Firefox prone to hackers as much as Internet Explorer

[Snakebite]

Firefox was majorly hit by hackers yet again which is the third major incident since it's release. Greasemonkey which is an addon for Firefox that provides similar capabilities as Active X does for Internet Explorer was found to have a major security flaw. Malicious websites were able to access and read files on peoples home pc's. See Press Report below.

http://news.yahoo.com/news?tmpl=story&cid=1093&e=3&u=/pcworld/20050722/tc_pcworld/121918

Firefox was touted to be the better alternative to Internet Explorer as it was deemed to be more secure. However recent attacks including the theft of user information stored on the Spread Firefox marketing site, and a Firefox update that broke many third-party extensions have just shown that it is as vunerable as Internet Explorer.

So what should you use Internet Explorer or Firefox?

[...mole...]

firefox is still faster and less prone to spyware + has tabbed browsing so ill stick to that

[Snakebite]

firefox is still faster and less prone to spyware + has tabbed browsing so ill stick to that

I havent found it to be faster in effect quite the opposite. Everytime I start Firefox it takes more than a minute to open up. Internet Explorer takes less than 30 seconds.

The only reason I've found that it is less prone to spyware is that most hackers attack Internet Explorer but recent major attacks show that hackers are now turning on Firefox, so pretty soon it will just be as bad.

[tranzmute]

yeah but thats why you have firewall.

[Guest onlynik]

I havent found it to be faster in effect quite the opposite. Everytime I start Firefox it takes more than a minute to open up. Internet Explorer takes less than 30 seconds.

The only reason I've found that it is less prone to spyware is that most hackers attack Internet Explorer but recent major attacks show that hackers are now turning on Firefox' date=' so pretty soon it will just be as bad.[/quote']

A minute, even 30 seconds is too long for IE. You need to sort out your machine as there is something wrong with it.

[Guest onlynik]

Firewall wouldn't help you've already given Firefox/IE access to the web. Also if its a software firewall most people authorise internet access for any application which requests it.

[Neil]

Firefox was touted to be the better alternative to Internet Explorer as it was deemed to be more secure. However recent attacks including the theft of user information stored on the Spread Firefox marketing site' date=' and a Firefox update that broke many third-party extensions have just shown that it is as vunerable as Internet Explorer.[/quote']

Sure, Firefox has had its own security issues and bugs but the developers have done a good job of patching them up quick (v1.0.6 was released only just the other day fixing the third-party extension issue). The Greasemonkey plug-in is a third party developed, optional plug-in for Firefox - it has the serious security vulnerability. Not Firefox itself.

To say Firefox is as vulnerable as Internet Explorer is a complete lie. Internet Explorer will always be fundamentally more insecure as Firefox for a whole heap of reasons (ActiveX support for a start) not to mention the fact that Microsoft actually refuses to fix some of the more serous bugs with Internet Explorer that currently exist.

Whenever I re-install Windows or install Windows on a new machine one of the first things I do is uninstall Internet Explorer from Add/Remove programs and install Firefox. Internet Explorer just isn't worth the hassle.

The fact that Microsoft are introducing tabbed browsing in Internet Explorer v7.0 and have just introduced pop-up blocking just goes to show how far Firefox is ahead of the game.

[Snakebite]

A minute' date=' even 30 seconds is too long for IE. You need to sort out your machine as there is something wrong with it.[/quote']

It's only a AMD duron 700 it's ancient, been saving for a new one so cant be arsed doing much with this pc

[Guest onlynik]

It's only a AMD duron 700 it's ancient' date=' been saving for a new one so cant be arsed doing much with this pc[/quote']

Still sounds like there is something slowing things down. AMD's are good.

[Snakebite]

Sure' date=' Firefox has had its own security issues and bugs but the developers have done a good job of patching them up quick (v1.0.6 was released only just the other day fixing the third-party extension issue). The Greasemonkey plug-in is a third party developed, optional plug-in for Firefox - it has the serious security vulnerability. Not Firefox itself.

To say Firefox is as vulnerable as Internet Explorer is a complete lie. Internet Explorer will always be fundamentally more insecure as Firefox for a whole heap of reasons (ActiveX support for a start) not to mention the fact that Microsoft actually refuses to fix some of the more serous bugs with Internet Explorer that currently exist.

Whenever I re-install Windows or install Windows on a new machine one of the first things I do is uninstall Internet Explorer from Add/Remove programs and install Firefox. Internet Explorer just isn't worth the hassle.

The fact that Microsoft are introducing tabbed browsing in Internet Explorer v7.0 and have just introduced pop-up blocking just goes to show how far Firefox is ahead of the game.[/quote']

Grease monkey is firefox's equivalent to ActiveX since firefox doesnt have the capability itself for running powerful scripts to enhance websites.

You just have to be aware that as more and more people use firefox, hackers will attack it more therefore there will be more things to fix more often so it will slow down the patching process eventually.

Do mozilla have the resources to counteract this expected flood of attacks which will happen since hackers wont just not attack you because you happen to use firefox?

[Snakebite]

yeah but thats why you have firewall.

I have a hardware & software firewall and I still periodically find spyware occasionally.

Point to Point software is maybe to blame like bit torrent etc, websites could still be as bad

[The Milner]

I havent found it to be faster in effect quite the opposite. Everytime I start Firefox it takes more than a minute to open up. Internet Explorer takes less than 30 seconds.

yes but its a bigger piece of software compared to IE so it would obviously take longer to load up.

I think at the end of the day nothing you use online will ever be %100 safe but at the moment firefox is one of the best and safest option around. I noticed a huge reduction on the amount of spyware and shit i got on my pc after switching to mozilla compared to just using IE.

[The Milner]

I have a hardware & software firewall and I still periodically find spyware occasionally.

Point to Point software is maybe to blame like bit torrent etc' date=' websites could still be as bad[/quote']

you will always get some tho i have several different spyware blocking programmes on my pc desinged to work specificaly with IE and some for Firefox and i still get little things every now and again.

[Snakebite]

yes but its a bigger piece of software compared to IE so it would obviously take longer to load up.

I think at the end of the day nothing you use online will ever be %100 safe but at the moment firefox is one of the best and safest option around. I noticed a huge reduction on the amount of spyware and shit i got on my pc after switching to mozilla compared to just using IE.

Firefox is new, when internet explorer first came on the scene it was deemed better than netscape for security and just look at it now.

It's the lull before the storm, give it a couple of years and the hackers will catchup.

[The Milner]

Firefox is new' date=' when internet explorer first came on the scene it was deemed better than netscape for security and just look at it now.

It's the lull before the storm, give it a couple of years and the hackers will catchup.[/quote']

yup very true but still for the moment you cannot say it is as hackable as IE.

[Snakebite]

yup very true but still for the moment you cannot say it is as hackable as IE.

I'm not saying it is, but as it gets more popular with the hope of overtaking Internet Explorer, hackers will attack it more often.

As long as Firefox is used by the minority it will be safer, but how long will it stay that way.

[Neil]

Grease monkey is firefox's equivalent to ActiveX since firefox doesnt have the capability itself for running powerful scripts to enhance websites.

No it isn't. Greasemonkey does not emulate ActiveX - it instead allows you to change the look and behaviour of web pages through DHTML. That is all.

ActiveX is a Microsoft technology used to allow you to develop components and applications that interact with the user's PC over the web. Commonly through ActiveX controls used on web sites - similar to Java applets.

ActiveX and the Greasemonkey extension have very little in common. So whoever told you they did clearly doesn't know what they are talking about.

[The Milner]

I'm not saying it is' date=' but as it gets more popular with the hope of overtaking Internet Explorer, hackers will attack it more often.

As long as Firefox is used by the minority it will be safer, but how long will it stay that way.[/quote']

"Firefox prone to hackers as much as Internet Explorer" hmm yes you did say that.

Yes your right the more people who use it the more people will try to hack it, but then there may be something new in a few years time that takes Firefoxes place as the new internet browser. Or maybe microsoft will pull their finger out for once.....infact nah that will never happen.

[Snakebite]

No it isn't. Greasemonkey does not emulate ActiveX - it instead allows you to change the look and behaviour of web pages through DHTML. That is all.

ActiveX is a Microsoft technology used to allow you to develop components and applications that interact with the user's PC over the web. Commonly through ActiveX controls used on web sites - similar to Java applets.

ActiveX and the Greasemonkey extension have very little in common. So whoever told you they did clearly doesn't know what they are talking about.

Grease monkey does allow you to run powerful scripts does it not? Just like ActiveX does. They may do it differently but can have the same effect like accessing files on your PC without your consent, which is what happened just recently.

[Neil]

Grease monkey does allow you to run powerful scripts does it not? Just like ActiveX does. They may do it differently but can have the same effect like accessing files on your PC without your consent' date=' which is what happened just recently.[/quote']

Without getting into too much detail comparing ActiveX and Greasemonkey is like comparing chalk and cheese. I see why you think there are similar though. I've never used Greasemonkey before but from what I understand it simply uses DHTML and JavaScript to change the way web pages behave and display "on-the-fly". It's pretty nifty or so I've been told.

DHTML and JavaScript are scripting languages that are supported by most modern web browsers - Firefox and Internet Explorer included. It's a core technology as far as they are concerned. Through a flaw in Greasemonkey it is possible to write a script that can access files on your PC without your consent.

The problem with ActiveX (and this has dogged Microsoft since it's inception) is that it allows user-written ActiveX controls (they are written in a proper programming languages - VB, C++ etc - they are not scripted) to access anything on your PC whether you like it or not - by design. And so Microsoft has been forever trying to tighten down the default security settings in Internet Explorer so that it is nearly impossible to accidentally download and install an ActiveX control in Internet Explorer without you first knowing about it. Thankfully, ActiveX is purely a Microsoft technology so only Internet Explorer supports it.

[Daniel]

i have never recieved any; adware or spyware from using firefox, a while back i got so much adware through my internet explorer that it wrecked my system and had to be wiped

[Guest MarkJDelaney]

Yep, I've finally seen the light with Firefox. FAR TO MUCH SHIT coming through IE recently.

[Hugh_Jazz]

In my experience, Firefox = fewer viruses, more functionality and fewer system crashes. IMO, an excellent browser, and kicks IE's ass in almost every department.

I've recently started doing some web development and IE's lack of support for W3C-accepted standards (eg. XHTML, CSS etc) is a joke.

[Snakebite]

i have never recieved any; adware or spyware from using firefox' date=' a while back i got so much adware through my internet explorer that it wrecked my system and had to be wiped[/quote']

Thats because hackers are attacking the majority, as soon as firefox gains the majority over internet explorer they will attack it. The spyware/adware will be just as bad if not worse since Mozilla dont have as many software engineers as microsoft to create patches quick enough everytime it is hacked. They might manage just now because there is only a small quantity of attacks, give it a couple of years for the hackers to catch up.

[spellchecker]

Thats because hackers are attacking the majority' date=' as soon as firefox gains the majority over internet explorer they will attack it. The spyware/adware will be just as bad if not worse since Mozilla dont have as many software engineers as microsoft to create patches quick enough everytime it is hacked. They might manage just now because there is only a small quantity of attacks, give it a couple of years for the hackers to catch up.[/quote']

http://www.theregister.co.uk/2004/06/24/spyware_crosses_line/

spyware and adware are symptoms of internet explorer (and will remain so) solely because of the activex issue. the problem and main difference between IE and firefox is that installable components for firefox relate solely to the browser; firefox as an application does only that - browse the web. with internet explorer, components can and are installed system-wide. an example of this is when you go into My Computer and see some spyware toolbar below your button bar. an equally annoying symptom of this is when your PC continually asks you if you want to connect to the internet, even though you are not running any internet applications.

it sounds like you have some beef against mozilla/firefox, though I can't imagine why. At the end of the day, you should use what works best for you - though at the moment, it sounds like you have bigger issues than browser choice, if it takes 30 seconds for IE to startup. try running HijackThis (run windows it in safe mode if spyware persists):

http://www.tomcoyote.org/hjt/

it should be the starting point of anyone having problems with spyware infected PCs, that tool is truly a godsend.