Firefox Security

Firefox simply handles security differently from Internet Explorer. Where Internet Explorer uses security zones, which can sometimes be confused by malicious software, Firefox does not rely on zones. Also, Firefox doesn't use digital signatures, which are verifications programmers can purchase. If you try to install software on your computer, Internet Explorer checks to see if the digital signature matches the actual vendor of the program. Peter Torr, a program manager at Microsoft, pointed this out as a serious flaw in Firefox's security. However, a digital signature doesn't guarantee safe software, either. It just means that someone paid for the signature, and there have been cases of fraudulent signatures being issued.

ActiveX controls present another security issue. ActiveX is built into Internet Explorer and allows certain Web sites to automatically download scripts or execute small applications. While the absence of ActiveX in Firefox does mean that some sites will not be viewable, it also closes many security holes; in this case, Firefox chooses security over functionality.

Firefox 3.5 offers several other security enhancements. Clicking on the favicon -- that small image at the left of its URL in the Awesome Bar -- will tell you if that site's identity can be verified. In addition, Firefox now offers anti-phishing and anti-malware protection. If you visit a site that may attempt to install spyware, a Trojan horse or worm on your computer, Firefox will give you a warning and even provide you with a reason why it's not safe to visit that site.

Firefox 3.5 offers several other security enhancements. Clicking on the favicon -- that small image at the left of its URL in the Awesome Bar -- will tell you if that site's identity can be verified. In addition, Firefox now offers anti-phishing and anti-malware protection. If you visit a site that may attempt to install spyware, a Trojan horse or worm on your computer, Firefox will give you a warning and even provide you with a reason why it's not safe to visit that site.

Another aspect of Firefox versus Internet Explorer security is the fact that Firefox is an open source program. This means that anyone can access the code in which the program is written. That might sound like a bad idea, because you're giving potential hackers access to the code; but in fact, the opposite is true. There are far more people who want to close security holes than there are hackers who want to exploit them. Having thousands of people looking over your code and helping to spot problems means that most security flaws will get fixed very quickly. In fact, the developers of Firefox even offered a "bounty" of $500 and a t-shirt to anyone who successfully spotted a bug in the program.

In 2009, a new version of the Firefox browser appeared. We'll look at how the browser changed in the next section.