ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Join the ZDNet.co.uk community

RSS

Leader News

Browser security is an open and shut case

Leader ZDNet.co.uk

Published: 20 Sep 2005 16:05 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Think that open source was more secure than proprietary software? Think again, says Symantec. In the first six months of this year, Mozilla scored 25 confirmed vulnerabilities while Internet Explorer got only 13.

Not a good advert for the inherent security of collaborative open development, at least at first sight. Who wants to use the most buggy software?

But that's not what the figures show. As those who use both browsers regularly will know, they are of roughly equal quality – something that should give Microsoft pause for thought, given that Firefox was created entirely free of Microsoft's obsessive, expensive and cumbersome management procedures. Assuming that coding and design errors are evenly distributed in the products, then the number of security flaws may be roughly equal too. At least, to begin with.

Where open source software does have an advantage is that a popular package will without question attract more expert perusal of the code than the equivalent proprietary closed product. It is reasonable to expect this to unearth more problems more quickly: provided that the code is then fixed more quickly, the quality of the open product should improve more quickly. Symantec's figures are consistent with that analysis, as are Mozilla's claims about the speed of fixing. Open code is also more accessible to hackers, but Secunia's statistics show that a fully patched Firefox is much more secure than a fully patched IE.

If Firefox is still coming up with double-digit exploits four years after launch, then we'll know it's as bad as IE: until then, simple headline figures are in no way sufficient to help you decide which browser is safer. However, one security benefit you can rely on is that by using the browser with the best adherence to open standards and the least reliance on single-vendor options, you will encourage service providers to stick to those standards too. If your favoured browser then proves to be a serious security liability, your options for replacing it are – literally – open.

The combination of open standards and open software remains the strongest guarantee of continued security. Problems out in the open are problems that get fixed.

  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with HP

Did you find this article useful?
13 out of 32 people found this useful


Talkback

Post a comment


Full Talkback thread

3 comments

  1. Cnet reported on the same issue; From their artic... Joel McCracken
  2. Let me clear things up for you. Microsoft wishes t... Arthur B.
  3. Follow the money! Microsoft incurs neither de... Anonymous

Related Links

Company/Topic Alerts

Create a new alert from the list below:







Related Jobs

Junior Java Developer, Cheltenham, Gloucestershire

Involved in the development and implementation of Java-applications using of state-of-theart design procedures as well as bug fixing you will need to ...

Recruitment Manager (in-house) Lancashire

Day to day activities will include:- Managing internal recruitment team (4 individuals) Managing the overall sourcing of talent Managing programmes ...

TEST PLANNING ENGINEER / TESTING ENGINEER - West London

There will be significant customer exposure, through formal project meetings and working groups and so candidates must be comfortable with ...