Firefox has fleas! Firefox outnumbered IE by 2 to 1 on the bugs

[Exoskeletor]

Earlier this week, Symantec released a huge head-turner in the world of security (and lack thereof). In Volume VIII of its industry-leading Internet Security Threat Report, the company found that of the 1,862 new vulnerabilities detected between January 1 and June 30 of 2005, approximately 59% of them belonged to Web applications, namely browsers. This is an increase of 109% over the report issued one year ago.

 

So, internet security is a growing problem, you say? What's the shock? Of the nearly 1100 newly discovered bugs, Firefox outnumbered IE by 2 to 1. Yes, that's right...our beloved Fox has fleas.

 

It's not surprising that as the browser gains in popularity, that it will incur more attention from hackers. But the browser was also faulted along with other software for not updating very quickly in response to these changes. In fact, the average response time for any major software to correct its problems was over 48 days, leaving systems administrators to their own devices, and most home PC users to their own lack of knowledge that there's even a problem.

 

Other major findings from the security report (which you must register to obtain, though it is free) include:

 

 

An overall trend of increasing attacks on small businesses and home desktops is emerging, as threats move farther away from major corporate networks that stand a better chance of being guarded.

 

The time it takes from the publication of a vulnerability to a script-kiddie writing something to exploit it has fallen to 6 days from 6.4. In the meantime, it has been taking software vendors 54 days to patch their software.

 

Of the 1,862 vulnerabilities, which is a record high number, 97% were classified as moderate to high in severity.

 

Denial of Service (DOS) attacks increased significantly from 119 per day to 927 per day. That's a rise of up over 680% from just last half. Primary targets have been schools, followed by financial institutions.

 

Worms and viruses written for the Win32 environment were up 48% over last half.

 

Adware and spyware continue to increase, with 8 of the 10 biggest threats coming directly through your browser. Of those 10 biggest threats, 5 actually hijack the browser in some capacity.

 

VoIP and Wireless are regarded as the biggest security-threat targets in the upcoming year.

Once again, Symantec have reminded us all that in the ever-changing world of security, no one company or product reigns supreme for long. I hope that Firefox get a little bit worried over this report and work hard to rectify some of the oversights that seem to have come to light.

 

Link -> http://www.bit-tech.net/news/2005/09/22/firefox_bugs/

[paredwse]

Δεν ξέρω, δεν πολυ-εμπιστεύομαι τα "αστέρια" της Symantec (που μας δώσανε και το υπέροχο Norton Internet Security).

 

Ας δούμε, στο ίδιο Internet Security Threat Report που αναφέρονται τα παραπάνω, τι λένε για το MacOS X:

 

As well as making comments that will doubtless irk Firefox fans, Symantec has renewed its assault of the perceived security advantages of Apple Macs. "Mac users may be operating under a false sense of security as a noteworthy number of vulnerabilities and attacks were detected against Apple Macʼs operating system, OS X," Symantec said, reflecting comments in the previous edition of its threat report that OS X was an emerging target for attack.

 

"While the number of vendor-confirmed vulnerabilities in OS X has remained relatively constant during the last two reporting periods [12 months], Symantec predicts this could change in the future. Symantecʼs analysis on a rootkit (OSX/Weapox) reveals it is designed to take advantage of OS X. This particular trojan demonstrates that as OS X increases in popularity, so too will the scrutiny it receives from potential attackers."

 

A, μάλιστα. Προβλέπουν ότι μπορεί να αλλάξει στο μέλλον ε; Ουάου, τρομερή πρόβλεψη. Σαν να λέω εγώ ότι προβλέπω ότι στο μέλλον μπορεί να κερδίσω το Τζόκερ - μπορεί όμως κι όχι. Προβλέπω επίσης ότι μπορεί να βγάλω γκόμενα την Natalie Portman - μπορεί όμως κι όχι.

Ποιός ξέρει; Σίγουρα όχι η Symantec.

 

Σταδιάλα.

 

Πηγή: The Register.

[tzoykas]

Σταδιάλα.

 

Με πέθανες .... Γελάω ακόμα

 

Είναι σαν να λέει η LADA ότι φταίει η KaOil για την κακή απόδοση του αυτοκινήτου ....

 

Ασε που με έχουν κάνει τόσο καχύποπτο οι εταιρίες πια (και δει η M$) που κάλλιστα μπορώ να σκεφτώ θεωρίες για τακιμιάσματα μεταξύ εταιριών για να χειραγωγείται η κοινή γνώμη. Αν είναι να τη φάω καλύτερα να τη φάω από κάτι free που θα είναι και επιλογή μου στο κάτω κάτω.

 

Βρε ουστ!

[paredwse]

[...]

Ασε που με έχουν κάνει τόσο καχύποπτο οι εταιρίες πια (και δει η M$) που κάλλιστα μπορώ να σκεφτώ θεωρίες για τακιμιάσματα μεταξύ εταιριών για να χειραγωγείται η κοινή γνώμη. Αν είναι να τη φάω καλύτερα να τη φάω από κάτι free που θα είναι και επιλογή μου στο κάτω κάτω.

 

Βρε ουστ!

 

Πολύ σωστή σκέψη.

Εμένα με "προβληματίζει" η επίθεση στο MacOS X και σκέφτομαι λίγο πονηρά: Μήπως η Symantec βλέπει ότι το Norton Antivirus για MacOS δεν έχει τις πωλήσεις που πρέπει γιατί α) είναι πολύ βαριά εφαρμογή (όπως και στα Windows) και β) γιατί υπάρχουν πολύ απλές και δωρεάν εναλλακτικές λύσεις; Και θέλει να προωθήσει τη δική της... "λύση";

 

Όλα είναι πιθανά πάντως και σίγουρα δεν παίρνω τοις μετρητοίς αυτά που λέει μία μεγάλη εταιρεία...

[Isle]

Χμ...

Περι σκοτεινων συνομοσιων δεν ξέρω αλλα μηπως τελικα μου βγήκε σε καλό που έβαλα το opera?Ομως πολύ πιθανόν τωρα που θα γίνει δημοφιλέστερο να γίνει και αυτό στόχος.

Μην εμπιστεύεστε όμως τους μεγάλους...

Κυρίως όταν είναι η 1η εταιρία στον πλανήτη.

[Exoskeletor]

Pantos sigoura o firefox den eine toso asfalhs oso pisteyane merikoi kai sigoura DEN mporoun na ton sigrinoun me ton internet explorer pou exei kleisei 10 xronia kiolas.. fantasou

Kai fantasthte na eixe kai thn mish fhmh tou internet explorer.. tote tha ginotan xamos apo trypes ktl..

[Isle]

Δεν εχει να κανει με το ποσο παλιος ειναι ενας browser.

Τα παλια ξεχνιουνται.Ετσι ειναι οι υπολογιστες.

[Eusebius]

Σταδιάλα.

Βρε ουστ!

Έχω καλυφθεί πλήρως.