The announcement of several critical security flaws in Mozilla's Firefox Web browser has prompted much press about whether alternate browsers are, in fact, more secure  than Microsoft 's Internet Explorer.
But one expert says the whole situation boils down to a numbers game.
"Sometimes, software can be the victim of its own success," said Graham Cluley, senior technology consultant with security firm Sophos.
"With Firefox increasing its market share, we're not surprised that people are both looking for security holes and also looking with the intent to do something malicious."
Just a Few Will Do
The writers of malware blanket the Internet with code designed to infiltrate systems, Cluley said.
They know that the vast majority of users will not be vulnerable because they will download updates to their browsers, install current virus protection or simply avoid opening suspicious attachments.
But those with criminal intent need only a small percentage of users to be vulnerable to achieve their goal -- whether it be lifting personal financial data or sending spam through an unsuspecting user's computer.
Thus, as the number of Firefox users continues to climb, the ratio of those who can be exploited will climb, too, Cluley said.
Stacking the Deck
Still, Firefox users seem to be more security-conscious than the Internet-using population as a whole, Cluley said.
Sophos has monitored the browsers being used to access its own security information site. About 16 percent of visitors are connecting through the Firefox Web browser -- more than the 7 percent of people who use Firefox in general.
"People who are worried about security are switching to Firefox," Cluley said. "But they cannot think that doing so is the end of the road. The real message is that whatever Internet software you use, you must keep it up to date and be aware of flaws as they occur."
|
