Analysts - Any browser is susceptible to security troubles

http://www.technewsworld.com/story/35047.html

-Snip-

When Microsoft was experiencing problems, some in the security community, including the SANS Internet Security Center, advised users to consider alternatives like Mozilla and Opera. Now that it has been shown that alternative browsers can be just as flawed as the larger players, the whole issue seems to have highlighted the difficulties of keeping browsers secure.

News of the Mozilla flaw comes after recent reports of an OS X vulnerability and an announcement by the Debian Project of a flaw in the Linux kernel.

"Previously, what seemed to be a safe haven turned out not to be," said Laura DiDio, Yankee Group analyst, in a LinuxInsider interview. "It shows that if you don't have safeguards in place, you're going to see a problem. This isn't just a Microsoft issue anymore."

DiDio noted that as Linux grows up, users can expect to see more browser vulnerabilities brought to light. She said that although most attackers have been focused on Windows, that does not mean Linux users will be safe for long.

"I think the message here is: Get ready for more flaws," she said. "It's a fact of life that no matter what system you're using, you shouldn't feel secure without having good practices in place."

But IE is more open than most.

Not only does IE have a commanding share of the market, but M$ is very slow about plugging the holes simply because the trillion-dollar dog wags the tail for the most part and has Norton's and other security firms to plug their security holes for them for the most part.

I think that will change faster than most people realize after it's recognized that M$ has a business arrangement with the Spyware and Malware programmers along with the Spammers to generate another few billions for Micro$haft.

The Yankee Group does a lot of business with MS, and the DiDio person in particular is dead-set against anything that isn't owned and sold by a corporation. She has a history of dispensing anti-free software rhetoric and her 'research' techniques have been roundly criticized by much of the industry.

All software has flaws... but Mozilla has had few security problems and that is not likely to change much as it becomes more popular. Other free software programs were developed in the same fashion as Mozilla, and have gone on to run most of the web! The Apache web server has over 60% market share and represents a huge target; but when virus problems occur on servers what is to blame in the great majority of cases? Microsoft's server.

The Yankee Group report was released to spread doubt and give people a way to cop-out: "Oh, well... they're all flawed. I'll just stay with Microsoft." Doubt is the only thing they have right now to stem the large tide of people migrating away from IE because the MS product is so awful.

Cop-outs don't save you from virus and spyware infestation.

"Oh, well... they're all flawed. I'll just vote Bush."

The logic behind these "they're all flawed" arguments becomes painfully apparent.

Laura Didio is the IT press equivalent of Judith Miller.