Reality Check department:

Internet Explorer is more secure than Firefox,
according to a senior Microsoft executive, who
compared how many vulnerabilities were found in the
two browsers--but critics say his study is flawed.

Jeff Jones, security strategy director of Microsoft's
Trustworthy Computing Group, released a study last week
comparing the flaws in Microsoft's Internet Explorer to
Mozilla's Firefox browser; unsurprisingly, he concluded
that Microsoft is doing a better job than Mozilla.


Jones said Mozilla has fixed more flaws in its browser
than Microsoft during equivalent periods, which he
said renders Firefox more vulnerable than IE.

(Um, no it doesn't.)


... Jonathan Oxer, technical director and founder of
Web application development company Internet Vision
Technology and president of Linux Australia, said the
study is flawed because Microsoft tends to bundle its
fixes, which leads to a lower count over the period
being compared.

"For example, when fixing a vulnerability there might
be several issues being resolved in one go. So it
decreases the bug count," he said.

Oxer explained that the way in which levels of security
are reported is frequently different. "In the case of
Firefox there may be issues that (Mozilla) has reported
for which there is no known exploit--a theoretical
exploit--so it's not necessarily accurate to directly
compare fixed exploits without an understating of
how the numbering or definition of an exploit is
determined," he said.

Windows Vista. It'll Fix Everything(tm).

Posted via a free Usenet account from