F
Fuzzy Logic
Automatic checks for updates of extensions and themes as well.
Given, however, that most users are naive about these issues, it is
essential to ensure that the naive user is protected right out of the
box.
Regardless of the browser they use there is nothing to protect the user
from doing stupid things except education. You can have the latest AV
software, patched operating system and Firefox and it's not going to stop
a user from downloading something with a harmful payload that your AV
software doesn't know about yet.
But if there are a lot of leaks because of manufacturer's defects, maybe
its time for people to consider alternatives.
By all means consider alternatives. I'm simply saying that switching to
another browser doesn't mean the user is suddenly a lot safer. They still
must practice safe surfing and keep all their software up to date (not
just their browser). Things like Flash, Adobe Acrobat, Java and various
other pieces of software are also attack vectors. Ultimately if they want
to be secure they have to take responsibility. Software can only do so
much for the user.
Sigh. IE offers all sorts of hooks which makes it easier for malware to
do damage. (Think of how many people who are complaining because their
home pages have been hijacked by malware like Cool Web Search which are
beyond the capabilities of ordinary users to uninstall.) FF simply does
not offer such hooks.
My experience is that malware is installed by the user. I can't believe
how many users want their clock synchronized to the internet and gladly
install Precision Time or other such products. This has nothing to do with
wether or not the browser has hooks to the OS. Running Firefox is not
going to stop this and possibly encourage more of it because the users no
longer has anything to worry about because they are running a 'safe'
browser.
Sun has to be pushed to do a better job here. They fought hard in court
to stop Microsoft from keeping its own JVM, so in fairness Sun should
offer automatic updates as well. It does not help much to offer a more
secure JVM, and then not to ensure that users keep up-to-date.
So you argue that it is better to sell unsafe cars, because safer cars
might encourage users to drive more dangerously? An interesting
viewpoint.
No I'm argueing they need to understand how things work and take some
responsibility. Just because you have a very safe car doesn't mean you can
drive recklessly and not expect to get in an accident. Also a car is only
safe if it's properly maintained.
Simply switching to Firefox is no quarantee that you are safe from threats
on the Internet and MAY encourage you to do things you wouldn't normally
do if you weren't using a 'safer' browser.
I have nothing against Firefox or switching. My concern is that nieve
users will be led to believe that by switching to Firefox they no longer
need to concern themselves with security and that's a dangerous place to
be.