I think though that there's a fundamental difference between Firefox's security problems and IE's. It can be summed up simply: "The problems in Firefox are bugs in the code that should be eliminated. The problems in IE are design features that must be kept for reasons unrelated to security.".

Take an earlier vulnerability involving shell protocols that affected both IE and Mozilla/Firefox. In Mozilla/Firefox, the solution was easy: disable a specific protocol. This made you immune to the problem until the underlying problem was fixed. In IE you couldn't do that. If you tried, you crippled large portions of your system outside of IE to the point where Windows itself became unusable. This wasn't accidental, it happens because of a fundamental design decision in IE and Windows.

Flaws that allow the execution of arbitrary machine code are another example. They happen in Firefox, but again they're bugs that can be written out of the code once found. This isn't the case with IE. The basic design decision to incorporate ActiveX and to thread it all through the browser and OS results in a browser that must by design let external sites download and execute arbitrary machine code. Microsoft can layer defenses around that hole, but their designi precludes them from eliminating the hole itself.

It's the difference between a door that's designed to keep everyone out unless someone on the inside lets them in, and a door that's designed to keep some people out, let others through if they have the right key and let still others through without any key at all.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11155/31874#31874