a little closer:
"I'm not saying vulnerabilities shouldn't be patched until an exploit exists, but as long as they (vulnerabilities) get patched before one (an exploit) exists, it doesn't really matter."
Are we clear on that now? Maybe I took a little artistic license with what I said about Microsoft's speed at issuing patches, but the message is what's important: Mozilla doesn't patch all Firefox vulnerabilities days after they're found.
--
I do not trust Firefox. Spread anything besides that horrid piece of crap. |
|
| reply to Jeremy341
said by Jeremy341:
OK, let me rephrase what I said. No exploits have come out for IE6 SP2 since it entered beta.
How about this one: »www.securityfocus.com/archive/1/···-09-20/0 |
|
drewAutomaticPremium
join:2002-07-10
Port Orchard, WA
kudos:6 | reply to Jeremy341
actually, you did, read your last paragraph |
|
| said by drew:
actually, you did, read your last paragraph
Still don't see it. Why don't you copy and paste it.
--
I do not trust Firefox. Spread anything besides that horrid piece of crap. |
|
