Educause Security Discussion mailing list archives
Re: Browsers and OS's
From: Eric Brewer <ebrewer () EMAIL SMITH EDU>
Date: Tue, 4 Oct 2005 12:00:26 -0400
While more vulnerabilities may now be reported for Firefox than for IE, you also need to look at the mean time that the vulnerability is unpatched. For IE, a vulnerability can be unpatched for months, even years, while the Firefox team has reacted quickly in virtually all cases. Eric Brewer Smith College
lbrooks () CS FSU EDU 10/4/2005 11:25 AM >>>
Firefox allows for notification of when new updates are available and will down load and install the updates with some prompting by the user. It will not force users to install and updates though like Windows automatic update, so user interaction is still required. The integration with the OS of IE is one of the roots of its security problems over the years. Having said that, the use of Firefox is not a security panacea. As the use of Firefox reaches critical mass, more and more vulnerabilities are being reported for the product. I think I remember seeing a report that more security flaws have been discovered in the past six months for Firefox than IE. I use Firefox myself, but more because I like the product than for security issues. Thanks, Louis Brooks SAIT Labs Florida State University -----Original Message----- From: Justin Sipher [mailto:jsipher () SKIDMORE EDU] Sent: Tuesday, October 04, 2005 10:49 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Browsers and OS's Folks, Hello. I would welcome feedback/insight on an issue we are discussing. It relates to browser world and *potential* security concerns. In a nutshell, there is a belief that a browser tied to an OS (IE for Windows, Safari for MacOS) allow for better security because of the ability through the OS to let the users (a) know when there is an update to the browser and (b) assist with the download/ install. The challenges is that we also want to use Firefox for a variety of purposes and there doesn't appear to be a way (on Firefox for any OS) to have similar functionality. So, the **real** concern is someone downloads Firefox and is using it. Then after time new versions come out, the end user doesn't (a) know about it and (b) doesn't actually do the upgrade and then we have a potential security hole. Firefox for "techies" isn't the concern, it is the use by the common person that has some concerned. Has anyone else on other campuses talked about this and have insight as to how you have or have not addressed the issue. Are there ways/ systems out there to aid in this process? Thanks, ...Justin _______________________________________________________ Justin Sipher Chief Technology Officer Skidmore College Saratoga Springs, NY jsipher () skidmore edu 518-580-5909 _______________________________________________________
Current thread:
- Browsers and OS's Justin Sipher (Oct 04)
- <Possible follow-ups>
- Re: Browsers and OS's Stephen W. Bradley (Oct 04)
- Re: Browsers and OS's Louis Brooks (Oct 04)
- Re: Browsers and OS's Jason Richardson (Oct 04)
- Re: Browsers and OS's Louis Brooks (Oct 04)
- Re: Browsers and OS's Eric Brewer (Oct 04)
- Re: Browsers and OS's Joe St Sauver (Oct 04)
- Re: Browsers and OS's Justin Sipher (Oct 04)
- Re: Browsers and OS's Jason Richardson (Oct 04)
- Re: Browsers and OS's Jeni Li (Oct 04)
- Re: Browsers and OS's Harrold Ahole (Oct 04)
- Re: Browsers and OS's Valdis Kletnieks (Oct 04)
- Re: Browsers and OS's Jeff Giacobbe (Oct 04)
- Re: Browsers and OS's Shalla, Kevin (Oct 04)
- Re: Browsers and OS's Valdis Kletnieks (Oct 04)
- Re: Browsers and OS's Matt Kirchhoff (Oct 06)