Re: [News] Mozilla Firefox Tops Internet Explorer for Security

Home	Messages Index

[Date Prev]	[Date Next]	[Thread Prev]	[Thread Next]

Author Index	Date Index	Thread Index

Re: [News] Mozilla Firefox Tops Internet Explorer for Security

Subject: Re: [News] Mozilla Firefox Tops Internet Explorer for Security
From: Bobbie <bobbie4R3MOV3TH1S@xxxxxxx>
Date: Sun, 01 Oct 2006 21:34:01 GMT
Newsgroups: comp.os.linux.advocacy
Organization: Shaw Residential Internet
References: <3316178.0utDOKJWF9@schestowitz.com> <gitv9908g0y7.dlg@funkenbusch.com> <Xns985036691CDAFhpt@213.149.105.26>
User-agent: Pan/0.14.2.91 (As She Crawled Across the Table (Debian GNU/Linux))
Xref: news.mcc.ac.uk comp.os.linux.advocacy:1163100

On Sun, 01 Oct 2006 20:21:01 +0000, High Plains Thumper wrote:

> Erik Funkenbusch wrote: 
> 
>> I have yet to see any evidence of Mozilla fixing bugs
>> within days or even a week or 2 except in very rare cases. 
>> They take months.  Sometimes 4+ months.
> 
> According to:
> 
> http://www.symantec.com/specprog/threatreport/
> ent-whitepaper_symantec_internet_security_threat_report_
> x_09_2006.en-us.pdf
> 
> http://tinyurl.com/s5qaz
> 
> Page 61
> 
> | There does not appear to be any discernible trend in patch
> | development times for Web browsers. This may be because
> | these times are influenced by the number of vulnerabilities
> | that are disclosed for each browser. Mozilla is the only
> | vendor whose patch development time has decreased
> | consistently over the past three six-month periods.
> | Generally speaking, Internet Explorer has the longest patch
> | development times of any browser. This may be due to the
> | vendor's practice of issuing patches on a regular monthly
> | schedule. 
> 
> Note, IE has longest patch development time in general.
> 
> | Window of exposure, Web browsers
> |
> | The window of exposure is the difference between the
> | average patch development time and the average exploit code
> | development time for vulnerabilities in the selected Web
> | browsers. In the first half of 2006, Internet Explorer had
> | a window of exposure of nine days, down considerably from
> | 25 days in the second half of 2005 (figure 23). During this
> | reporting period, Apple Safari had a window of exposure of
> | five days, up from zero days in the second half of 2005.
> |
> | In the first half of 2006, Opera had a window of exposure
> | of two days, down considerably from 18 days during the
> | second half of 2005. In the first six months of 2006,
> | Mozilla had a window of exposure of one day. In the second
> | half of 2005, Mozilla had a window of exposure of negative
> | two days, meaning that exploits were generally released
> | after patches were available. 
> 
> Mozilla had a response time of 1 day from time of exploit to
> patch.


HPT, will you please stop using reason and verifiable facts to counter
FUDingbusch's arguments? I think Erik would be more fun to play with if we
all started to use his tactics.

-- 
Bobbie the Triple Killer
http://members.shaw.ca/bobbie4/index.htm

email Bobbie @ bobbie4R3MOV3TH1S@xxxxxxx
remember to 'remove this'

Bobbie recently switched to Ubuntu 6.
Why? Cause he can, that's why.

Follow-Ups:
- Re: [News] Mozilla Firefox Tops Internet Explorer for Security
  - From: Roy Culley

References:
- [News] Mozilla Firefox Tops Internet Explorer for Security
  - From: Roy Schestowitz
- Re: [News] Mozilla Firefox Tops Internet Explorer for Security
  - From: Erik Funkenbusch

[Date Prev]	[Date Next]	[Thread Prev]	[Thread Next]

Author Index	Date Index	Thread Index