Friday, July 15, 2011

The safest web browser?

(OR: What connects Internet Explorer and Rush Limbaugh)

Surely not a difficult question to answer? Just look at the statistics for security vulnerabilities- especially those that were exploited by malware "in the wild" before a patch was issued and how long those vulnerabilities remained unpatched.

Source: Web Devout.

Historically, the answer would certainly not have been Internet Explorer. It has the worst record for zero-day vulnerabilities leaving the browser open to "drive-by" malware attacks for considerable periods before a patch was released- it has left its users vulnerable to such attacks on numerous occasions.

To my knowledge, Firefox has only exposed its users to one such vulnerability, and only briefly, and only to malware on one specific website, rather than widespread attacks. Still, to my recollection, Opera, although it has had vulnerabilities, has patched these before they were used in malware attacks; the same for Chrome.

So, historically, if I had to guess, Opera or Chrome might get the award. To Microsoft's credit, they recognised the security problems with their browser and recent versions have been a lot more secure. Anybody interested in the original question could look at the data on browser vulnerabilities for recent versions and follow the evidence.

The evidence will tell you the answer- a purely logical process that tends to invoke irrational responses. Why?

The first illogical response is the common statement that Internet Explorer is used by more people and therefore a bigger target and therefore more looked at for vulnerabilities. This excuse ignores the evidence that Internet Explorer is more open to exploit because it has features that other browsers don't have that have their own security weaknesses, such as ActiveX, and because it is more integrated into the Microsoft operating system. It also ignores the evidence that hackers find Internet Explorer easier to hack.

The second illogical response is usually an attack on Firefox, usually along the lines of "Firefox sucks" or similar. Should Firefox users then point out the evidence, they are then often labelled as "fanboys", despite the juvenile nature of their own emotional response- an unsophisticated form of ad-hominem attack known as "projection".

Back to the question- why? And why is it Firefox that is resented by Internet Explorer users? I think the answer is political. The people who resist the evidence that Internet Explorer is not as secure as other browsers often subscribe to a loud-mouthed extreme right wing ideology. Take for example this post to a thread on browser security:
Anything has to be better than FF. (Roll Eyes)
With the signature:
"If you want to make a Conservative angry, tell him a lie. If you want to make a Liberal angry, tell him the truth." - Rush Limbaugh
Now you could say I'm stretching one comment to make a point.

But the internet long called Poe on the American fringe right's antipathy to Firefox: Exhibit 1, Exhibit 2.

The extreme hard right mentality resents a group of people working together to produce a better browser for free: it undermines their belief in the superiority of free-market capitalism in producing better software, and indeed a better world than any collective, altruistic enterprise run by wishy-washy socialists, as they would see the open-source community.

The idea that open-source software is a tool of socialism designed to undermine capitalism is of course total nonsense. Wherever could the hard right have got that idea from?

(Possibly it's the result of a complete lack of a sense of humour?)

As a footnote, the only thing the hard right hate more than a collective, altruistic enterprise interfering with a commercial enterprise, it's a collective, altruistic enterprise interfering in the economy itself- which is why the anti-Firefox trolls have turned their attention to climate science and global warming.

1 comment:

  1. Wherever could the hard right have got that idea from?

    From a lack or reading, of course.