Mozilla Launches Security Metrics Project 18
Earthweb passes along a ZDNet article which notes,
"In partnership with indie security consultant Rich Mogull, Mozilla has launched a valuable Security Metrics Project that — we can only hope — could help to put an end to the silly notion that patch-counting helps to determine a product's security posture. The idea is to develop a metrics model that goes beyond simple bug counts to reflect accurately the effectiveness of secure development efforts and the relative risk to users over time. Mogull has released a spreadsheet (.xls) with a preliminary version of the model and Mozilla's Window Snyder is actively seeking feedback to make the project open and meaningful."
Different name, please (Score:1, Informative)
Re:Where's the ODF version? (Score:3, Informative)
From the site (I know, I know):
Re:Hmmm (Score:1, Informative)
"So, we don't like the current stats because they make us look bad; so lets try to create a new "standard" which will make us look better? A standard that can only really be applied to open source, because you can't see the bug count in closed source?
Wow. That really smells." - by Anonymous Coward on Saturday July 05, @05:09AM (#24064781)
Agreed, 110%... instead of WASTING TIME doing that (well, there is no guarantee that Rich Mogull can actually DO anything more than that, let alone code to help the Mozilla dev team, OR even actively test the program trying to screw it up, finding another form of 'bug', not just security ones), fix the known unpatched security issues & you do NOT have to go about this b.s., period...
AS IT STANDS, NOW TODAY/CURRENTLY?
-----
SECUNIA DATA ON BROWSER SECURITY (dated 07/04/2008 - "4th July U.S.A."):
-----
Opera 9.51 (new release) security advisories @ SECUNIA (0% unpatched):
http://secunia.com/product/10615/?task=advisories [secunia.com]
-----
FireFox 3.x security advisories @ SECUNIA (100% unpatched):
http://secunia.com/product/19089/ [secunia.com]
-----
IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (34% unpatched):
http://secunia.com/product/12366/ [secunia.com]
-----
Those %'s are the latest for FireFox 3.x, IE7 after last "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.51... ALL, "latest/greatest" models.
So, as you can see? Well, NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?
It's faster too, on just about ANYTHING a browser does, & is probably the MOST standards compliant browser under the sun (not counting HTML dev tools). This is borne out in these tests:
http://www.howtocreate.co.uk/browserSpeed.html [howtocreate.co.uk]
AND, yes others (most recently in Javascript parsing speeds, oddly enough, lol... given the topic of my post here that is), right here:
http://nontroppo.org/timer/kestrel_tests/ [nontroppo.org]
NEW NEWS/NEWSFLASH: FF3 is "king of the heap" here now, in javascript parsing speeds, but of what gain is this? Security risks abound in running javascript on "every site under the sun"... limiting it to sites you absolutely NEED it for is the way, IF you wish to stay safer online that is.
----
Opera's just more std.'s compliant - for example, having passed all the ACID (2/3 before anyone on the latter & one of the first for the former no less), plus it's faster + MULTIPLATFORM, & more secure than the others out there - thus, it's an "all-around" overall best solution!
-----
QUESTION - So, "where do you want to go today?"...
ANSWER = Opera (if you're into speed, security, & std.'s compliance + using a webbrowser that runs on most any platform out there for computing is where).
APK
P.S.=> Thank goodness the poster before myself can "see", & cut thru the fog of lies/crap this really is... fix the bugs? No reason to have to do such stupidity... apk