Perhaps Mastertech would care to explain why he lies about what myself & others have said? For example;

"...Good stuff - give it a read." - Asa
Actual comment - "Robert Accettura has a nice response to the poorly constructed & mostly worthless article Firefox Myths. Good stuff - give it a read".

"...all web sites are IE compliant, use a browser with IE engine & tabs, & a fully patched system = 100% security." - FreewheelinFrank (MrFlibble)
Actual comment - "This includes 1 of Mastertech's typical phrases designed to suggest he is not the author ('Makes interesting reading') but then goes on to use the first person. Strange- that would be the first time for Mastertech. The notions are his: all web sites are IE compliant, use a browser with IE engine & tabs, & a fully patched system = 100% security."

"I'm not a big fan of evangelism or hyperbole, so when a page called "Firefox Myths" entered my radar recently, I was very interested." - Tre
Actual comment - "I’m not a big fan of evangelism or hyperbole, so when a page called “Firefox Myths” entered my radar recently, I was very interested. Then sadly disappointed. Rather than a balanced analysis of some of the folklore surrounding Firefox, it is merely a stream of weak arguments against imaginary “myths” supported by misquoting or deliberate misreading of sources. I’m not even going to reference the page".

Fully sourced - http://www.techspot.com/vb/topic44405.html

Wow, it didn't take you long to spam this in desperation.

What spam would that be? Your deceptions are well documented & authenticated. Perhaps if you weren't so morally bankrupt you wouldn't be being exposed for what you are wherever you promote yourself.

Upgraded a week ago... Damn thing forced the issue. I clicked off the upgrade window, but the next time I opened the browser, it installed the update anyway.

Didn't even break any extensions this time.

Damned annoying, if you ask me.

It should not break extensions, as it is just an update on the same branch. Extension API has not changed as far as I know.

Those who see extension breakage probably experienced them when upgrading from 1.0.x to 1.5.x.

Man, I really hate it when it does that. I hate FireFox! It auto updates, it blocks my ads I can customize the crap out of it, it's fast, low memory usage and it never crashes.

I am really trying to find reasons to gripe about FireFox, but it never gives me a chance and thats irritating.

AND I'M SERIOUS!

Well, there's the memory issue, but damnit, even that's solvable.

I guess we'll just have to live with it, man.

I don't agree that Firefox is fast, low memory usage and never crashes.

It loads several seconds slower than both IE and Opera. It consumes more memory than both of them, and it still has some kind of memory leaks at 1.5.0.2, though it is much less severe than 1.5.

BUT, the functionality Firefox and extensions provide cannot be matched by IE and Opera. That's why Firefox rocks.

hi.im totally agree with smallpotato...firefoz is very slow brouser......y cnt find anyreson....y ppl r saying firefox is fast than opera opera downloads fast. it loads pages faster than firefox......
bingo.
thats it... formarly i use...
firefox but wen i nstalled i nevr go for firefox again..

I'm happy with Maxthon thanks.

FF? No thanks, I fail to see the usefulness of locating, testing, configuring endless plugins and extensions. Then updating them when they are broken with an update to the browser.

I guess if I were a Microsoft hater I could get behind these other browsers. But, I'm kinda fond of my MS apps.

Maxthon rules!!! :D

It's small, it's fast, it's feature-rich.

I do use FF as a 'compatibility testing' browser during software development. But I won't use it for surfing.

But that's just me - a power user. 'Normal' users should be better off with FF than any IE-based browser for security reasons.

Yes-- this is the browser i most use nowadays. btw it just got updated 3/4 days ago(upgrade didn't make it here though)-- fixing my main complaint re searches, among other things.
This is the browser, of all the major ones, that works w/ & interfaces completely w/ the most sites-- w/ the most set of functionalities left un-hindered while stll being requisitely safe.
This point I just made is a slam dunk, w/o any chance of a valid counter argument:
A. Many sites still require IE-- nixing anything w/ non-IE engine in spite of fiddling w/ user agent & per site controls/settings.
B. IE has had so much arbitrarily removed or significantly disabled in the name of security-- rendering many sites' features & functions unuseable or degraded; and "most" of this does not carry over to Maxthon, even though it utilizes its engine. When it does affect Maxthon, then obviously one of the Mozilla browsers is needed.

There is actually one solution re being able to use 1 browser only at all sites: IE 5.5 sp1-- if one could overlook security issues & needed or improved features such as tabbed browsing, password handling, etc.-- but not being able to lock the toolbars is just too annoying.

Not at all it is very easy to secure IE.

Disable Active Scripting and IE suddenly becomes a very safe browser. Bear in mind that web sites that use JavaScripts no longer work, until you put them in "Trusted Sites" zone, one by one.

You can easily secure IE without disabling active scripting.

Have you read the 0day exploit a month ago? The solution before the patch was "Disable Active Scripting".

Yes I am well aware of what it said. If you really thought the sky was falling you could do that or install IE 7, a properly setup Enterprise environment would not be effected. Amazingly every IE 6 computer on the internet did not turn into one massive bot. Must of been magic.

True, a properly setup Enterprise is unaffected, and I am proud of my work in protecting the company.

It is magic only if you know everything. You know too little.

No real exploits for Firefox to hold your statement now. So other arguements from you?

That was sarcasm. It obviously wasn't magic, rather that there were no serious attacks, which is why there was no rush from Microsoft to release the patch early.

Yeah, by installing Maxthon!

Wrong again. Because Microsoft claims it needs QA. I know quite a lot of people infected by this vulnerability, but you can't understand even I show you, because they are not in english.

No Microsoft did not release this early because of QA, they did not release it because they did not see any substantial threat.

Is it so? That's strange, because Secunia notes that there's 21 unpatched advisories for IE, & as you're fond of saying - advisories do not equal vulnerabilities. Exactly how can you achieve this mythical level of security with IE? Conversely, you're of the opinion that Firefox, with 4 unpatched advisories, apparently cannot be secured further in any way.

Is Secunia really all that realiable an indication of vulnerabilities in a Browser in the first place? You constantly cite Opera as being perfect, with 0 unpatched vulnerabilities yet Opera have an agreement with Secunia to not post vulnerability advisories until they've released a patch for them!

Ignorance is bliss Mastertech

Because the exploits that allow for automatic software installation are or get patched in IE. Their is nothing mythical about it.

Mozilla:"Ours too have flaws and is slower but we are the BEST"
imo what is the point of using ff when we *know* it is not the fastest nor as safe as they used to claim when we have opera ?

I like Opera very much, but it's still the worst of the major browsers re interfacing w/ the most sites and functions.
Of course, this may not be the case for the particular set of sites you(or anyone else) personally surf on a daily basis...

Functionality.

For instance, I hate advertisements. With Firefox and Adblock extension, I subscribe to a block list, and I don't need to see them.

You can setup Adblock-like functions on Opera 8.x, though you can try and see how cumbersome it is just to set it up.

The point is, when you know the vulnerability publicly in Mozilla, it is already fixed.

Remember the 0day exploit in IE that was discovered nearly a month ago, but fixed only last week anyone?

Counting numbers is pointless, Mastertech. And it is getting bored to see you misleading the public. Yes I say I get bored. Please do other things that are more interesting to us.

Really then why are there still 5 unpatched vulnerabilities? Here is one unpatched for almost two years:

http://secunia.com/advisories/12403/

Misleading? Telling people a browser is secure but failing to mention the over one hundred security vulnerabilities is misleading. Telling people open source fixes everything that day when you have vulnerabilities unpatched for almost two years is misleading. If you and everyone else was so concerned about security you would be using Opera.

FYI that exploit did not effect IE 7 Beta. But you knew that right?

http://secunia.com/product/4227/#advisories

There are 4 unpatched or partially patched "known" holes in Firefox according to Secunia, NONE of which are critical.

Wait, not 4 "Currently, 3 out of 29 Secunia advisories, are marked as "Unpatched" in the Secunia database."

Go away.

No there are 5, one is partially patched and another advisory has two vulnerabilities mentioned. Advisories can list multiple vulnerabilities as this one does:

http://secunia.com/advisories/19631/

Which lists 24.

to me FF fan-boys are boring.
He has got right to put forward his opinion here.
And he has got a point unlike fan-boys like you

You are making sh*t up.

"Mozilla Firefox 0.x
Mozilla Firefox 1.x"

You can't count a pre 1.0 release.

I am not making anything up. Try reading the source:

http://secunia.com/product/4227

Clearly labeled:

Mozilla Firefox 1.x

Which lists the following:

http://secunia.com/advisories/19698 = 1 unpatched vulnerability

http://secunia.com/advisories/12979 = 2 unpatched vulnerabilities

http://secunia.com/advisories/12580 = 1 unpatched vulnerability

http://secunia.com/advisories/12403 = 1 unpatched vulnerability

For a grand total of 5 unpatched vulnerabilities.

From your source:

"Mozilla Firefox 1.x with all vendor patches installed and all vendor workarounds applied, is currently affected by one or more Secunia advisories rated Less critical

This is based on the most severe Secunia advisory, which is marked as "Unpatched" in the Secunia database. Go to Unpatched/Patched list below for details.

Currently, 3 out of 29 Secunia advisories, are marked as "Unpatched" in the Secunia database."

Advisories DO NOT equal vulnerabilities!!!!

This one:

http://secunia.com/advisories/12979/

Is not fully patched which means you are still vulnerable.

Don't mislead people. Criticality counts when you talk about vulnerabilities.

And you still can only hold those non critical vulnerabilities and cry like a baby?

Go make the vulnerabilities go wild. See if it is possible.

I don't even see a point in your post, you IE fanboy.

IE 7 Beta has its own flaw: http://blogs.zdnet.com/Ou/?p=176
The suggested workaround? Use Firefox. :-)

A Beta version is not a patch: it is a security risk in itself.

"But IE7 is not in the clear and has had its own flaw discovered by Tom Ferris which is fixed in the current beta of IE7. According to Ferris, the "workaround" for the flaw that he discovered was to "use Mozilla Firefox". It should be noted that the flaw was for an earlier beta version of IE7 and beta software is beta for a reason."

Did you even read the article? That was fixed in the latest BETA which was out before the IE 6 exploits arrived. If IE 6 has an unpatched exploit and IE 7 is not affected, I would consider installing IE 7 a solution.

Mislead? Is that why I directly link to the source.

This is silly. You think it is acceptable to roll out an update in an enterprise to install a beta software? I see you are very limited in skills dealing with enterprise users.

Point to a web site that uses such vulnerability to attack users.

I know it. And you think an English only browser can be installed in multilingual environments? Or you only know English and not other languages?

For the "Less Critical" vulnerabily that is unpatched for 2 years. Nobody manages to exploit and take advantage of it for 2 years tells you how severe this vulnerability is. Next to nothing I would say.

oh no! i'm vulnerable to people spoofing the filetype in the download dialog!!

do you actually read what the "vulnerability" is before you post the link?

go away, troll.

I have no use nor do any of my clients for multi-language usage.

You have no idea if anyone exploited it or not.

In Enterprise environments you would be dealing limited user accounts negating the problem anyway.

Point to one for IE.

"I have no use nor do any of my clients for multi-language usage."

That means you have limited experience.

"You have no idea if anyone exploited it or not."

True I have no idea. Neither has secunia.com or other security firms.

So if you care so much about the non critical vulnerabilities, I expect you know there are exploits for that? Otherwise what are you worrying? You worry that the sky will fall one day?

LUA is NOT the total solution. It can reduce the problem, but it cannot fix.

And security has multiple layers. Learn it child.

search google for "createTextRange exploit". I found links to 2 source codes in the first result page.

Now your turn.

"That means you have limited experience."
No it means I live in the US and only deal with English speaking clients.

Exploits are exploits. If they are unpatched you are vulnerable. The point is that Firefox is NOT secure and the farthest thing from a security solution as many claim.

I never said it was the total solution. What is your problem? Try reading what I type and stop assuming, you are embarrassing yourself.

Read up on DEP.

I am not asking for source code but a link to a URL that exploits it. If you don't have it just say so. I mean it was so wide spread this should be easy.

You said LUA "negates" the problem, I tell you it cannot. You rely on LUA, and I tell you LUA is not everything, stupid.

And DEP does not work with every machine.

And you think the sysadmins of those web sites are stupid? I have a link to one of the examples, but they have fixed it, that's all. They are not stupids eithers.

I post codes which means you can easily implements it. If you can't even get up with code, how come you worry about exploitations.

The fact is, IE can be exploited easily by anyone who can get the code. Wake up.

The fact is, different vulnerabilities has different criticality. For vulnerabilities that are not exploited or are known to be not easily exploitable, one has nothing to worry about.

I can surf with Firefox and comfortably say that I am secure, because there are NO KNOWN exploits that work on me.

And I would like to remind you, vulnerabilities and exploits are 2 different things. There are NO exploits discovered public for those non critical vulnerabilities in Firefox. Even if there were public exploits available, they cannot generate a disastrous effect, like the ugly 0day IE exploit did.

Face it, boy, IE is NOT secure. The track record shows it has public flaws that is fixed late. Firefox is more secure than IE with its track record, timely fix for critical flaws.

Firefox is NOT secure. The only browser in Windows that can make this claim currently is Opera. Whether an exploit is made public or not does not make an unpatched vulnerability go away.

Face it your beloved Firefox is one big security hole.

The sky is still not falling and I don't see a URL.

In this instance it does:

"An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."

http://www.sophos.com/pr.../2005/12/msexploit.html

http://blogs.zdnet.com/Spyware/?p=801

Now if you say Sophos and Websense and lying when they say they found those URL's, who do you really expect us to believe?

This mantra of 'show me an URL that infects IE' is truely bizarre.

If these URLs exist then providing one should be easy.

I really didn't think you would be foolish enough to repeat your 'IE with SP2 = infalible security' credo after the recent CreateTextRange episode, like a soggy King Canute after the tide has gone back out telling us that we haven't just witnessed him up to his neck in the water.

Carry on in your quest for the Holy URL, Mastertech, you really are the laughing stock of the internet!

I really think you will keep avoiding posting a url.

All I know is that ever since I started using FireFox, i've never EVER EVER had the urge to go back to IE. I don't care for ActiveX because it's SH*T anyway, and I am fully aware that the reason many sites display "correctly" in IE vs FF is that IE does everything WRONG, and so developers are unfortunately forced to write their code WRONG so that it displays ok in IE since its on 85% of desktops (again unfortunately).

Now because FF does things RIGHT, sites that are coded exclusively to work with IE many times won't display properly in FF. I'm willing to deal with that and give the browser a chance to crush IE. Exploits will be found in everything. They will find MORE, AGAIN in FF and IE and Opera and even more obscure browsers. So thats something I'm not concered about cause I know mozilla response is quick enough with the exploits, rather then having to wait for Microsofts "homo tuesday" to patch systems.

Anyway security and small snags aside, FF STILL really is an all around BETTER browser for me then IE ever was. C'mon guys lets not let the recent bad media do this to FF! Remain calm and continue with the screw IE campain, it's worth it! Patience is the key.

I for one am unphased and am very happy with progress of FF. I'm sure v3.0 will have massive improvements in all aspects, as well as better compatibility to handle deliberately bad-coded "IE sites".

Firefox's Security is getting scarier every day. The latest Advisory lists 24 Highly Critical Vulnerabilities:

http://secunia.com/advisories/19631

Here is how the media covers it up but blasts IE for having only 10 vulnerabilities in the latest patch:

http://blogs.zdnet.com/Ou/?p=192

Get the facts: http://www.FirefoxMyths.com

Secunia - lists 97 security vulnerabilities in Firefox, 63 of which are rated as Highly Critical and 1 Extremely Critical.

Notes - The number of Secunia advisories (29) does not equal the actual amount of vulnerabilities (97). Over 10 advisories have multiple vulnerabilities, look carefully:

Mozilla Foundation Mozilla - lists 100 "known" security vulnerabilities in Firefox, 21 of which are rated as High and 39 Critical.

CVE - lists 140 security vulnerabilities in Firefox.

So much for Firefox being a secure browser! And yes Opera is far more secure with ZERO unpatched vulnerabilities.

http://secunia.com/product/4932

Blah, blah, blah. That update took 30 seconds to install. Mozilla updates faster and better than any browserr, and no amount of FUD will change that.

The only FUD is replying about how easy and faster something is to update to a comment on the number and severity of security vulnerabilities for the browser.

So tell me, 23% unpatched flaws in IE vs 10% in Firefox, and 14% extremely critical in IE vs 3% in Firefox, which is more severe?

And you need to understand what is "Extremely Critical" in secunia.com:

"Typically used for remotely exploitable vulnerabilities that can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild.

These vulnerabilities can e.g. exist in services like FTP, HTTP, and SMTP or in certain client systems like email programs or browsers."

Firefox updated itself, and let me know that I needed to restart my browser.

Your FUD is worthless here, everyone knows Firefox is more secure than IE.

Glad to hear Opera is more secure, too bad it sucks.

So tell me, 0 unpatched vulnerabilities out of 16 in Opera v8.x vs. 5 unpatched vulnerabilities out of 96 for Firefox v1.x, which is more severe?

Not only is Opera more secure than Firefox it is faster and had Tabbed Browsing, Integrated Search and Pop-up blocking first. As for Features: http://mywebpages.comcas...D/FreewareBrowsers.html

Opera looks good to me. All those features and more without extensions.

http://fileforum.betanews.com/detail/945720329/1

The following post is the spammer firefox fanboy FreewheelinFrank as desperate as ever:

words of wisdom

More like fuddumb!

"Opera looks good to me."

Hypocrite.

"I love things that work and IE works. Everytime I have to switch to IE to see or use a page properly is a waste of my time. I have to do it EVERY day. How can I possibly recommend this [Opera] to anyone? When they could simply use IE or preferably Avant Browser and never have to switch to anything? The argument isn't their. I don't sacrifice for things that don't work. My time is my time. Why "put up" with something when you don't have to? For an idealistic dream? Get back to me when Firefox or Opera renders all of the Web correctly. Neither is ready for prime time as far as I'm concerned."

http://s4.invisionfree.c...?showtopic=544&st=0

(For anybody that hasn't twigged yet, Mastertech=Andrew.)

Media coverage differs for a browser that leaves its users exposed to malware exploiting a known vulnerability for two weeks and one that patched some vulnerabilities before anyone knew about them...Hmm, wonder why.

If you want to plug Opera based on the number of patched vulnerabilities that Firefox has, that's fine. But how can you still recommend IE which not only has more, but patched them later leaving users exposed? This from you site, Firefox Myths:

"Notes - Internet Explorer with Windows XP Service Pack 2 installed provide the same level of Spyware security as Firefox. SP2 includes a built-in Pop-up blocker, a Download installation warning system and removes MSJVM from the system. This eliminates all the known security exploits some Spyware applications used to auto install themselves. Anyone who claims Internet Explorer cannot be secured from Auto-installing Spyware either doesn't know how or is lying."

When I say that users of IE were exposed to Auto-installing Spyware, is it because I don't know how, or because I'm lying? Oh, yes, of course, I should've installed the beta version which wasn't vulnerable.

Your anti-Firefox bias is absurd, Andrew.

And as you spammed Firefox Myths again, here's the antidote of anybody as sick of it as I am:

http://nanobox.chipx86.com/FirefoxFables/

Sucks...but with potential.

Oh the media bias is VERY clear try reading the article.

When you are fanboying Firefox why do you never mention Opera is more secure?

I actually recommend various browsers:

http://mywebpages.comcas...D/FreewareBrowsers.html

"When I say that users of IE were exposed to Auto-installing Spyware, is it because I don't know how, or because I'm lying?"

Both. Please provide proof of your claims. You don't have any and never had any.

Your "Antidote" is nothing but lies without 1 single fact. Don't fear the truth.

No offense but your continued desperation is getting laughable. No matter how bad you wish it was true those forums are not mine.

More like FACTDum.

Absolutely

And you expect people with no PC knowledge know how to protect themselves from malicious web sites. Your mind is too simple, and sometimes naive.

So you now want to move the focus to Opera, you IE fanboy?

Every serious System Administrator knows that "Active Scripting" needs to be disabled in last month until the patch was released last week in order to protect their users, from a PC professional to a novice. If you didn't, that means you are not a good SysAdmin, or you don't care your users, or you don't even think about it.

For Firefox vulnerabilities, now go make some usable exploits and make it go wild. See how severe they really are. They are "Less Critical" and "Not Critical" on secunia.com, and you need to know what they mean. Number is not the only way to tell vulnerabilities, you stupid Mastertech.

Although Opera is by far the most secure browser according to secunia.com and have great basic functionalities built-in, it lacks more advanced functionalities and extensibility found in Firefox. Do you have Adblock with an accurate blocking list and NoScript on Opera? How about removing anything you don't want to see on web pages immediately without reloading a page? Every web surfers annoyed with advertisements need them. It is a pity if you don't even experienced with them. And it is just one of the functionality that makes Firefox rock.

Opera 9 has much more focus on privacy functions, and I am looking forward to it, but unfortunately it is still in beta.

Is that Google cache of the page on the forum where you call the Comcast/SupportCD/OptimizeXP site 'my' guide still visible?

Yes. How embarrassing for you:

http://72.14.203.104/sea...uk&ct=clnk&cd=1

How strange that it should be deleted just when somebody used to show that it is your forum.

"When I say that users of IE were exposed to Auto-installing Spyware, is it because I don't know how, or because I'm lying?"

"Both. Please provide proof of your claims. You don't have any and never had any."

Are you kidding me?

With 200+ websites using the createTextRange exploit to install malware for two weeks, you still ask for proof? Get out of town!

WOW, I bet he's an employee.

200+ websites? Then surely you can find one link!
Please provide proof.

How embarrassing to you the amount of desperation you are in.

If people cannot install security updates that auto install then they surely will not be able to update Firefox. I created easy to use guides to help people for jus this reason.

Please provide proof of how and why it sucks, otherwise that is YOUR opinion.

The facts are Opera is faster, more secure and more compliant (Acid2) than Firefox.

And you think only installing updates protects themselves?

You forgot the last 0day exploit in IE that had no cure for more than 2 weeks other than disabling "Active Scripting"? You expect normal users watch secunia.com for advice and disable the function themselves? Why are you so naive?

If you want to compare "more secure", find a exploit that works in Firefox but not in Opera. Otherwise please shut up.

More compliant? Find a web site that requires the techniques that is used in Acid2, you benchmark idiot.

I would be surprised if you cannot find it in Google by searching for "createTextRange exploit". I just found 2 different source codes with different implementations.

Fortunately the issue is fixed now. Otherwise I don't know how severe the situation goes. It is so easy to find exploit source codes.

"Every serious System Administrator knows that"...

"If you didn't, that means you are not a good SysAdmin, or you don't care your users, or you don't even think about it."...

Out of curiosity, how can you make this claim? Are you even a sysadmin in the first place? I am one and I try to avoid "Active Scripting" myself, however, I would like to know if you have the credentials to back up your statement.

http://highered.mcgraw-h.../student_view0/chapter4/
http://en.wikipedia.org/wiki/Rhetoric

Acid2 is rendered 100% in beta releases of both Opera and Firefox. it is not rendered properly in current release versions of either browser.

how many of those 24 highly critical vulnerabilities were already patched before the advisory came out? all of them?

move on folks, nothing to see here.

Naive? IE 7 was not vulnerable to the exploit. You could simply install that.

There is NO beta release of Firefox that renders Acid2 correctly. That is a Myth. Firefox v1.x and v2.0 will not pass Acid2. Opera 9 Beta passes Acid2.

I am a "serious" System Administrator in an enterprise, who always tries to balance between security and usability.

Anything wrong that makes you wonder why I make the above claim? So you have another word describing those people who has not disabled Active Scripting in IE at least in the last month for their users before the createTextRange patch was released? Responsible?

You can't deny the facts, Secunia shows unpatched vulnerabilities in Firefox 5 out of 96. Opera 0 out of 16.

Anyone can run Acid2 themselves and look at the results. There is no argument.

You again show you are naive.

You are telling a person in an enterprise, with different versions and languages of Windows to roll out a beta version of IE which is only available in English?

Have you even thought about that, idiot?

This is a myth that it is not beta.

http://flickr.com/photos/dbaron/126886608/

I am not asking for arguement. I am asking for real world usage.

Any real world exploits that makes Firefox unsafe? Any real world use of Acid2 in web sites? If no, you should better shut up.

Or you can simply install IE 7 which was not effected by the vulnerability. But FYI I manage systems and had no problems during the time between patches using IE 6.

"Although Opera is by far the most secure browser according to secunia.com and have great basic functionalities built-in, it lacks more advanced functionalities and extensibility found in Firefox."

It most surely does NOT lack advanced functionality.

"Do you have Adblock with an accurate blocking list and NoScript on Opera?"

Not that I care or this is important to me but any scripting can be disabled in Opera and content blocking is available.

"How about removing anything you don't want to see on web pages immediately without reloading a page?"

You can remove whatever you don't want in Opera.

"Every web surfers annoyed with advertisements need them. It is a pity if you don't even experienced with them. And it is just one of the functionality that makes Firefox rock."

I honestly don't care about adblocking and freeloaders. But Opera does have content blocking.

"Or you can simply install IE 7 which was not effected by the vulnerability. But FYI I manage systems and had no problems during the time between patches using IE 6."

English-only IE7 beta again in an enterprise?
And you don't have problems does not mean the problem does not exist.

"I honestly don't care about adblocking and freeloaders. But Opera does have content blocking."

This is your last resort, "I don't care blah blah blah superior function in Firefox that I don't find in Opera and IE."

Opera HAS content blocking. Now set it up for Adblocking and have it update itself automatically. You can update filter.ini manually, but you can't make it update itself automatically.

Enterprise environments should have multiple layers of security that would have rendered any attack useless. Most enterprise environments run limited user accounts making code execution irrelevant.

Wrong.

The code still executes, it just gives less damage.

And disabling Active Scripting is the final solution to it.

Installing IE 7 is NOT an option at all.

You have a whole database from Secunia of exploits that make it unsafe.

As for Acid2, that merely proves standards compliance. So unless you are going to tell me W3C standards now are not important well that is up to you.

I have read them all. Even secunia has no links to Proof-of-Concept code to the vulnerabilities. Can't you make one? Or it is not really exploitable?

You are wrong again about Acid2.

http://webstandards.org/action/acid2/guide/

"Acid2 is a complex web page. It uses features that are not in common use yet, because of lack of support, and it crams many tests into one page."

"We do not envision or recommend that normal Web pages should be written this way, but it is appropriate for a test page."

So your arguement about Acid2 is virtually invalid.

"English-only IE7 beta again in an enterprise?
And you don't have problems does not mean the problem does not exist."

What part of this DON'T you understand? Enterprise security is a completely different ball game from home users. IE6 even without the patch in a properly setup enterprise environment would not be effected. Home users who don't have the same level of security can simply install IE 7.

"This is your last resort, "I don't care blah blah blah superior function in Firefox that I don't find in Opera and IE."
I don't care is my opinion. But the functionality is still there in Opera. I don't consider Adblock or no Script superior functionality. Especially when Opera has content blocking built-in.

Does Firefox have Voice control? Does Firefox have a Bittorent Client? No one cares what YOU consider necessary functions. That is YOUR opinion.

You already show that you don't even have a single experience in dealing with enterprise situations.

Different users has different needs, and as a Administrator, what I need is to balance between security and usability. Protecting IE is easy enough for me, but it will make those novice users have trouble visiting various legitimate web sites that they need.

True, Opera has various options that Firefox lacks. But this does not mean the functionality in Firefox are not superior than Opera.

Don't you know that Opera 9 is implementing something similar to Adblock? Even Opera themselves appreciates the functions.

What damage could it do? Launch solitaire? Come on.

That is some hacked developer branch. Neither Firefox 1.x or Firefox 2.x will pass Acid2.

You might want to read the front page:

http://www.webstandards.org/action/acid2//

"Acid2 is a test page, written to help browser vendors ensure proper support for web standards in their products."

So is standard support important? Oh thats right is only important when bashing IE. When Opera proves superior it becomes irrelevant, just like a fanboy.

Not all Enterprises deal with foreign langauges in IT. I take it you are not from the US? In Europe for instance the proximity of other countries almost necessitates it. In the US you have 50 states all speaking English. And not all Enterprises deal with foreign speaking countries. We deal with Canada for instance but the language is still English.

You keep jumping to conclusions based on assumptions. Do you do this in your real job?

"Different users has different needs, and as a Administrator, what I need is to balance between security and usability. Protecting IE is easy enough for me, but it will make those novice users have trouble visiting various legitimate web sites that they need."

First you are talking about laungage usage then this, make up your mind. We have users in our organization who need to use certain page and I simply set them up with XP and IE 7. I have actually received tremendous feedback from them on how much they love the new features.

"True, Opera has various options that Firefox lacks. But this does not mean the functionality in Firefox are not superior than Opera."

The point is the argument is pointless you cannot tell someone what feature is superior. It comes down to whether they use the feature or not. You are severely mistaken if you think Opera users appreciate the features of Firefox.

You ask Microsoft what is meant by "less impacted":

http://www.microsoft.com.../Bulletin/MS06-015.mspx

And you can always dream in your Acid2 world, just like those hardware geeks who dream in their 3DMark world. No real use synthetic benchmarks.

Standard support is important, but the "Acid2-way" support is NOT.

Firstly, I am surprised you do not deal with customers who speaks non-English. What is "Global" in your sense? Of course it may be easier to work there, but not here.

I need to tell you again, IE 7 is not an option here, as our Windows XP are NOT in English.

"The point is the argument is pointless you cannot tell someone what feature is superior. It comes down to whether they use the feature or not. You are severely mistaken if you think Opera users appreciate the features of Firefox."

Fair enough, only I would like to tell you Opera developers appreciate the features and implementing something similar in Opera 9, and beta testers of Opera 9 are happy with it.

You can conclude if they appreciate the features or not.

Did you even read what you linked too?

"An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."

So are you saying standards are irrelevant to the real world?

According to who? You?

An Enterprise does not have to be Global. Like I said we deal with Canada.

And no offense but I only deal with English related issues. Not that is solves your problem.

More like FUD packing.

I recommend ALL FF users upgrade to the latest release mentioned. Dislosure: i'm on the record as praising to high heaven earlier versions FF, then lambasting later releases.
This latest version is stable enough to recommend once more, even for enterprise. Although i have installed plenty of extensions, they are less still than in earlier days-- but at least the specter of adding as few as possible to avoid conflicts & bugs does not loom so large.
As well memory usage & startup speed are at worst almost as good or better than ever.
FF has almost returned, but not quite yet, to its halcyon days of widespread acclaim.

It's the users' fault.

Firefox has lost credibility and its one attraction — security. Like others, I'm back to IE and onto Opera. Forget this unholy mess the Mozilla Corporation has spawned. I guess building a better browser isn't as easy as they told it was, after all.

I hope that's sarcasm.

except that, unlike IE, it doesn't download spyware. and it works. memory leak is really the only issue, but unless you have your browser running 24/7, you'll be fine.

All I can say is a response to the comment, "I guess building a better browser isn't as easy as they told it was" is this---

Umm, duh?!

You should be using the browser because it improves YOUR browsing experience, not because it claims a promise that can never be quantified. This news does NOT convince me that it's necessary to stop using IE, FF, or anything else. It just means I need to upgrade to the latest version (oh wait, did that on release day already) and continue to surf intelligently-- not ignorantly.

If a security flaw is what scared you back to IE then you know nothing about the computer you are using.

Have fun with IE.

below me is the list of FF fan-boys :-

So true, funny how all the fanboys don't know how to use IE. I use it 24/7 and get no spyware.

true true. most efficient way to prevent spyware is to use brain

One good about us firefox folks. We don't have a patch wed. (or what ever it is called Ha Ha)

Firefox users upgrade NOW..

Upgrade to Opera...

http://www.opera.com

IE and Firefox are MUCH more secure than any version of Opera could ever be. The only reason you don't hear about security issues in Opera very much is because it has a much smaller user base than Firefox or IE.

Maybe your statement should say "Downgrade to Opera".

Only you seem to think that IE and FF are more secure than Opera.

http://secunia.com/

Firefox has a setting installed within the browser to allow it to auto update with the current version, So for most this shouldnt really be a problem unless persons has went on ahead to make make changes to Firefox to prevent it from updating. A good facility which is used on Avant Browser that comes up infront of the screen on a pop screen to advise that a new version is out and what changes have been made with a link to allow the user to update to the current version available, A possible option for firefox perhaps... Lets see what happens.

Gotta love open source

What does open source have to do with updates? I get regular updates with MS.

but they are for issues that have been around for quote a while. open source allows issued to fixed and turned around almost immediately.

Duh! ...you have the wealth of the world's resources available for support!

Besides, the scrutiny of 'many eyes' are supposed to prevent stuff like this!

That has always been a mantra of the open source community!

Dear US Government:
You don't know security.
Thanks,
Business community.

OK, I can't believe you even wrote this. Next, I can't believe you could be so stupid.

The government not only knows about security, they wrote the book on security, you moron.

Every security process we use, is ONLY with the US Governments approval. They get the higher stuff first, if consumers get it, there is a pretty damn good chance the goverment has something 1000 times more complex and better.

The US Government doesn't know security, are you military you twit? I was in the military, believe me, if there is ANYTHING the Government can put their name on its security.

Security is probably one, if not biggest, properties of our government, you screwball. You really need to restract that statement, because you look like a complete idiot.

you are right on M.Sweazey

Mozilla: Here's an update that fixes some security holes, we recommend you download and install it.

*much time passes*

Government: Hey, Mozilla released an update! We recommand you download and install it.

-1 Redundant

*Mozilla: Here's an update that fixes some security holes, we recommend you download and install it.*

*much more time passes*

Some yutz named "The MAZZter" suggests:

*Government: Hey, Mozilla released an update! We recommand you download and install it.*

Reality: The government posted it like weeks ago, and now that Betanews caught wind of it, its BETANEWS that is slow in posting the Goverment recommendation. So its redundant, because Betanews is just NOW finding it.

This has been on Secunia for weeks... Just because its news now, doesn't mean it WASN'T news before. Obviously someone at Betanews isn't paying attention. Maybe its a repost to remind people with Firefox to upgrade.

The gov't posted it today. I subscribe to the CERT list and it showed up a week after I already had it installed.

*yawn*

amen

It's interesting to see about the security problems and peoples reactions to them, because quite frankly it is laughable - especially due to the arguments of I suse FF becuae of this, or I use Maxathon becuase of that...

Anyone with half a brain will remember that it was said when Firefox first hit the streets that in time, as more people adopted it (and we've seen the market share it now has in other posts) security flaws would come to the forefront.

Remember, IE's falws are more "noticable" becuase it is still a major browser and as such is targeted by hackers, Trojan writers and the like. It is only time before people started to focus on the up and coming broswers, which firefox has of course established itself as a major player

What we must remember is the majority of software, what ever its purpose - be it browser, OS, Art software, text editing, anything - will have some vulnarability which will be found if people look hard enough. It's just a case that IE, FF, Windows etc etc are targets becise it allows access to a system, where as other vulnarabilities in other apps will not or are not worth trying to get access through!