/dq/media/agency_attachments/UPxQAOdkwhCk8EYzqyvs.png)
Follow UsNetscape Navigator's old Gecko heart, now meta morphosed into the Firefox,
is the first open-source application to grap the enterprise desktop with its
steely grip. Microsoft's Internet Explorer, for the first time since 2000,
when it decisively ended Netscape's dominance in the browser space, is being
rattled by the hurricane of the first Mozilla Firefox beta versions 0.1, 8 and
9, now ending in the release of Firefox version 1.0 in November.
/dq/media/post_attachments/bf2bbb6689817e0bdedd9e5a132c97b46be612541d9a040d9d339d4d7795e05d.jpg)
Is it better than the open source community's favorite villain, Internet
Explorer? For a browser that needs a huge amount of word-of-mouth publicity
balanced against the widespread disgust at Explorer's security snafus/errors,
the second factor has driven the first worldwide.
Outfoxing IE
Coming from the people who made Mosaic, the Web browser that made the Web
popular in the mid-nineties, Firefox and its Mozilla (standing for "Mosaic
Killer") forebears have finally picked up from where Netscape Navigator
left off.
As thousands of tweaks and third-party improvements to the open source code
of the browser continue to flow in, the word "free" is back in
currency on the Web. What else would make the thousands of Firefox freeloaders
download, in all blind confidence, scores of "extensions" for the free
browser which are not fully blackhat-proof, leave alone error-free? And, in the
process, screw more tweaks into the freely available source code, all under the
maternal gaze of Netscape's central clearinghouse Mozilla.org?
"The confidence that Firefox now gives the Web surfer and developer is
phenomenal. A raw sense of freedom, security without worrying too much about IE
prompts urging you to download more and more Explorer patches," exclaims a
Firefox fan. Or, "taking back the Web", as the T-shirt hawking Firefox
sloganeers see it, pointing out that Firefox is being widely used by tomorrow's
Web designers and developers, who can clear the way for further enterprise-ready
applications and adoption by larger industries.
/dq/media/post_attachments/5a98941798069cb9fead3a1ac1e032ccf39be6bea63c112bb9c6f97502fc7535.jpg) |
Users, many of them diehard Opera fans, download Firefox and the excellent
tweaking utility, Flexbeta Firetweaker (only for .NET frameworks), to further
fine-tune Firefox functionalities for snappier browsing and tabbing. Firetweaker
comes with an Auto-Optimizer to optimize page loading and rendering, as well as
a system booster. When it comes to customization, Firefox beats other browsers
hollow-meticulously tailoring appearance and behaviour of the browser,
interfaces and Web pages to different systems and user requirements.
/dq/media/post_attachments/5cd0fa1c78d7358b7a1f823d8c16e5cfd7d11e27fbaa4835d0a63764a41a06e8.jpg)
While Microsoft, which plans an upgraded browser with its 2005 OS edition
Longhorn, is maintaining an overwhelming lead in the browser market, it has
slipped incrementally since Firefox started circulating in pre-release versions.
While the preview release of Firefox beat its initial goal of a million
downloads within six days, the official Firefox 1.0 version passed the nine
millionth download mark on December 10. Firefox users and developer communities
were ecstatic, even as feverish plots were laid in the sombre recesses of
chatrooms worldwide to bring down www.antifirefox.com, a domain reserved by IE
loyalists for a counter-attack.
Suffice it to say that whenever it goes beyond the anti-Mozilla rants on its
chat forums, www.antifirefox.com will have a tough job winning back converts to
Firefox's fold. Last month, a survey showed IE slipping below 90% for the
first time in years. Statistics from OneStat.com, an Amsterdam-based provider of
Web traffic measurement services, based on 2mn Web surfers' activity in 100
countries, showed that IE's market share slipped to 88.9% in the third week of
November, down 5% from its share in May.
/dq/media/post_attachments/590dcb27ee1e106364e4757f74ccf87cf93ace65ea1fbb1953c9b0e87eead30b.gif)
|
|
Secunia.com's “Impact” pie graphs show percentages of all impact categories affecting Mozilla Firefox 1.0, Internet Explorer 6 and Opera 7.x. Respective graphs reveal problems with specific types of vulnerabilities on each browser. |
Nevertheless, while enterprise managements have been largely oblivious to
Mozilla F's popularity in India, Firefox does not seem to be doing too badly
on enterprise desktops either. Currently, at least 80% of the estimated
one-million-plus downloads in India are by households while the balance is in
enterprises where third-party downloads have not been banned on security
grounds, notes a systems architect with a semiconductor company.The CIO's nod
to go ahead and mix Firefox with the rest of the tech infrastructure has been
slow to come, though. The result is "enterprise bundling": a
phenomenon seen since the days when Opera and Safari first made their way to
employee desktops with the tacit acknowledgement of the systems administrator,
who used it himself on the sly when the CIO was not looking. Firefox is seeing a
similar, though much smoother, adoption curve. Though some CIOs Dataquest spoke
to feigned ignorance of Firefox, they were aware that for businesses a secure,
reliable Web browser is now more important than for most homes.
Firefighting Snarls
So, what in cyberspace could possibly prevent the hassled Explorer user from
a free Mozilla F download? Mozilla Firefox continues to suffer from typical
vulnerabilities that hit all tabbed browsers, says a system administrator. While
largescale security violations on Firefox are still early in the day to merit
notice, companies that fail to foster official adoption have not necessarily
opposed conversions from Explorer. Research firm KPMG ran a series of network
tests on Firefox spread over a few weeks before giving it the thumbs-down. Says
KPMG's George Mathew, "We were keen to evaluate Firefox at the enterprise
level, no matter how strongly it grabs the individual user's imagination. But
upon testing it to take our application loads and be part of our network
operations, we felt it was not enterprise-ready."
Mission-critical apps on the critical back-end are still unsupported on
Firefox advisories, feel CIOs like Mathew. However, there are others who feel
that the full range of apps development managers for small and medium businesses
now available on Mozilla.org, are not being put to good use by enterprise
datacenter engineers, administrators and end users. "For that matter, 100%
support for mission-critical apps in every context isn't offered by any
browser, including IE. It's partly about mindset," says Hutchison Telecom
IT head S Sridhar.
As for online security, no browser is free from dangers like phishing
attacks, which, according to a Gartner Group study in May 2004, have tricked at
least 1.8 mn banking consumers into revealing sensitive information causing
average losses of $2,000 per customer. Tabbed browsers could make things worse,
say security companies like Secunia-malicious content opening in adjacent tabs
can collect information filled into the forms of a trusted site even before you
can click "Submit Information". A Firefox fix for this vulnerability
was on the anvil at the time of writing.
|
Browser |
|
| Microsoft IE 6.0 |
80.95% |
| Microsoft IE 5.0 |
4.18% |
| Microsoft IE 5.5 |
3.66% |
| Mozilla Firefox 0.1 |
2.79% |
| Mozilla 1.x |
2.77% |
| Mozilla Firefox 1.0 |
1.79% |
| Opera 7.x |
1.29% |
| Safari | 0.91% |
| Desktop shares of Camino, Konqueror, Avant and Maxthon are too negligible to be part of this list Source: OneStat.com |
|
|
A recent survey showed |
|
As for the clumps of adware and "limeware" (us, human beings)
lurking behind every mouse-click on Explorer, Sridhar says, "We believe
that Firefox leaves no room for malicious and disruptive adware or annoying
pop-ups. This saves enterprises a lot of time and bandwidth." Firefox is
yet to receive another extension to trace the source of surreptitious adware,
but a temporary reprieve from annoying pop-ups and surreptitious downloads via
numerous security enhancements is helping enterprise users surf the Web in
peace.
But security risks abound. CIOs know that even as open source browsers and IE
come up with new fixes for the various vulnerabilities they all share, hackers
will increasingly use the vector of the browser itself to launch attacks.
Companies, which pay for their IE browsers, are often reluctant to go in for an
additional Firefox download, but rarely prevent individual users from going in
for one. Whose mouse toes whose browser remains to be seen. Meanwhile, the Fox
grins on.
Ravi Menon in Bangalore
/dq/media/post_attachments/6a972e81e7db94a85657aadb93f4bf033b2ddf6baff083be0b473d61722215f0.jpg)
Flaws in every browser you see? Secunia says that attackers can now spoof the
content of a website, regardless of the browser used. Though rated moderately
critical, Firefox's IDS has noted the flaw and is "working on it".
Attackers can exploit the flaw by injecting content into the window of another
site if the target name of the window is known. For example, it could be
exploited by a malicious website to spoof the content of a pop-up window opened
on a trusted site. Secunia has confirmed the vulnerability on a fully patched
system with Internet Explorer 6.0 and Microsoft Windows XP SP1/SP2, Netscape
7.2, Mozilla 1.7.3, Mozilla Firefox 1.0, Apple's Safari 1.2.4, Opera 7.54, and
KDE's Konqueror 3.2.2-6.
Though Explorer has no tabs, the "drag and drop or copy and paste
files" option bares open the vulnerability, says Secunia, which recommends
disabling this option. Deepnet Explorer, a UK-based free browser, now eyeing a
share of the market, has claimed that the latest version of its product is not
vulnerable to the flaw. Internet users who want to check if they are vulnerable
to a flaw in almost all browsers can visit a site set up by security advisory
service Secunia: http://secunia.com/multiple_browsers_window_injection_vulnerability_test