Topic: Security guru: don't surf the web with Firefox

[Clive]

F-Secure's chief research officer Mikko Hypponen has warned people worried about being infected by malware not to use Firefox.
Firefox has long been regarded as a safer alternative to Internet Explorer. However, Hypponen claims those running Firefox on Windows are at greatest risk.

"A vast number of the attacks are for Windows, because the majority of the users are on Windows, that's the logic. If you're really worried just don't use Windows - there's plenty of alternatives," Hypponen told PC Pro.

"Same thing applies to your web browser. You don't want to surf the web with Firefox because most of the attacks now are targeting Firefox and older versions of Internet Explorer, so don't use those."

Hypponen's comments are shored up by a recent security report from Secunia, which claimed that over the course of 2008 Firefox reported more vulnerabilities than all of the other browsers, though it addressed  them quicker than its rivals.

Hyponnen also warned users off Adobe's own software for reading PDF files. "You don't want to read your PDF files with Adobe Reader because everybody is using it, get something else," he warned.

Response

Mozilla responds: "Software is made secure by the diligent community of developers not by market share. Mozilla has built a strong reputation for designing its software with user security in mind and has a history of responding quickly and prudently to any security issues that arise. In fact this is an important part of Firefox's popularity.

Our users know there's a large, strong, knowledgeable community that is vigilantly protecting them from emerging threats. They also know that the best way to stay secure is to use software that automatically updates itself with security fixes issued quickly in response to any threats."

Microsoft offered a similar statement claiming its work had actually shifted the threat away from the operating system: "Research has shown that the work which Microsoft has done in this area means that organised criminals are moving away from targeting the operating system and instead are targeting people directly, with phishing and social engineering scams, as individuals are now perceived to be the weak link," says Ed Gibson, Microsoft's chief cyber security adviser.

Hypponen was speaking to PC Pro as part of an interview on internet security that will appear in issue 176, which goes on sale on 15 April.

Stuart Turton

LINK

[Rik]

Sam doesn't need any encouragement, Clive.

[Simon]

Hypponen's comments are shored up by a recent security report from Secunia, which claimed that over the course of 2008 Firefox reported more vulnerabilities than all of the other browsers, though it addressed  them quicker than its rivals.

That could mean that all of the other browsers simply didn't report their vulnerabilities.   

[topquark]

Whenever an Internerd Explorer vulnerability is "discovered" it doesn't tend to become public until M$ have a fix for it!

[sam]

Sam doesn't need any encouragement, Clive.

no I don't -  http://www.ubuntu.com/

[Reno]

Wow, it's amazing who they're allowing to be security experts these days.