Responses To "Langa Letter: The Pros And Cons Of Firefox"
First, I am surprised that no mention was made of the cause of most Firefox rendering errors in the article. Internet Explorer does not in any way support the standards for markup and stylesheets set by the W3C, and most of the noncompliant code written to work in IE will break in compliant browsers. The first thing I do when I get a rendering bug in Firefox is View Source, and every time the code is the same Microsoft-friendly slop, usually made worse by some worthless WYSIWYG editor. And out of thousands of Web pages, I've only run into this problem maybe a half-dozen times in the past year. Additionally, any image saved as a PNG is broken in at least two ways when viewed in IE, as Microsoft didn't see fit to support the gamma information or alpha channels in PNG files.
Second, there is no mention of Firefox's superior plug-in management. In IE, once I install an ActiveX applet from a Web site (an applet I'm not sure is even legit or that I even need to view the Web site, I might add), I have found no way to remove it. In Firefox, I have never been prompted to install anything unless I have clicked the "Install" button for a plug-in on Mozilla's Web site. Afterward, I can easily remove any plug-in I like at any time I like.
Last, there is again no mention of Firefox's superior usability. When I launch Firefox, it takes about half the time IE takes to load on the same machine in the same session. Firefox has tabbed browsing, a "search within document" that can start searching when I start typing, a download manager, an integrated DOM inspector, the option to view detailed information of a Web page (including all media, meta information, links, and forms), and all the functionality I had when using IE. With plug-ins I also have the option to remove all ads from a page (permanently if I use wildcards), create a TinyURL of a page, search Dictionary.com for a term, and even view a page in IE with nothing more than a right-click and clicking on a menu item.
Oh, and should I ever switch back, will IE import my bookmarks from Firefox? I suggest actually using a program when writing an article about it.
In your discussion of the software with 1,000 users versus 50 users, you made a serious mistake. You assumed that no one would find the same bug twice.
Because people do find the same bug twice, and report it twice, and so on, the number of bugs detected per user in software with the same fault rate will be lower with more users than with fewer users.
Another aspect is that the smaller the user community is, the more likely people are to be active in it. If there is a bug, a user is more likely to report it. In software with a large user base, particularly with a user base as large as IE, the user base is likely to be apathetic, and not report bugs, because "someone else probably already reported this." Kind of an interesting twist on the math.
Because of this, you can't really say that the 1,000-user software with 50 bugs reported in a period of time is equally buggy as the 50-user software with two to three bugs. It's not linear; it's asymptotic.
Another point is that you did not address the severity of the bugs. This is a critical point--there are plenty of "security exploits" that are along the lines of "If the user jumps through hoop X and Y to get to the free porn on the other side, they can be tricked into giving out their credit-card number." Sure, whatever. You can't protect everyone from everything; it's not a serious threat. But when you get into a real problem that could easily be exploited by simply opening an E-mail, that is a very serious threat.
I don't know what the answers to these questions are, or if they have easy answers. I do think it's likely that your conclusion that "Firefox is hitting bugs because its user base is growing" is correct; however, I also think that the methods used to reach this conclusion are flawed.
In reference to Fred Langa's article stating that Firefox is less secure than IE: Is Fred really that stupid? He is confusing vulnerabilities that have been found by the "white-hat testers" with the vulnerabilities that have actually been attacked in the wild!
It doesn't matter if a product has one user, or all but that one user, the number of vulnerabilities will not change. The one with the most users MAY have the most attacks in the wild, but that still depends on how hard it is to attack.
A large percentage of the vulnerabilities found in Firefox were either also found in IE, were not found in IE because IE does not support the feature that contained the vulnerability, or came from code that has been used by many people, and came from outside the Firefox team. The latter problems also affect many other applications.
To the best of my knowledge, and I have read all reports that I could find, not one valid attack has been found that affected Firefox. Also, users are more likely to update Firefox than IE because the automatic update system does not require a reboot. At most, you may need to exit and restart Firefox, not the whole computer!
Most of the problems found with Firefox are not what would be considered critical, while most of the IE problems were classified as critical. Most of the Firefox issues were fixed very quickly, and the information was released by the Firefox crew, not so with IE!
Probably the most important advantage of Firefox over IE as far as security is concerned is the fact that Firefox is NOT integrated into the operating system, and any vulnerabilities will NOT directly affect the operating system!!!
Excellent article by Fred Langa. I use and love Firefox but have no illusions about perfectibility. Fred is spot on that nothing is perfect and that open-source users need to be just as vigilant as possible. His use and application of the Law of Large Numbers is also great.
Alabama Advance Inc.
Building A Mobile Business MindsetAmong 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.