Firefox is now available for free download in its first official release, version 1.0. It’s gone from a fly speck to an actual challenge to the hegemony of Microsoft’s Internet Explorer on the browser scene in a remarkably short time due both to its reliability and its security relative to Microsoft’s product. Firefox has been my preferred browser for quite a while now. Since adopting it I’ve been impressed with its speed and how much better web pages look than under Internet Explorer and browser-related system crashes—which used to be a multiple times daily event for me—have largely become a thing of the past. Its tab functionality (which Opera pioneered IIRC) simplifies my weekly production of the Carnival of the Liberated over at Dean’s World.
It’s hard to go to any technical site these days without someone singing the praises of Firefox and urging its adoption to anyone who will listen. But that’s the wrong lesson to take from Firefox.
IE is the preferred attack portal for hackers because of the bang for the buck. By targetting a single browser you get a potential pool of tens or hundreds of millions of victims worldwide. As Firefox gains in popularity it will increasingly become the subject of the same kinds of attacks because it will make sense to do so. And if Firefox becomes the preeminent browser it will likewise become the preeminent target.
You want greater security? Abandon the proprietary vendor-based software environment and embrace a standards-based environment. Then let many flowers bloom. Adopt new browsers that adhere to the standards quickly—they won’t be subject to the attacks the current leaders fall prey to.
I honestly don’t believe that however much time and money Microsoft puts into a more stable and secure computing environment that it will do a great deal of good. So long as the reward in the form of the huge number potential victims is out there some doofus is going to devote the time to cracking the security. The only way to attack the problem is to reduce the potential reward by going to a more diverse computing environment.
I won’t tell you about the costs associated with the current monoculture. Everyone is investing time and money into firewalls, anti-virus software, anti-adware programs, and near-daily software upgrades. And all that software sucks up space and compute power. Not to mention the costs of a security breach. I just can’t believe that the value of the software monoculture that fosters this kind of environment exceeds its cost.
The problem is not Internet Explorer. The problem is software monoculture. Not that anyone will pay any attention.
