IMHO, the reason for there being relatively little exploitations of FF vs. IE is not necessarily that FF is a moving target, per se. The underlying reason is that FF requires effort to find, download, install, and run whereas IE is already there.
The vast majority of PC users don't give a rip what browser they use and will use what is already available and default. FF is not that browser. Therefore, one can reasonably conclude that users who take the time to obtain, install, and use FF are better caretakers of their devices as they exhibit more effort. Subsequently, they are the users that are more likely to have taken the minor effort of patching, and AV and/or anti-spyware installation.
Why go through the effort of picking a lock or breaking a window when you can get into a different car or house that is unlocked to begin with?
The vast majority of PC users don't give a rip what browser they use and will use what is already available and default. FF is not that browser. Therefore, one can reasonably conclude that users who take the time to obtain, install, and use FF are better caretakers of their devices as they exhibit more effort. Subsequently, they are the users that are more likely to have taken the minor effort of patching, and AV and/or anti-spyware installation.
Why go through the effort of picking a lock or breaking a window when you can get into a different car or house that is unlocked to begin with?
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/newsbriefs/578/2141#2141