Educause Security Discussion mailing list archives
Re: Browsers and OS's
From: "Shalla, Kevin" <kshalla () UIC EDU>
Date: Tue, 4 Oct 2005 21:15:01 -0500
How about using Active Directory and Group Policy to force installation of new versions of Firefox? Then only the administrator has to notice the upgrade, download the software, and set up the policy and software package. On Tue, October 4, 2005 10:25 am, Louis Brooks said:
Firefox allows for notification of when new updates are available and will down load and install the updates with some prompting by the user. It will not force users to install and updates though like Windows automatic update, so user interaction is still required. The integration with the OS of IE is one of the roots of its security problems over the years. Having said that, the use of Firefox is not a security panacea. As the use of Firefox reaches critical mass, more and more vulnerabilities are being reported for the product. I think I remember seeing a report that more security flaws have been discovered in the past six months for Firefox than IE. I use Firefox myself, but more because I like the product than for security issues. Thanks, Louis Brooks SAIT Labs Florida State University -----Original Message----- From: Justin Sipher [mailto:jsipher () SKIDMORE EDU] Sent: Tuesday, October 04, 2005 10:49 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Browsers and OS's Folks, Hello. I would welcome feedback/insight on an issue we are discussing. It relates to browser world and *potential* security concerns. In a nutshell, there is a belief that a browser tied to an OS (IE for Windows, Safari for MacOS) allow for better security because of the ability through the OS to let the users (a) know when there is an update to the browser and (b) assist with the download/ install. The challenges is that we also want to use Firefox for a variety of purposes and there doesn't appear to be a way (on Firefox for any OS) to have similar functionality. So, the **real** concern is someone downloads Firefox and is using it. Then after time new versions come out, the end user doesn't (a) know about it and (b) doesn't actually do the upgrade and then we have a potential security hole. Firefox for "techies" isn't the concern, it is the use by the common person that has some concerned. Has anyone else on other campuses talked about this and have insight as to how you have or have not addressed the issue. Are there ways/ systems out there to aid in this process? Thanks, ...Justin _______________________________________________________ Justin Sipher Chief Technology Officer Skidmore College Saratoga Springs, NY jsipher () skidmore edu 518-580-5909 _______________________________________________________
Current thread:
- Re: Browsers and OS's, (continued)
- Re: Browsers and OS's Jason Richardson (Oct 04)
- Re: Browsers and OS's Louis Brooks (Oct 04)
- Re: Browsers and OS's Eric Brewer (Oct 04)
- Re: Browsers and OS's Joe St Sauver (Oct 04)
- Re: Browsers and OS's Justin Sipher (Oct 04)
- Re: Browsers and OS's Jason Richardson (Oct 04)
- Re: Browsers and OS's Jeni Li (Oct 04)
- Re: Browsers and OS's Harrold Ahole (Oct 04)
- Re: Browsers and OS's Valdis Kletnieks (Oct 04)
- Re: Browsers and OS's Jeff Giacobbe (Oct 04)
- Re: Browsers and OS's Shalla, Kevin (Oct 04)
- Re: Browsers and OS's Valdis Kletnieks (Oct 04)
- Re: Browsers and OS's Matt Kirchhoff (Oct 06)