Spyware, viruses, & security forum: Mozilla Firefox vs. IE

I use Firefox and IE7. Firefox is safer because it does not use ActiveX.

Here is a link that might interest you.

http://www.pcworld.com/article/id,128538/article.html

Larry

I'm not 100% sure, but it sounds like you're asking about drive-by downloads (getting infected simply by visiting a Web page). These are not executables, they are scripts that run on a parent program, by default, MS Script Host. These still go through Firefox. Without them, you would not be able to view Google ads, watch YouTube videos, play online games, or do a number of other things.

Fixing browser vulnerabilities might make it harder for spyware to hijack your browser, and also defend against certain other methods of remote code execution, but it tends to have little impact on what scripts can do. This depends on a number of variables, including browser privileges, user privileges, active security monitors and what they can detect/block, etc.

One easy way to protect your system from attacks via Firefox or IE is Haute Secure, which is freeware. You can get it here.

It is not that Firefox is actually safer than Internet explorer(assuming you are using the latest version and keep it up to date) but that attackers are targeting IE more, but with the market share that Firefox has gained, it is increasingly becoming a target.

Some people will claim that it is because Firefox does not support ActiveX. This is true, there are many ActiveX exploits because ActiveX is Microsoft's version of Firefox's plugins which are just as insecure and there are currently some Firefox plug-in virii that install without the user's permission. Internet Explorer, like Firefox, will by default ask if you want to install these plugins, but malware authors do not do things the usual way. They wll usually use javascript exploits (which work in both browsers equally efficiently) to get their code running on your system without your permission.

If you are extremely paranoid about this type of thing, make your normal internet usage disable everything but the basic html, then add specific sites to the trusted zone to allow them to use Java, flash, active x, javascript, etc...

Remember, no matter how paranoid you are about security, you aren't safe as long as you are connected to the internet.

"It is not that Firefox is actually safer than Internet explorer (assuming you are using the latest version and keep it up to date) but that attackers are targeting IE more, but with the market share that Firefox has gained, it is increasingly becoming a target."
-----------------------------------------------------------------------------


Nonsense, ActiveX is but one reason. The other main reason is the Mozilla.org is on top of any security exploits that come their way and updates are issued within in a matter of hours, as opposed to M$ who sit on security patches every couple of months.

I remember in the not-too-distant past when weeks (even months) would go by before M$ would issue a security patch for IE6. It's as if they forgot about it or didn't care.

Mozilla has enough of a market share by now to be targeted and they are to a certain extent. It's now more a matter of reacting to events quickly, instead of taking your monopolized, captive audience for granted.

You obviously haven't used Firefox for any appreciable amount of time. They're reactions to proven threats are one of the best in the industry.

Especially if one compares it with their main browser competitor, Microsoft.