Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Anyone see a game changer here?

  • From: Steven Bellovin
  • Date: Fri Jan 22 23:09:23 2010

On Jan 22, 2010, at 10:37 PM, William Pitcock wrote:

> On Fri, 2010-01-22 at 22:16 -0500, Steven Bellovin wrote:
>> On Jan 22, 2010, at 12:26 AM, Bruce Williams wrote:
>>> The problem with IE is the same problem as Windows, the basic design
>>> is fundementally insecure and "timely updates" can't fix that.
>> You do realize, of course, that IE is recording less than half the
>> security flaw rate of Firefox?  (See
> Consider for a moment that both Firefox and Safari are built on
> open-source code where the code can be audited.  As a result, it is
> clear why Firefox and Safari are more "insecure" than IE, it is simply
> because the code is there to be audited.
> Frankly, they are all about the same security-wise.
I think that that's wishful thinking.  IE has fewer security problems because Microsoft has put a tremendous amount of effort -- and often fought its own developers -- in a disciplined software development environment with careful, structured security reviews by people who have the power to say "no, you can't ship this".  They've also put a lot of effort into building and using security tools.  (For earlier comments by me on this subject, see

I'm not a fan of Windows.  I think it's ugly and bloated, and I don't like it as a user environment.  I'm typing this on a Mac (which I like for its JFW properties, not its security; I do not think it is more secure than Vista or Windows 7); I'm also a heavy user -- and a developer -- of NetBSD.  If the world suddenly switched its OS of choice away from Windows, I wouldn't weep.  But I also would and do hope that the other platforms, be they open or closed source, would learn from what Bill Gates has done well.

		--Steve Bellovin,

Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.