Originally posted by: Nothinman
While its true that Mozilla wont be targeted as much as IE, the real key is that IE has complete access to everything in your system. It will automatically run vb scripts, and it has full read and write permissions. The concept itself isnt secure to begin with. Then you have a company with a track record of poor security, and poor response to security issues and you have serious problems.
IE runs as your user, not SYSTEM. It can f' up your files but it's far from capable of doing
anything. If you run as administrator day to day that's your fault.
In practice, it's not so idiot-proof.
Most of the desktop clients out there are still Win 9x clients with no filesystem security. Even for the NT kernel clients out there, quite a few workstations run NT4 or W2K, which both have unnecessarily lax default NTFS permissions (and if you're still using FAT, then you're screwed).
Furthermore,
by default, WXP grants all user accounts Administrator credentials. I italized by default because in practice, the logic they've implemented in this regard is ridiculously convoluted. The goal was transparent backwards compatibility with existing Windows applications (many of which assume no OS security model), and as usual, MS chose the most convenient default at the expense of security.
The funny thing is apologists like gopunk actually thump their chests and make the absurd claim that MS has a good security design/implementation track record + a good response track record. Objectively, neither is true.* To bolster the claim, the argument usually goes, "Windows is a monopoly in desktop clients, so that's where the crackers target". No, actually, crackers target Windows because it's *both* ubiquitous and
vulnerable.
As has been mentioned more times than necessary, if black-hat crackers just go after ubiquity, Apache HTTP Server would be amongst the primary targets. Rather, that wonderful distinction goes to IIS (and its related brethen, IE + Exchange/Outlook).
Furthermore, it's hilarious that WXP has only been out for about a year, and just because gopunk got a "free" promo copy at school, he's generally touting how great it is, and how MS software doesn't disappoint. A year of free bliss does not add up to a sterling track record. But hey, if he's happy, what's the use in evaluating real technical claims on their merit.
* To be fair, neither is the blanket statement that open source software is more secure. However, transparent development clearly has some beneficial characteristics when it comes to security. As a simple analogy, no good encryption algorithms are developed in secret (and MS has created quite a few lousy ones, i.e. the PPTP suite). Few experts actually believe in security through obscurity, but MS execs couldn't spend enough time in court deposing that their software was too flawed to safely reveal the internals and external APIs fully. Users just have to blindly trust MS when it comes to security. Judge for yourself if they've earned that level of trust by past actions.