I’m back with more critique for Deb Shinder (who for one reason or an other doesn’t allow commenting on her blog, so I can’t directly post there). Read part one (Biometrics is not the answer!) and part two (Three letter acronyms don’t provide good security!) for more opinionated posts.
The post I’m talking about is Is Firefox less secure than IE 7?. First a little disclaimer: I may be biased in this matter (but who isn’t) as someone who’s been using and loving FireFox since version 0.9. The sentence I have the most issue with is the following:
Firefox alone in recent months has had more exploits than Windows XP and Vista combined (yes, I should complain to George Ou for this one, and be sure that I will). People please try to limit ourselves to useful and meaningful information instead of trying to construct bogus and meaningless statistics to prove our points. If we have biases, lets come out and share them (like I did earlier) and lets try to compare apples to apples and oranges to oranges. This quote was insulting to the intellect of your readers (who are smart enough to realize that within MS there are different teams working on different products and they are so separated that you could almost call them a company withing a company). It is as if I would say that:
IE had more vulnerabilities than there were full moons in 2006, so it is bad.
To finish up with an other statistic (again biased, but at least it is clear from the context): during 2006 Internet Explorer was vulnerable for 286 without a patch being available (78%) and Firefox for 9 (2.5%)