| . |
|
Bitland.Net Security Notes
Comments? email jwilkins-at-bitland*net
More information on the author at Jonathan Wilkins's home page RSS feed available at http://www.bitland.net/index.rss 
|
| Archives: 2007, 2006, 2005, 2004, 2003, 2002, 2001, 2000 |
| |
| |
| Fully patched IE safe only 7 days in 2004 | (2006/12/08 18:27) |
I can't find a date on the article, but the folks at scanit published a paper on browser security in 2004. They went through public security resources and tracked the lifetime of various browser vulnerabilities. They found that even if you installed all available patches as soon as they came out, if you were running IE, you would still have been vulnerable to publicly disclosed code execution bugs on all but seven days. Given the amount of auditing that IE7 has recieved, I expect that it will fare much better, but this is the sort of thing that has prompted MSFT to invest as much as it has over the past few years. Other browser manufacturers fared better, but nowhere near what they should have done. If you were running Opera, you could have been owned via publicly disclosed bugs on 65 days. Mozilla had the best record of the major browsers, being vulnerable 59 days of the year. While that's a major improvement, if you were running Mozilla, you were vulnerable 2/12 months. To recap, vulnerable days by browser:
|
| +digg | +del.icio.us | [Web ] | Permanent link |
| |
| Cybercrime nets more than illegal drugs in 2004 | (2006/12/08 15:15) |
I just read here that in 2004 computer crime exceeded the illegal drug trade in revenues. Apparently the take was around $105 billion. |
| +digg | +del.icio.us | [Security ] | Permanent link |
| |
| RSS feed available at http://www.bitland.net/index.rss |