But here is the dirty little secret of browser security: Even if every Internet browser made today were completely bug-free, it wouldn't stop malicious hackers and malware. Why? Because the vast majority of successful malicious exploits today don't exploit buggy browsers, but rather unwitting end-users. That is, Web-based malware is successful because end-users are intentionally installing it! Most exploit code doesn't search for an unpatched vulnerability, but simply asks the user to install. - Roger Grimes, Infoworld "There is no magic fairy dust protecting Macs" - Dai Zovi, security researcher and co-author of The Mac Hacker's Handbook.
Spyware Sucks is accepting donations, with thanks.
Help us catch the bad guysUse Fiddler to capture evidence of browser hijackings
Get Safe Online will help you protect yourself against internet threats.
The site is sponsored by government and leading businesses working together to provide a free, public service.http://www.getsafeonline.org/
99.85% for Opera 8.x, 80.41% for Opera 7.x and 13.66% for Opera 9.x
See the news pane to the left of screen for the latest statistics.
I do not really understand why it is better to have all users (100%) of Firefox and IE using insecure installations while there is a pretty high number for Opera9 and a pretty low number of Opera7+8 using "100%" secure browsers.
It is misleading to call installations "with all vendor patches applied" to be not counted as being insecure while there are still unpatched vulnerabilities:
According to Secunia today:
Two less critical vulnerabilities are unpatched on 100% of all Firefox 2 systems
http://secunia.com/product/12434/
4 Less critical vulnerabilities are with 100% of all Firefox 1 installations
http://secunia.com/product/4227/
MS Internet Explorer 7 has 4 up to moderately critical unpatched vulnerabilities on 100% of all installations
http://secunia.com/product/12366/
100% of all installations of MS Internet Explorer 6 have 19 up to moderately critical vulnerabilities
http://secunia.com/product/11/
Opera Software managed to fix all known security issues back to Opera 7 and even Opera 5 and 6 have only one less critical unpatched Secunia advisory each. I think that's a really good security record:
http://secunia.com/product/10615/
http://secunia.com/product/4932/
http://secunia.com/product/761/
http://secunia.com/product/81/
http://secunia.com/product/82/
I'd wish to have some information about the methodology secunia uses with your findings. I'd appreciate an according link. Probably some of the not updated Opera installations are unused. Nevertheless I agree that the simple numbers of unpatched Opera systems are a very bad sign.
no comments possible??
Yes comments are possible until 90 days after an entry has gone live.
As for comments not appearing straight away, that is called "moderation", you know, that feature where Blog owners do not allow comments to appear without approval to stop comment spam..
ResearchWizard,
Your series of identical comments were all assessed, somewhat ironically, as being spam by the Community Server software.
Sandi,
thanks for the information and glad it finally worked. Could you please delete the superfluous comments. As there was no feedback by the software after submission of the comment I put the same comment again the next day with Opera and Firefox and again after your comment that comments are possible. I'd have expected the software to recognize duplicates or the moderator deleting duplicates automatically.
Sandi says: there is feedback - the page itself notes that a comment has been held for moderation after you hit submit, which you may not have noticed.
I should have thought about the possibility that the comment could be marked as spam: WordPress has a similar option activated by default (for the comment to wait for moderation).
I see no need to put this comment on the blog and increase the noise in your comments further . But feel free to do it anyway.
Christian