On Thu, Mar 19, 2009 at 12:26 PM, Michael Ross <mr...@itwif.com> wrote: > However.. I disagree that it IS more secure..
When I say "more secure in practice", I mean just that, not that Firefox is immune to vulnerabilities. Every major browser (and some minor ones) have had vulnerabilities. I just think Firefox is more secure "out of the box", and easier to make still more secure. For example, since Firefox 1.x, I've long set all the options that prevent JavaScript from controlling window size, position, UI trim, etc. This means browser windows always look like browser windows, with scroll bars and status bars. They can't pretend to be OS windows. It also means JavaScript can't take over my right-click content menu. It's my computer, not the web author's. More recently, NoScript makes it even easier to prevent JavaScript from taking over my computer. I've seem the equivalent of a JavaScript fork bomb -- it just opened endless new windows. Disguised as a benign link in a web forum prank, this caused the entire Windows Explorer shell to crash with MSIE 6 for some people. In Firefox, it just showed me an empty page, and I wasn't about to blindly enable JavaScript at that point. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
