View Full Version : IE 98% insecure, FireFox 7%

January 4th, 2006, 02:36 PM
I just read this in Bruce Schneier's blog:

This study is from August, but I missed it. The researchers tracked three browsers (MSIE, Firefox, Opera) in 2004 and counted which days they were "known unsafe." Their definition of "known unsafe": a remotely exploitable security vulnerability had been publicly announced and no patch was yet available.

MSIE was 98% unsafe. There were only 7 days in 2004 without an unpatched publicly disclosed security hole.

Firefox was 15% unsafe. There were 56 days with an unpatched publicly disclosed security hole. 30 of those days were a Mac hole that only affected Mac users. Windows Firefox was 7% unsafe.

Opera was 17% unsafe: 65 days. That number is accidentally a little better than it should be, as two of the upatched periods happened to overlap.

This underestimates the risk, because it doesn't count vulnerabilities known to the bad guys but not publicly disclosed (and it's foolish to think that such things don't exist). So the "98% unsafe" figure for MSIE is generous, and the situation might be even worse.

Full story here http://bcheck.scanit.be/bcheck/page.php?name=STATS2004

January 4th, 2006, 03:13 PM
The only reason why I keep ie is for windows update and making sure my pages work in ie. I use FF and Opera for everything now.

The main thing to keep in mind is no OS or app is 100% secure. Every software is vulnerable to attack/exploit. Some of these just haven't been discovered yet.


January 4th, 2006, 03:32 PM
fun fact: acording to symantec in 2004 (old stat) ie had less security bugs than firefox (windows only) since most of the bugs did not apply to linux.

cant find the source... think its somewhere in my blog but im lazey