Report: Firefox Buggier, But Issued Fixes Quicker

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
According to a new report, Mozilla reported more vulnerabilities in Firefox last year than IE, Safari, and Opera combined. Although Firefox reported four times as many flaws as IE, the silver lining is that the company is faster at fixing those flaws than Microsoft.

Firefox had 115 reported flaws in 2008, nearly four times as many as every other popular browser, and nearly twice as many as Microsoft and Apple combined, according to browser vulnerability research (PDF) released this week. In comparison, Microsoft reported 31 flaws in IE, Apple reported 32 in Safari, and Opera reported 30.
Click to expand...
 
Stories like these can be incredibly misleading. Since Firefox is open source, all of its vulnerabilities are public. A vulnerability found by MS won't be made public until someone else finds it. Same with Opera and Safari.
 
Hey everybody lets use Firefox, oh God Micro(insert_catch_phrase_here) is so terrible! :rolleyes:
 
Who the hell cares who has more security flaws or who fixes them faster. Just use the browser you want to. Cause all this thread is going to lead to is IE vs FF vs Safari vs Netscape vs Chrome vs whatever else.
 
I dont really care which has more vulnerabilities, how long it takes to fix them is how I would judge any software company IMHO.
 
For about the last two FF updates I've been living with random and intermittent crashes with it for no apparent rhyme or reason. They're not overly frequent but it's getting to be enoug of a nuisance that I'm getting ready to maybe run Opera as an alternative on the side.
 
FF crashes on me constantly at work and at home. I still use it exclusively though.
 
kllrnohj said:
Stories like these can be incredibly misleading. Since Firefox is open source, all of its vulnerabilities are public. A vulnerability found by MS won't be made public until someone else finds it. Same with Opera and Safari.
Click to expand...

What are you talking about? MS announces fixes for bugs they find all the time. do they detail the flaw? Of course not, why would they do that before the patch is distributed? That doesn't make the existance of the bug unknown.

The fact is that Firefox is flat out buggy. It is, and always has been. Yes, they're good at fixing it, but this delusion that open-source software is somehow better then for-profit it a delusion.
 
The only real flaw I've experienced with FF is occasional freezing up when having multiple pages opened,but it's not frequent enough to keep me from using it.It's much faster for me than IE.
 
This doesn't really come as a big surprise since it's open source vs. the other big browsers. More likely to find something, more likely to report it, and more likely to get lots of people working on it to fix it quickly. As far as I'm concerned, it's good that they're finding more flaws and fixing them quickly since that just means there are fewer unknown flaws I have to worry about.
 
The important question is: is the level of quality higher overall than IE, Opera, etc? There could be more flaws, but if they hang around briefly then the overall risk might be much less over time.

I just wonder if all the work that they invest into bug fixing benefits future major revisions. I mean, can we say that the next major revision addresses a major underlying reason for their having existed? Or does each major revision introduce an untested revision with its own,new problems?
 
Nemesis999 said:
What are you talking about? MS announces fixes for bugs they find all the time. do they detail the flaw? Of course not, why would they do that before the patch is distributed? That doesn't make the existance of the bug unknown.

The fact is that Firefox is flat out buggy. It is, and always has been. Yes, they're good at fixing it, but this delusion that open-source software is somehow better then for-profit it a delusion.
Click to expand...

It being open-code doesn't make it less buggy, but it suggests a good reason for why it might be. MS has a tendency to fix only things that affect its strategic position.

I do quite alot of web-centric development and to me, IE definitely has more issues (including bugs, compliance issues and design flaws) than FF does. Plus, FF has a fantastic set of grassroots plugin tools that I just haven't found for IE. I've also found IE much harder to troubleshoot for because of the fuzzy boundary between browser and OS.
 
venm11 said:
The important question is: is the level of quality higher overall than IE, Opera, etc?
The answer is no. I have all but stopped using any IE replacement on any winx box. Its just become too much of a pain to actually reliably replace IE. Linux of course i still use FF.
Click to expand...
Click to expand...
 
Using IE to surf the internet is like tappin azz without a rubber. You may get by for a while without catching something but one day...BAM...your junk falls off and you wonder why
 
venm11 said:
It being open-code doesn't make it less buggy, but it suggests a good reason for why it might be. MS has a tendency to fix only things that affect its strategic position.

I do quite alot of web-centric development and to me, IE definitely has more issues (including bugs, compliance issues and design flaws) than FF does. Plus, FF has a fantastic set of grassroots plugin tools that I just haven't found for IE. I've also found IE much harder to troubleshoot for because of the fuzzy boundary between browser and OS.
Click to expand...

I agree, there are great open-source products. But the fact remains that the vast majority of great games and apps are closed source for the same reason communism doesn't work, people want $$$, and the people that have the $$$ can spend it on their product.
 
The plugins for firefox is really the best out of all them. Things like autopager and tabs mix plus and a ton of other plugins make it a lot better. You can really make firefox your own type of firefox with the customizability. I remember all the time also when IE crashed windows explorer.exe crashed. IE has always been the easiest in the past to pick up viruses and activeX malware without permission. With firefox i've never had issues with that stuff again. The power is shifted to the user.
 
Nemesis999 said:
I agree, there are great open-source products. But the fact remains that the vast majority of great games and apps are closed source for the same reason communism doesn't work, people want $$$, and the people that have the $$$ can spend it on their product.
Click to expand...

Well, people do work (specifically, contributions to open source) for plenty of other reasons besides money. I mean, your day job isn't just about money, is it?

That goes to the heart of what I hate about Microsoft, actually. Microsoft wants all software to be about a profit motive, because that's the only way it can tangibly control the space. There are too many great ideas created out of inspiration and enthusiasm and team effort that it has crushed because it couldn't do that itself with pure money.
 
venm11 said:
Well, people do work (specifically, contributions to open source) for plenty of other reasons besides money. I mean, your day job isn't just about money, is it?

That goes to the heart of what I hate about Microsoft, actually. Microsoft wants all software to be about a profit motive, because that's the only way it can tangibly control the space. There are too many great ideas created out of inspiration and enthusiasm and team effort that it has crushed because it couldn't do that itself with pure money.
Click to expand...

It has nothing to do with people's day jobs. It has to do with the people and businesses with millions of dollars to hire dedicated long-term staff for a project. Money drives the world. Sure there are people that will program for free, but few projects will ever get the ham-hours that private closed-source apps get.
 
It's also worth pointing out that we only know about discovered security vulnerabilities. I'm pretty damn sure that Internet Explorer has more holes than Swiss cheese, but just because they aren't publicised doesn't mean they aren't there.
 
sear said:
It's also worth pointing out that we only know about discovered security vulnerabilities. I'm pretty damn sure that Internet Explorer has more holes than Swiss cheese, but just because they aren't publicised doesn't mean they aren't there.
Click to expand...

And so would Firefox... I promise that both browsers have tons of undetected/published flaws.
 
Jabroni31169 said:
Using IE to surf the internet is like tappin azz without a rubber. You may get by for a while without catching something but one day...BAM...your junk falls off and you wonder why
Click to expand...

Two words, BS. If you don't run as an admin 24×7, don't install every blipping thing that pops up and don't enter personal information on a phished site IE 7 and 8 are very safe.
 
Jabroni31169 said:
Using IE to surf the internet is like tappin azz without a rubber. You may get by for a while without catching something but one day...BAM...your junk falls off and you wonder why
Click to expand...

nice try. But honestly the chances of that are just the same with any alternative browser these days. Might as well use the one that works with everything, eg, IE.
 
Firefox just seem to function good all around. Hate to use IE occasionally at the work.
 
Nemesis999 said:
It has nothing to do with people's day jobs. It has to do with the people and businesses with millions of dollars to hire dedicated long-term staff for a project. Money drives the world. Sure there are people that will program for free, but few projects will ever get the ham-hours that private closed-source apps get.
Click to expand...

There seem to be quite a lot of people who will program for free, and also people who will program for a very eventual and uncertain payoff.

I don't quite understand why you disregard their efforts, or their talent and sheer numbers of people who do this. Most of these are people who often develop software (etc) in their "day job" and have open-source side projects, on teams with high process standards.
 
PS. Come to think of it, just about all software engineers I know have side projects. I think all of them would prefer to get rich than not, but really the most important thing is for their project to become successful and gain notoriety. Open source brings them distribution, access to other talent and a community for testing and feedback.
 
Nemesis999 said:
What are you talking about? MS announces fixes for bugs they find all the time. do they detail the flaw? Of course not, why would they do that before the patch is distributed? That doesn't make the existance of the bug unknown.

The fact is that Firefox is flat out buggy. It is, and always has been. Yes, they're good at fixing it, but this delusion that open-source software is somehow better then for-profit it a delusion.
Click to expand...

Firefox is not flat out buggy as you say. I use Firefox on my laptop, main rig, as well as on my computer at work. My main rig is on or in sleep mode 24x7 as is my computer at work. Firefox is opened on them pretty much as long as the computer is powered on.

I can't really recall the last time FF crashed on me, probably a few months ago. Rare enough that I can say it crashes less than IE when I was testing both to see which I would use as my main browser. Most of the time people experience crashes or memory leaks is due to buggy add-ons. I use only Flashblock, Adblock, IEtab, and Weatherfox. IEtabs and PDF files seem to cause the most problems for my installation of FF but again, it's not so much FF as the add-ons.

FF is not that buggy. Are there bugs in it? Of course but don't go on as if it's something that'll crash on you daily.

Open source software can be good as hell and rival for pay software. There are plenty of good open source software that rivals that of for pay software that is copyrighted by a for profit corporation.

I use UltraVNC to log onto certain computers on the network and to log onto my computer remotely (I even have a VNC client on my phone). It's open source and while it's not bug free (it'll sometimes become unresponsive and shut itself down, though this happens rarely), it's good enough that I can log in, get the files I need or check some stuff and then log off.

If open source software/code is so crappy why does MS use it in it's OS? Sometimes the open source software takes a little elbow grease to get it properly set up but there are lots of great applications and utilities out there that are completely open source.
 
I think Firefox is more stable than IE.

Anyway, ALL software has bugs. Doesn't matter who made it or what it is. It is BOUND
 
Nemesis999 said:
What are you talking about? MS announces fixes for bugs they find all the time. do they detail the flaw? Of course not, why would they do that before the patch is distributed? That doesn't make the existance of the bug unknown.

The fact is that Firefox is flat out buggy. It is, and always has been. Yes, they're good at fixing it, but this delusion that open-source software is somehow better then for-profit it a delusion.
Click to expand...

Bwahahahahahaha. Thanks for the laugh. You don't honestly believe that Microsoft publishes every single bug they find, do you? Hell, I'd be very surprised if they announced more than, say, 10% of the bugs they find and fix.

And no, firefox is *not* flat out buggy. I leave firefox running both my laptops and my desktop constantly. My vista desktop BSODs more than firefox crashes (which is once in a blue moon). The delusion that for-profit software somehow means a minimum level of quality is a delusion as well. The fact is that there is good and bad software, both of the open and close source variety. Being open source vs. closed source doesn't mean a damn thing in terms of quality or number of bugs, not a thing. If you need proof that closed source doesn't guarantee quality, just go read http://thedailywtf.com/
 
kllrnohj said:
Stories like these can be incredibly misleading. Since Firefox is open source, all of its vulnerabilities are public. A vulnerability found by MS won't be made public until someone else finds it. Same with Opera and Safari.
Click to expand...

thank God it's that way because if everyone knew what the flaws were, we'd have a lot more troubles......
 
kllrnohj said:
Bwahahahahahaha. Thanks for the laugh. You don't honestly believe that Microsoft publishes every single bug they find, do you? Hell, I'd be very surprised if they announced more than, say, 10% of the bugs they find and fix.

And no, firefox is *not* flat out buggy. I leave firefox running both my laptops and my desktop constantly. My vista desktop BSODs more than firefox crashes (which is once in a blue moon). The delusion that for-profit software somehow means a minimum level of quality is a delusion as well. The fact is that there is good and bad software, both of the open and close source variety. Being open source vs. closed source doesn't mean a damn thing in terms of quality or number of bugs, not a thing. If you need proof that closed source doesn't guarantee quality, just go read http://thedailywtf.com/
Click to expand...

vista bluescreens because you use shitty nVidia based chipset........
 
YeuEmMaiMai said:
vista bluescreens because you use shitty nVidia based chipset........
Click to expand...

I've had a single BSOD in the past 6 months, and it was a game + ATI driver problem (patching the game solved the BSOD)

Perhaps you should learn some history. Back in the day, nvidia's chipsets were some of the best available (at least for AMD systems. But in the P4 days AMD was all that really mattered if you wanted performance)

Oh, and I thought you might like this quote:
Kyle's Thoughts:

Dan has pretty much said it all, and there is little else to discuss. I spent a lot of time over the last month with this motherboard and have to say that the M2N32-SLI Deluxe is easily one of the best motherboards I have ever used. I know Dan has some issues with the WiFi, but it worked perfectly for me. I never actually plugged the board into an Ethernet connection.
Click to expand...
http://enthusiast.hardocp.com/article.html?art=MTA3NCw3LCxoY29uc29sZQ==
 
You must log in or register to reply here.
Back
Top