Profile

unixronin: Galen the technomage, from Babylon 5: Crusade (Default)
Unixronin

December 2012

S M T W T F S
      1
2345678
9101112131415
16171819202122
23242526272829
3031     

Most Popular Tags

Expand Cut Tags

No cut tags

December 26th, 2005

unixronin: A somewhat Borg-ish high-tech avatar (Techno/geekdom)
Monday, December 26th, 2005 02:02 pm

Bruce Schneier reports on a study of major Internet browser security issues in 2004.  The study compared MSIE, Firefox, and Opera, and tracked the number of "known unsafe" days for each browser, defined as days upon which a remotely exploitable security hole had been publicly disclosed but no patch was yet available.

MSIE was 98% unsafe, with only 7 days in 2004 upon which there was NOT a publicly known, unpatched, remotely exploitable security hole.

Opera was 17% unsafe, with 65 unsafe days; the number would have been higher, except that two unpatched vulnerabilities happened to overlap.

Firefox on the Mac was 15% unsafe; of the 56 unsafe days, 30 were a hole that affected only Mac users.

Firefox on Windows was 7% unsafe, with 26 at-risk days.

Says Bruce:

This underestimates the risk, because it doesn't count vulnerabilities known to the bad guys but not publicly disclosed (and it's foolish to think that such things don't exist). So the "98% unsafe" figure for MSIE is generous, and the situation might be even worse.

Tags: