This will be interesting to watch. While I like Firefox and use it, and while I have converted some people I know who can’t seem to avoid getting hijacked by spyware into Firefox users, and while I love to see Microsoft having to deal with this sort of problem, it may not turn out the way many expect.
I’ve said more than once, when discussing Windows versus Linux security issues, that if Linux had market share on the desktop that hackers would target Linux with their exploits. While Linux may be more fundamentally secure, there are vulnerabilities lurking, but most virus authors target Windows because they hit the largest number of target machines with their exploits.
Likewise, if Firefox becomes the predominant web browser, the makers of spyware, malware, popups, hijacks, and other browser exploits will turn their attention away from Internet Explorer and concentrate on making Firefox user’s lives more miserable.
I know that Firefox has been patched to correct security vulnerabilities during its beta stage. This month, flaws were corrected in PHP, another open source, Linux grown product. Today, a story ran about how Google fixed a security flaw in their Desktop Search product.
While I have no great love for Microsoft or Bill Gates, I do get a bit frustrated when people claim that products are bad or inferior or insecure just because they’re from Microsoft. I love Linux, but I still get a secret thrill whenever a Linux product is exposed with a security flaw because so many Linux zealots think that Linux is immune.
There’s no such thing as immunity on the web. If an exploit is found and an exploit is publicized, it will be utilized, no matter what product or platform it is on. Perhaps Firefox will be more resilient, since it isn’t buried so deep in the Windows core like the Microsoft Web Browser Control that drives Internet Explorer, but it is not immune just because it is not Microsoft’s. I’ll be anxious to see how it goes, simply from a point of curiosity.
I use both products. I have no religious attachment to either.
Then again, maybe products actually are more insecure just because they’re from Microsoft, because Microsoft is always in the cross hairs when it comes to malevolent programmers. I don’t look forward to a day when Firefox users can get hijacked as easily as today’s Internet Explorer users can, but I can certainly envision it.
Still, when it happens, I’m sure we’ll find out that it was Microsoft’s fault after all.