Problem solve Get help with specific problems with your technologies, process and projects.

Trojans, viruses and targeted browsers

Security expert James Turnbull debunks the myth that Firefox is safer than IE or Opera.

I've read an article saying new flaws have been found within Firefox:

"Hackers have been able to exploit a critical flaw in Mozilla's Firefox browser. The Infostealer.Snifula programme installsTrojans that are then loaded at browser startup. The virus uses XPCOMS to install the Trojans."

Is it still safer than Internet Explorer or Opera? What can I do to protect myself?

The idea that Firefox is more secure than IE or Opera feels to me like somewhat of a fallacy. The origin of the message came from a CERT pronouncement that, due to the large number of IE flaws and Microsoft's not-always-sterling efforts to publicize and fix these flaws, recommended using another browser. The suggestion made was that Firefox was a more appropriate choice.

At the time of this announcement, and from my understanding based on some recent comparisons, that there have been fewer flaws discovered (emphasis on discovered rather than existing) in Firefox. This doesn't mean Firefox is more secure.

If you examine market share of the browser space, then IE still firmly remains the major player with approximately 80-90% of the market, depending on whose figures you believe. In comparison, Firefox has about 10-15% of the market share. If I am an attacker and designing a trojan or attempting to discover a flaw in a browser then, in order to maximize the effectiveness of that attack, I am logically going to target the application based on:

  • Ease of exploitation
  • Prevalence of the application
  • Highest return on investment

Therefore, most attackers seek out flaws and target attacks on IE browsers. If Firefox's market share grows then attackers will start to pay more attention to it and, I suspect, some more flaws may be discovered and exploited. This is a very simplistic overview but it highlights that making assumptions about the security of a particular application can be dangerous.

So what can you do to protect yourself? Well first, update. Make sure to the best of your ability that you and your organization use an up-to-date version of your selected browser. Chose a good anti-virus product and look at anti-spam and personal firewall products, like ZoneAlarm. Consider a regular scan of your environment/host for spyware/malware using one of a number of tools available on the market.

Here's the apparently simple and common sense stuff which is, sadly most often responsible for causing a breach: don't trust emails, downloads or applications where you are not sure of the sender or the content. When in doubt, err on the side of caution. Someone can always re-send you an email but it's a lot harder to get back stolen money or recover from an identity theft.

Dig Deeper on Linux servers

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.