Author Topic: Firefox myths  (Read 12087 times)

piratePenguin

  • VIP
  • Member
  • ***
  • Posts: 3,027
  • Kudos: 775
    • http://piratepenguin.is-a-geek.com/~declan/
Re: Firefox myths
« Reply #75 on: 23 June 2006, 01:46 »
The page is nothing exciting - it's a list of misconceptions made by people who just happen to not understand everything in the world. Not many of them would dispute a friendly, well-reasoned argument against what they're saying.

MT seems pretty sure they've been misled, presumably intentionally, by FF "promoters" - except for once he forgot to cite a source. Hmmmm.
"What you share with the world is what it keeps of you."
 - Noah And The Whale: Give a little love



a poem by my computer, Macintosh Vigilante
Macintosh amends a damned around the requested typewriter. Macintosh urges a scarce design. Macintosh postulates an autobiography. Macintosh tolls the solo variant. Why does a winter audience delay macintosh? The maker tosses macintosh. Beneath female suffers a double scum. How will a rat cube the heavier cricket? Macintosh calls a method. Can macintosh nest opposite the headache? Macintosh ties the wrong fairy. When can macintosh stem the land gang? Female aborts underneath macintosh. Inside macintosh waffles female. Next to macintosh worries a well.

H_TeXMeX_H

  • Member
  • **
  • Posts: 1,988
  • Kudos: 494
    • http://draconishinobi.50webs.com/
Re: Firefox myths
« Reply #76 on: 23 June 2006, 04:05 »
Maybe removing the trolled posts would be better than binning again ? ... cuz there is a troll ...

Mastertech

  • Member
  • **
  • Posts: 36
  • Kudos: 0
Re: Firefox myths
« Reply #77 on: 23 June 2006, 06:41 »
Quote from: Aloone_Jonez
So do I which is why I hate your artical, note I don't think much of Internet Explorer or Firefox, but I prefer the latter.
That doesn't make sense. If you hate misinformation you would love Firefox Myths since is corrects vast amounts of it.

Quote from: Aloone_Jonez
And what's a nube to do?

Probably just click on yes because they don't know what they're doing, oh and good old CERT knows about the problems with ActiveX too (read on).
Irrelevant. The point is clearly how ActiveX works. Phishing style attacks do not change the security aspects of ActiveX. People all over spread BS that with ActiveX running you just simply get spyware autoinstalling ect... Simply untrue. Autoinstalling spyware is due to exploits that you failed to patch. It has nothing to do with the security design of ActiveX. IE vulnerabilities are largely exploited using code written in ActiveX this in no way makes ActiveX the cause of the problem. It is just like blaming C++ because a virus author uses it to write his virus.

Quote from: Aloone_Jonez
Either way, no one here believes any of the Firefox myths, we all know that FireFox isn't 100% secure (no browser is) but you cannot deny the fact that Microsoft Internet Explorer is the worst as far as security is concerned. Opera is probably one of the most secure browsers around, infact my bet would be on a text-only browser like Lynx.
Neither Firefox nor IE are secure as of this writing. Opera currently is with no unpatched vulnerabilities. Currently Firefox has slightly less total vulnerabilities than IE but this is changing rapidly has more and more Firefox vulnerabilities are discovered. All of which is irrelevant to the Firefox Myths page. Why are you bringing up irrelevant things? The Myth being debunked is that Firefox is Secure. It isn't. Making excuses for this does not change this fact.

Quote from: Aloone_Jonez
You talk about standards, well as far as I'm concerned IE is one big problem because it's using a form of vendor lock in to retain its dominance rather than being superiour from a technilogical aspect.
I really don't care this has nothing to do with the Firefox Myths page.

Quote from: Aloone_Jonez
That doesn't mean anything, any software vendor can give overly optimistic minimum system requirements, the very fact that you've mentioned this means you're trying to misinform people. Rather than look at this you should focus more on things like memory usage, here's an example of how minimim requirements are confusing XP lists a minimum requirement of 64MB of RAM while Ubuntu, lists 256MB, however the default configureations for both OSs result in similar memory usage, both use between 80MB and 110MB when booted up with no other porgrams running.
Microsoft is VERY clear about it's minimum requirements. IE will run on them as I have tested it to work fine. Have you? Everyone making these claims never tested anything. I've been building PCs since the 80s. Windows XP's requirements are stated clearly that 64 MB will limit features and performance and thus mentions 128MB as the recommended minimum, which is what I also clearly recommend. Your lack of understanding and obvious complete lack of testing is the real misinformation here. Minimum requirements are just that, the minimum of which the software application will run. Misinformation is NOT telling them this. Mozilla clearly set the minimum requirements were they were most likely due to Firefox being unusable below those. I can confirm 100% that IE will run on the minimum requirements listed. If you have a problem with Firefox's then bring it up with them I simply report the facts.


Quote from: Aloone_Jonez
Well you can play with the numbers all you want but does anyone really care?
If counting the number of vulnerabilities is "playing with the numbers" then please tell me how. This is the reality. If you cannot grasp the fact that an advisory is released with a variable amount of vulnerabilities I cannot help you.

Quote from: Aloone_Jonez
For example I could argue that UNIX has more vunerabilities than Windows because more are listed on Secunia, but there again I would be forgetting the fact that UNIX is a very big familly of operating systems.

See my point?
No and irrelevant.

Quote from: Aloone_Jonez
The anti-Firefox crowd will push the figures one way and the pro-Firefox crowd will push them the other way.
There are no numbers to "push". There are the total number of vulnerabilities and that is it.

Quote from: Aloone_Jonez
Again, it depends on how you measure speed, the fact that you only mention start up time is an indication thet you're trying to decieve people, also you've made no mention of the fact that IE is only faster because it's already loaded when you boo Windows and that you can pre-fetch Firefox so it pops up just as quickly.
Here let me help you:

1. What you read:

"Internet Explorer 6.x is clearly faster than Firefox 1.x in 6 out of 7 measures of performance and is significantly faster from a cold start."


2. What certain people are incapable of reading:

"Internet Explorer 6.x is clearly faster than Firefox 1.x in 6 out of 7 measures of performance[/size] and is significantly faster from a cold start."


Now read the note and try to understand it. If you don't get it read it again 50 times until you do:

The argument that components of Internet Explorer may load during Windows Startup is nullified by Opera's start times. Which means there is no excuse for this except poor coding on Firefox's part.[/SIZE][/b]

Still don't get it? Read it 50 more times.


Quote from: Aloone_Jonez
This is plain wrong, just read the CERT article and you'll see.
So now you are calling the IE devs liars? Read the IE Dev post 50 more times until you understand it. It is quite clear.

Quote from: Aloone_Jonez
I know, Opera is the only browser that passes it, but just you try it in IE then Firefox, sure Firefox doesn't pass but it's a damn sight nearer to passing than IE is.
Who frickin cares!! There is no Myth that IE passes it or passes it well. STOP making excuses.

Quote from: Aloone_Jonez
Neither is Internet Explorer, but there again just because more developers support IE it doesn't make it any better.
IE is by FAR compatible with more sites. This is indisputable.

Quote from: Aloone_Jonez
And I've read it and it's bullshit, the very fact that you've been infected by a Rootkit before means you're not doing things right.
It is not that simple anymore. Software is getting more complex and people are not going to sacrifice ease of use for security.

Quote from: Aloone_Jonez
Anyway, I've read on your site you like OpenOffice.org, what's your view on MS Office, and what about MS Works? Do you agree with me tha MS Works is a complete was of space?
MS Office is hands down the better product. However it is very expensive and generally unnecessary for the home user. Businesses who rely on Excel or Access will and should continue to use MS Office. MS Works never impressed me and I find Open Office a better solution. Open Office is recommended because I found it to be the best free (as in money) Office Solution.

Dark_Me

  • Member
  • **
  • Posts: 302
  • Kudos: 314
Re: Firefox myths
« Reply #78 on: 23 June 2006, 07:27 »
Quote
IE vulnerabilities are largely exploited using code written in ActiveX this in no way makes ActiveX the cause of the problem. It is just like blaming C++ because a virus author uses it to write his virus.

No it's nowhere near blaming C++ for viruses made with it. C++ is a low level programming language, ActiveX is a component of a browser. The two do not compare.
Quote
There are no numbers to "push". There are the total number of vulnerabilities and that is it.

The total number of vulnerabilities means jack shit on its own. How many of these vulnerabilities are for *NIX systems? How many are for Windows? What do they do? How critical are they? Are they patched?
Capitalism kicks ass.
-Skyman
If your a selfish, self-centred prick, who is willing to leave half the world in poverty, then yes.
-Kintaro

piratePenguin

  • VIP
  • Member
  • ***
  • Posts: 3,027
  • Kudos: 775
    • http://piratepenguin.is-a-geek.com/~declan/
Re: Firefox myths
« Reply #79 on: 23 June 2006, 07:47 »
Quote
Opera currently is with no unpatched vulnerabilities.
Excuse me?
"What you share with the world is what it keeps of you."
 - Noah And The Whale: Give a little love



a poem by my computer, Macintosh Vigilante
Macintosh amends a damned around the requested typewriter. Macintosh urges a scarce design. Macintosh postulates an autobiography. Macintosh tolls the solo variant. Why does a winter audience delay macintosh? The maker tosses macintosh. Beneath female suffers a double scum. How will a rat cube the heavier cricket? Macintosh calls a method. Can macintosh nest opposite the headache? Macintosh ties the wrong fairy. When can macintosh stem the land gang? Female aborts underneath macintosh. Inside macintosh waffles female. Next to macintosh worries a well.

Mastertech

  • Member
  • **
  • Posts: 36
  • Kudos: 0
Re: Firefox myths
« Reply #80 on: 23 June 2006, 13:18 »
Quote from: Dark_Me
No it's nowhere near blaming C++ for viruses made with it. C++ is a low level programming language, ActiveX is a component of a browser. The two do not compare.
The concept is the same. Malware written using ActiveX scripting to exploit an unpatched IE vulnerability cannot be blamed on ActiveX. It is not an ActiveX vulnerability that is being exploited.

Quote from: Dark_Me
The total number of vulnerabilities means jack shit on its own. How many of these vulnerabilities are for *NIX systems? How many are for Windows? What do they do? How critical are they? Are they patched?
Which is why the critical vulnerabilities are listed as well. And they are not all patched making even the latest version insecure.

Lead Head

  • Global Moderator
  • Member
  • ***
  • Posts: 1,508
  • Kudos: 534
Re: Firefox myths
« Reply #81 on: 23 June 2006, 16:04 »
Piratepenguin, he seems to be ignoring that Opera has one real nasty vulnerability
sig.

Mastertech

  • Member
  • **
  • Posts: 36
  • Kudos: 0
Re: Firefox myths
« Reply #82 on: 23 June 2006, 16:08 »

Canadian Lover

  • VIP
  • Member
  • ***
  • Posts: 713
  • Kudos: 122
Re: Firefox myths
« Reply #83 on: 23 June 2006, 16:58 »
Quote from: Mastertech

Microsoft is VERY clear about it's minimum requirements. IE will run on them as I have tested it to work fine. Have you? Everyone making these claims never tested anything. I've been building PCs since the 80s. Windows XP's requirements are stated clearly that 64 MB will limit features and performance and thus mentions 128MB as the recommended minimum, which is what I also clearly recommend. Your lack of understanding and obvious complete lack of testing is the real misinformation here.



Even at the 128 level, a whole lot of stuff is ran from the page file, slowing everything down. Maby there's a reason everyone else recommends 256?

piratePenguin

  • VIP
  • Member
  • ***
  • Posts: 3,027
  • Kudos: 775
    • http://piratepenguin.is-a-geek.com/~declan/
Re: Firefox myths
« Reply #84 on: 23 June 2006, 16:58 »
Quote from: Mastertech
I see none Opera 9 (Secunia)
Oh so you can't think for yourself no?

EDIT: I sent them a feedback thing to see my post.
« Last Edit: 23 June 2006, 17:10 by piratePenguin »
"What you share with the world is what it keeps of you."
 - Noah And The Whale: Give a little love



a poem by my computer, Macintosh Vigilante
Macintosh amends a damned around the requested typewriter. Macintosh urges a scarce design. Macintosh postulates an autobiography. Macintosh tolls the solo variant. Why does a winter audience delay macintosh? The maker tosses macintosh. Beneath female suffers a double scum. How will a rat cube the heavier cricket? Macintosh calls a method. Can macintosh nest opposite the headache? Macintosh ties the wrong fairy. When can macintosh stem the land gang? Female aborts underneath macintosh. Inside macintosh waffles female. Next to macintosh worries a well.

piratePenguin

  • VIP
  • Member
  • ***
  • Posts: 3,027
  • Kudos: 775
    • http://piratepenguin.is-a-geek.com/~declan/
Re: Firefox myths
« Reply #85 on: 23 June 2006, 17:09 »
Quote from: Secunia
Mozilla Firefox 1.x with all vendor patches installed and all vendor workarounds applied, is currently affected by one or more Secunia advisories rated Less critical

Quote
Microsoft Internet Explorer 6.x with all vendor patches installed and all vendor workarounds applied, is currently affected by one or more Secunia advisories rated Moderately critical


What a surprise!
"What you share with the world is what it keeps of you."
 - Noah And The Whale: Give a little love



a poem by my computer, Macintosh Vigilante
Macintosh amends a damned around the requested typewriter. Macintosh urges a scarce design. Macintosh postulates an autobiography. Macintosh tolls the solo variant. Why does a winter audience delay macintosh? The maker tosses macintosh. Beneath female suffers a double scum. How will a rat cube the heavier cricket? Macintosh calls a method. Can macintosh nest opposite the headache? Macintosh ties the wrong fairy. When can macintosh stem the land gang? Female aborts underneath macintosh. Inside macintosh waffles female. Next to macintosh worries a well.

Lead Head

  • Global Moderator
  • Member
  • ***
  • Posts: 1,508
  • Kudos: 534
Re: Firefox myths
« Reply #86 on: 23 June 2006, 17:45 »
I've ran firfox on a 200Mhz Pentium running windows XP with 64MB of ram. It ran pretty damn well considering the outrageous specs of the machine.

EDIT: Ive run firefox on a 133Mhz Pentium running Win98 with 32MB of ram, even then it still ran better then IE on the 233Mhz Pentium running XP
sig.

Canadian Lover

  • VIP
  • Member
  • ***
  • Posts: 713
  • Kudos: 122
Re: Firefox myths
« Reply #87 on: 23 June 2006, 17:48 »
If IE is as safe as Firefox, why can I do this in IE?



(code actually loads onto the page, here's the link: http://www.openopen.org/old/ie/open-cd-ie.html)

Lead Head

  • Global Moderator
  • Member
  • ***
  • Posts: 1,508
  • Kudos: 534
Re: Firefox myths
« Reply #88 on: 23 June 2006, 17:50 »
Quote from: Canadian Lover
If IE is as safe as Firefox, why can I do this in IE?


Theres no image
sig.

Aloone_Jonez

  • Administrator
  • Member
  • ***
  • Posts: 4,090
  • Kudos: 954
Re: Firefox myths
« Reply #89 on: 23 June 2006, 18:38 »
Mastertech,

Right, you've got me agree on a couple of things, but don't worry it illustrates my point perfectly as you'll see.

Quote from: Mastertech
That doesn't make sense. If you hate misinformation you would love Firefox Myths since is corrects vast amounts of it.

Your artical doesn't provide all the facts and thus doesn't allow the reader to make an informed decision about their choice of browser.

Quote
Irrelevant. The point is clearly how ActiveX works. Phishing style attacks do not change the security aspects of ActiveX. People all over spread BS that with ActiveX running you just simply get spyware autoinstalling ect... Simply untrue. Autoinstalling spyware is due to exploits that you failed to patch. It has nothing to do with the security design of ActiveX. IE vulnerabilities are largely exploited using code written in ActiveX this in no way makes ActiveX the cause of the problem. It is just like blaming C++ because a virus author uses it to write his virus.

The I suggest you read the US CERT article again.

Quote from: US CERTDisable Active scripting and ActiveX

Disabling Active scripting and ActiveX controls in the Internet Zone (or any zone used by an attacker) appears to prevent exploitation of this vulnerability. Disabling Active scripting and ActiveX controls in the Local Machine Zone will prevent widely used payload delivery techniques from functioning. Instructions for disabling Active scripting in the Internet Zone can be found in Securing Your Web Browser and the Malicious Web Scripts FAQ. See Microsoft Knowledge Base Article 833633 for information about securing the Local Machine Zone, and 315933 for information about displaying the Local Machine Zone (My Computer security zone) on the Security tab in the Internet Options dialog box.[/quote



Quote from: US CERT
Service Pack 2 for Windows XP disables Active scripting and ActiveX controls for IE and several other programs using Local Machine Zone Lockdown.


But that doesn't stop it becoming re-enabled.

Quote
Neither Firefox nor IE are secure as of this writing. Opera currently is with no unpatched vulnerabilities.

Correct.

Quote
Currently Firefox has slightly less total vulnerabilities than IE

Well that's an understatement.

Quote
but this is changing rapidly has more and more Firefox vulnerabilities are discovered.

As they are they're being fixed, and so are the IE vunerabilities.

Not only that but Firefox's vulnerabilities being discovered at a similar rate as IE's.

http://www.webdevout.net/security_summary.php#graphs_total

Quote
All of which is irrelevant to the Firefox Myths page. Why are you bringing up irrelevant things? The Myth being debunked is that Firefox is Secure.

Of course it's rellevant, you're debunking myths about Firefox right?

Firefox is a web browser so why is it not rellevant to compare it to another web browser like Opera? You've already compared it to Internet Explorer.

You need to make sure your readers understand that security is relative, and it's a fact that Internet Explorer is insecure relative to Firefox which is insecure relative to Opera.


Quote
It isn't. Making excuses for this does not change this fact.


I'm not making any excuses - I'm merely filling in the gaps.

Quote
I really don't care this has nothing to do with the Firefox Myths page.

Yes does.

Quote
Microsoft is VERY clear about it's minimum requirements. IE will run on them as I have tested it to work fine. Have you? Everyone making these claims never tested anything. I've been building PCs since the 80s. Windows XP's requirements are stated clearly that 64 MB will limit features and performance and thus mentions 128MB as the recommended minimum, which is what I also clearly recommend. Your lack of understanding and obvious complete lack of testing is the real misinformation here. Minimum requirements are just that, the minimum of which the software application will run. Misinformation is NOT telling them this. Mozilla clearly set the minimum requirements were they were most likely due to Firefox being unusable below those. I can confirm 100% that IE will run on the minimum requirements listed. If you have a problem with Firefox's then bring it up with them I simply report the facts.

Have you ever tested Firefox on hardware lower than the minimum requirements? If so you'll find that it actually works, these are recommended minimum requirements not absolute minimum requirements like MS states for it's products.

What you've stated is true, Microsoft's minimum requirements are just that minimum requirements but some other software vendors bais their minimum requirements to is required to give reasonable performance.

Quote
If counting the number of vulnerabilities is "playing with the numbers" then please tell me how. This is the reality. If you cannot grasp the fact that an advisory is released with a variable amount of vulnerabilities I cannot help you.

And you can't understand the fact that Firefox is more secure than Microsoft Internet Explorer.

Wait a second, even US CERT recommends you should use a diffenent browser!

Quote from: US CERT
Use a different web browser

There are a number of significant vulnerabilities in technologies related to the IE domain/zone security model, trust in and access to the local file system (Local Machine Zone), the Dynamic HTML (DHTML) document object model (in particular, proprietary DHTML features), the HTML Help system, MIME type determination, the graphical user interface (GUI), and ActiveX. These technologies are implemented as operating system components that are used by IE and many other programs to provide web browser functionality. These components are integrated into Windows to such an extent that vulnerabilities in IE frequently provide an attacker significant access to the operating system.

It is possible to reduce exposure to these vulnerabilities by using a different web browser, especially when viewing untrusted HTML documents (e.g., web sites, HTML email messages). Such a decision may, however, reduce the functionality of sites that require IE-specific features such as proprietary DHTML, VBScript, and ActiveX. Note that using a different web browser will not remove IE from a Windows system, and other programs may invoke IE, the WebBrowser ActiveX control (WebOC), or the HTML rendering engine (MSHTML).


Quote
No and irrelevant.

Of course it is and it's exactly why your page totally blows. You can't discuss page rendering and compatability without mentioning standards support which very important.

Quote
"Internet Explorer 6.x is clearly faster than Firefox 1.x in 6 out of 7 measures of performance and is significantly faster from a cold start."


[list=1]
  • Apart from the start-up speed the other differences are neglidgable.
  • These tests don't feature web pages containing a variety of content i.e. each test just looks a one type of content.
  • Not in my experiance, for example Firefox renders hotmail faster than IE, Firefox renders this forum faster than IE.
  • It doesn't even mention download speed.


Quote
The argument that components of Internet Explorer may load during Windows Startup is nullified by Opera's start times. Which means there is no excuse for this except poor coding on Firefox's part.[/SIZE][/b]


Wow, I agree.

Hang on, IE must really be shit then, if it's already loaded when Windows starts, yet Opera actually starts faster!

Well you've proved to me that IE is actually worse than I thought it was before I read your post!

Quote
Who frickin cares!! There is no Myth that IE passes it or passes it well.

So what?

You quite rightly raise the point that Firefox doesn't pass the Acid2 test, well done! But wouldn't it be more fair to compare it to IE as well as Opera?

Wouldn't that be providing the reader with more relevant information so they can make a more informed choice?

It's one of those relative things again, something you don't seem to understand.

Quote
STOP making excuses.

I'm not making any excuses.

Quote
IE is by FAR compatible with more sites. This is indisputable.

But you're neglecting the all important standards debate again - something very important if you want your reader to become more educated.

Quote
It is not that simple anymore. Software is getting more complex and people are not going to sacrifice ease of use for security.

Bullshit, Mac OS is both easy to use and secure, ease of use and security can go hand in hand but obviously Microsoft has lead you to believe otherwise, I pitty you.

Quote
MS Office is hands down the better product. However it is very expensive and generally unnecessary for the home user.


I generally agree.

Quote
Businesses who rely on Excel or Access will and should continue to use MS Office.

On the contrary, bussinesses should continiously evaluate different products and use the one that suits them best - they might be able to make considerable savings.

Quote
MS Works never impressed me and I find Open Office a better solution. Open Office is recommended because I found it to be the best free (as in money) Office Solution.

I agree, and if you have money to spare there's always other alternatives like Star Office and Corel Office.
This is not a Windows help forum, however please do feel free to sign up and agree or disagree with our views on Microsoft.

Oh and FUCKMicrosoft! :fu: