Are internet web browsers providing better or worse security in 2006?
Symantec Security Response says it’s a bad year for bugs in browsers, a good year for hacker successes. Is Safari a safe browser?
You know my stance on lies, damned lies, and statistics, right?
According to the experts at Symantec, who’s existence depends on security problems in operating systems and applications, so far, 2006 is a bad year.
Bad for you, bad for me, good for hackers using browser exploits to hack into computers and wreak havoc.
As you might expect, open source browsers like Firefox, and free browsers like Microsoft’s Internet Explorer fared worse.
Symantec says hackers found 47 bugs in Mozilla’s open-source browsers.
Here comes the fun with statistics. That means Firefox had nearly 30-percent more bugs than Internet Explorer.
Or, viewed another way, Internet Explorer had nearly 25-percent fewer bugs than Firefox.
That’s a reversal of fortune from Symantec’s statistics from the previous six months when Internet Explorer remained the security bug leader.
Our headline and the article’s title points out that Mac OS X’s Safari browser bug count doubled from the previous report.
See what you can do with a headline that’s both factual and misleading? Safari must be worse because the number of bugs doubled, right?
Internet Explorer barely saw a 50-percent increase in bugs. Lies, damned lies, and statistics.
Safari had only six noted bugs in the last half of 2005, which increased to 12 bugs in the first half of 2006. That’s double.
“Wait a minute, Barbara Marie!” I know where you’re going with this. “Isn’t Safari still the least buggy browser, especially when compared to Intenet Explorer on Windows?”
One could also use the same statistics and say that Opera is only half as buggy as Safari. Opera’s list of security bugs stood at just seven for the first half of 2006.
Does that mean no one is safe online, regardless of which browser they’re using?
That’s a loaded question, as it depends on what sites you visit while online, which browser you use, how secure your Mac or PC is, and on and on.
Interestingly, the US remains the largest source of online attacks by hackers at 37-percent, according to Symantec.
Nearly 60-percent of the US households online are using broadband vs. dial up.
Once browser security bugs are uncovered, how long does it take to get the browser fixed? I have no idea how Symantec arrived at their results.
Trust me. It’s more statistics mingled with the lies and other lies.
For example, Symantec says Mozilla, the folks working on Firefox, patched bugs within a day of public disclosure. Opera was second in response with an average of two days per bug.
How about Safari and Internet Explorer?
Safari was good, with just a five day per bug response time. Microsoft’s team averaged nine days per patch.
The point of all this is not that we’re still receiving lies, damned lies, and statistics. Browser security is an issue for those of us online.
Headlines remain an issue, too, as alarmist tactics by the security companies have been more like “crying wolf” in the past.
This report was more innocuous, which carries a danger itself—will anyone pay attention?
Other questions can be asked—do we need to pay attention, and, if so, how so? Or, should we just wait for the browser folks, Mozilla and Apple, to update their browsers and maintain security for us?
It’s more than good that someone keeps track of all these hacks, bugs, vulnerabilities and security problems in our online experience.
Click Here for the Symantec Threat Report.
At the basic level, all we can do is keep our machines running well, our software up to date, and don’t go phishing on the wrong web sites.
What else is there for the average user to do? Oh, we can flinch at the scary headlines.