But was mozilla built thinking on security more than "user friendlyness"? It seems to me that a big problem with microsoft products is the way they valor more user friendly interface, features and eye candy forgeting about security. How about mozilla? Is security a primary goal?
I think the big problem with Microsoft products is giving users what they want intead of what they need. The products have been too fast providing a feature providing a feature or solving a problem in a way that would never inconvenience users, even if on the long term the problems in doing that begin to surface.
Mozilla has it's own default, but has always been willing to stand on technically sound solutions, even if that meant a little inconvenience to users.
One good example of that is that Mozilla never tries to guess to real content of data sent with a wrong header on the net.
This does annoy some users who will not be able to get correctly displayed something that 'works' with IE, but the IE mecanism has also been on several occasion abused to get it to execute code (viruses) in something that should have been innocent content.
This said Ben Bucksch has had a rant here some time ago on Mozilla security that is far from unmotivated.
You should therefore remember that Mozilla is not completely devoid of security bugs, and that it is necessary to use at least the latests available stable build to avoid them. Older version are not necessarily updated.
BTW I notice that whilst 1.4 is still the most recent long-lived version of Mozilla until 1.7 goes out, it is not listed as a product on http://www.mozilla.org. Isn't that a bit strange ?
As 1.4.1 is it's most recent version publicly available and dates back to October 10, 2003, it probably isn't recommendable security-wise to use it.
I see some security fix are still checked in the 1.4 branch, that seems mostly maintained for the OS/2 port (most recent is bug 243699), but there is no end-user binary available with them.
_______________________________________________
Mozilla-security mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-security
