Comments on: Mozilla fixes risky Firefox flaw

The open-source browser maker rushes out a security patch for a previously unknown flaw and advises all users to update.

Firefox security.

So when the hell do the massive numbers of vulnerabilities being reported in firefox EVERY month stop becoming a sign that "mozilla" are doing the right thing and finally get acknowledged as the security in firefox SUX.

[hion2000]

Here's why.....

-Mozilla offers a "bug bounty". Find a security bug and you get $500 of cash. Plain and simple. It's enough to entice anyone to go hunting for bugs.

-Firefox is open source, so naturally more bugs will be discovered by security firms. Aren't you glad they're being found and fixed by good people, instead of being found and exploited by a few hackers?

-Mozilla doesn't release patches according to a "patch cycle" like Microsoft does. Rather, they release a new version of the browser as it becomes necessary.

[nrlz]

full disclosure

[i]The flaw was discovered by Internet Security Systems, a network protection company, and patched before the public learned of the issue, Hofmann said.[/i]

What happened to full disclosure the instance a vulnerability is found? Else, it seems like the way Microsoft works.

[System Tyrant]

Stay with IE...

if you think Firefox and the others suck so bad. I'm not trying to say people don't have the right to complain about Firefox security. As they say what goes around comes around. I think it's stupid argument on both sides. Very seldom do we hear anything constructive from either side. IE sucks or Firefox sucks aren't arguments to the better of either side. It's just crap talk.

The one thing I don't like about Firefox is having to redownload the entire program (albeit it's not that big) to fix a bug. Patches done right aren't that bad. However, I think Microsoft has made the word Patch into a dirty word.

I think Firefox will have security problems. The question is how fast do they respond to them? And how well do they fix them? Another good question would be how does this compare to the rest of the industry? Some might say that you have different levels of flaws. For me I only know of one level... CRITICAL.

My last comment here is about Microsoft. I know Microsoft has been getting hammered by a lot of people over software bugs. Right or wrong it seams like everyone has a bone to pick with them. Even I from time to time go off ranting about them. My only comment to Microsoft users is if you like their software then keep using it. Not everyone is affected by flaws in software. For those of you tired of Microsoft their are alternitives to almost every application they sell. Some free some not. Like any application though you are going to have to learn it so give yourself some time and learn it.

Could it be...

That it took less time to fixz the problem than it would have to announce it in advance?

[Steven N]

"MS has a proven track record with IE"

Yeah right... Depend on what track record you're looking at.

And to all people that feel proven right about Firefox not being secure: give it the same time and goodwill as you give to (the "proven track record" of) IE.

Also, Mozilla/Firefox is build by volunteers, and I feel they have a much better "track record" than the browser that is created by a multi-billion company.

[farmerbob]

Too bad that . . . .

Version 1.0.2 is a complete failure. After installing it, Firefox no longer works and has left remnants that make it impossible to go back to 1.0.1 that did work. Mostly. I have had to move to another browser.

So it's bye bye, Firefiz. Until they fix it. Or I just might stay where I'm at. Firefox has been too problemsatic for me for a while. They have a questionable Bug Fix avenue that makes minor sense.

[System Tyrant]

For Me

I don't know what is causing you your problems, but I have had no trouble with firefox installing or working.