On mySimon: Cat Mate C20 Automatic Pet Feeder
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 1 of 155:
Next »
Statistics explanation
However, when client honeypots with these browsers surfed to a list of about 30,000 known exploit servers, the URLs that resulted in a 0.5735% of successful compromises of Internet Explorer 6 SP2 did not cause a single successful attack on Firefox 1.5.0 or Opera 8.0.0.

I don't understand what that statistic means. If these were 30,000 known exploit servers, shouldn't there have been a 100% compromise rate?

Also, what were the client machines? Were they all configured the same or was this a sample of actual users on the Internet who happened to be using IE6 SP2? If these were actual users and it turns out that only 0.5% of IE6 SP2 users who naviated to a known exploit server were compromised, it certainly blows away the frothing at the mouth claims of "you are 100% certain to be compromised if you use IE6" from the ABMer zealots.

It would also be interesting to know what kept the 99.5% of IE6 SP2 users safe even while they were surfing to known exploit servers. If the only difference between the 99.5% and the 0.5% was that the 99.5% had auto updates on, then this study would suggest that IE6 SP2, combined with auto updates, is actually a fairly safe way of surfing the Internet. Not the safest, no, but nowhere near as bad as certain people (with blatant anti-MS agendas) would like to suggest.

Oh, and I use Firefox so I'm certainly not biased in favor of IE. I'm just curious exactly what that statistic meant since it wasn't very well explained.
Posted by: NonZealot   Posted on: 08/27/07 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Statistics explanation  NonZealot | 08/27/07
Read the Full .pdf  jfp | 08/27/07
Thanks, I missed that link  NonZealot | 08/27/07
Finally. A valid and insightful post. thanks  xuniL_z | 08/28/07
Concise analysis...  JCitizen | 08/28/07
Great Analysis  dbucciar | 08/28/07
"no conclusions can be made"  Ole Man | 08/28/07
IE has some systematic holes not shared by Firefox,  Resuna | 08/28/07
Explination Was Clear They're Compairning Old Corrupt Browsers  IceTheNet@... | 08/28/07
Oh Boy, here we go  Shelendrea | 08/27/07
Or it could happen that  xuniL_z | 08/27/07
Hmm?  zoroaster | 08/27/07
Don't know anything about IE6/XP  Azriphale | 08/28/07
Yes.  xxn1927 | 08/28/07
Another ~strange~ thing  Ole Man | 08/28/07
Lies... Damned Lies... and Statistics.  sbarman | 08/27/07
This info is of no use whatsoever...  BitTwiddler | 08/27/07
Close...  justanitguy | 08/27/07
There is no Firefox 1.8  Greenknight_z | 08/28/07
True but wasn't there a 1.7 for about a week before 2.0 came out?  maldain | 08/28/07
No.  Joel R | 08/28/07
Wonderful Post  spam_here | 08/28/07
Raisin confusion  Khun_Tilt | 08/28/07
Almost there...  mharr | 08/28/07
Why?  Antagonist | 08/29/07
So right  bonchi74@... | 08/27/07
FireFox with NoScript  Chad_z | 08/27/07
yet another microsoft spammer.  xuniL_z | 08/27/07
Right  Jambalaya Breath | 08/28/07
Sandbox it!  D. T. Schmitz | 08/27/07
They could also use ....  mrlinux | 08/27/07
SandboxIE also has a version for Firefox  NBSF | 08/28/07
Apparmor is a part of the next (k)ubuntu  tombalablomba | 08/27/07
Good News!  D. T. Schmitz | 08/27/07
I thought Apparmor was Novel Proprietary?  ITdaized | 08/28/07
From the Wikipedia link posted above  Azriphale | 08/28/07
Proprietary? Nope! AppArmor is FREE--I wouldn't kid you!!  D. T. Schmitz | 08/28/07
...or IE7 on Vista  mharr | 08/28/07
True...  D. T. Schmitz | 08/28/07
Precisely the way Unix systems (Linux, etc.) have been from the begining!  cheesyone | 08/29/07
Imitation is the sincerest form of flattery  over2sd | 10/19/07
Security is like sex.  Resuna | 08/28/07
Very crude analogy  D. T. Schmitz | 08/28/07
Stop quoting w3schools  nanobot@... | 08/27/07
One thing...  Azriphale | 08/28/07
The real fact is  No_Ax_to_Grind | 08/27/07
well...  zoroaster | 08/27/07
You are confusing email with web content/browsing.  B.O.F.H. | 08/28/07
2 points:  JDThompson | 08/28/07
Ok  KrUshPruF | 08/27/07
Safer by default  mlgoff_59 | 08/28/07
Exactly  Antagonist | 08/29/07
I don't care about that image. Firefox for me because IE is ugly.  D. W. Bierbaum | 08/27/07
Funny  itpro_z | 08/27/07
More power to you. grin  D. W. Bierbaum | 08/28/07
When all else fails...  xxn1927 | 08/28/07
Yeah  Antagonist | 08/29/07
We still use IE6 because...  Dr.C | 08/27/07
You dersparately need to stop using vertical market stuff (nt)  CobraA1 | 08/27/07
Sure  itpro_z | 08/27/07
Issue an ultamatum to your bank.  ITGuy04 | 08/28/07
That might work with local banks...  itpro_z | 08/28/07
Alot more still use ie6 because of:  Suicida| | 08/27/07
This was the first thing  Azriphale | 08/28/07
Another Reason  pj_mouse | 08/28/07
Oh I see  Antagonist | 08/29/07
The same thing happened when...  itpro_z | 08/27/07
IE7 incompatibilities  tmcsweeney@... | 08/28/07
Why was this article even written?  CobraA1 | 08/27/07
Excellent point-Why, Ryan?  justanitguy | 08/27/07
Doesn't take Rocket Science  frgough | 08/27/07
Why IE6/FF1.5?  JDThompson | 08/28/07
Yes-- why?  Carol@... | 08/28/07
You are absolutely correct  okpj | 08/28/07
Upcoming interesting articles:  martin_l_77084@... | 08/28/07
HA HA HA HA HA  Antagonist | 08/29/07
Agree  Paul4 | 09/12/07
IE 6 & 7  wsamuel3 | 08/27/07
Why would anyone buy a flawed app like that?  Suicida| | 08/27/07
That's a naive statement.  itpro_z | 08/27/07
IE or FX  swathingscientist | 08/27/07
Safari Is crap  Antagonist | 08/29/07
Uh? FF 1.5 ?? how about FF 2.0  Uralbas | 08/27/07
Ha, you puny ff and ie users.  kraterz | 08/27/07
All five of you?  soonerproud | 08/27/07
As Confucious put it...  ITdaized | 08/28/07
Well, duh...  PB_z | 08/27/07
IE vs FF  Gpa's | 08/27/07
1.5 was immediately updated.  davidsarmstrong | 08/27/07
IE vs FF with Vista  joep1701 | 08/27/07
Nice story for Opera.  Scrat | 08/28/07
FF with Adblock and no script  soonerproud | 08/28/07
Care to supply any evidence to that fact?  Scrat | 08/29/07
Opera faster?  Skullet | 08/28/07
Strange, when tested, IE7 seems to be slower. I guess YMMV...  Scrat | 08/29/07
The Best Damn Browser Period  allenhossler | 08/28/07
That's Nothing  rkuhn040172@... | 08/28/07
Doesn't matter. IE 7 is a mess!  scoobyJ | 08/28/07
Trainwreck??  Techknowledgie | 08/28/07
Apples with year old Oranges  paul.weis@... | 08/28/07
Where do the "known vulnerabilities" come from?  Matt.Fahrner@... | 08/28/07
Firefox has friends, Micro$ has competitors (read enemies)  dsilvia | 08/28/07
Firefox over IE  tefox@... | 08/28/07
I've been seeing that lately too  voska | 08/28/07
Flash problems on IE  soonerproud | 08/28/07
Known exploit sites??????  erm@... | 08/28/07
Adblock  soonerproud | 08/28/07
Whats weak is I use Fedora 6  astawerksdotcom | 08/28/07
First of all  ITdaized | 08/28/07
Install FF 2.0 maually from getfirefox.com. (NT)  soonerproud | 08/28/07
Outdated and missing the point  rolf.ernst@... | 08/28/07
Agree on 2 points  other_native | 08/30/07
Browser Security  pitchthunder@... | 08/28/07
Useless?  wrecker69 | 08/28/07
Honeynet Project Funding  chas@... | 08/28/07
Don't give away military secrets  Ole Man | 08/28/07
Agreed  erikmidtskogen | 08/28/07
What the...?  erikmidtskogen | 08/28/07
When software companies make it illegal to read their source code...  Absolutely | 09/08/07
IE vs Firefox  jtsylvanis@... | 08/28/07
FF2.x is better than FF1.5, incidentally.  Raymond Danner | 08/28/07
In other breaking news, Dinosaurs Die by the Millions!  critic-at-arms | 08/28/07
Because it's used so much  voska | 08/28/07
"Read the article: Firefox or IE? Strange answer to security question"  Absolutely | 09/08/07
IE takes forever to come up and crashes  chuck_gregory@... | 08/28/07
Fook Firefooks.  XweAponX | 08/28/07
Clueless  soonerproud | 08/28/07
Ignorant or a troll?  bmerc | 08/28/07
IE still sucks.  3dtodd | 08/28/07
huge tabs??  cymru999 | 08/28/07
Sure IE sucks  XweAponX | 08/28/07
You are incompetent.  Jambalaya Breath | 08/28/07
Wate of time!  John.Wilkinson | 08/28/07
(NT) Note: That was February 1st **2006**  John.Wilkinson | 08/28/07
Oh yeah, by the way...  aussiedawg | 08/28/07
This is news?  Ginevra | 08/28/07
Why all the down-thumbs?  mcc99@... | 08/28/07
apologies I see it was ie 6.....  cymru999 | 08/28/07
One overlooked point  Mitch 74 | 08/28/07
Again - Why was this article written?  kevster25 | 08/28/07
Deliberate decision  ds5929 | 08/28/07
about:config  soonerproud | 08/28/07
Twisted Argument  BillAlexander@... | 08/28/07
Article a bit convoluted  griz326 | 08/28/07
THIS IS LIKE NEIGHBORHOOD PROTECTION  BALTHOR | 08/28/07
keep up  atoronz@... | 08/28/07
Not all vulnerabilities are equal.  Resuna | 08/28/07
Why The Experiment was Unsuccessful  MasterJoe | 08/28/07
old and useless news  TiggerTom | 08/28/07
Now for some real facts  barry1936 | 08/29/07
Firefox Vs IE?  as901 | 08/29/07
Real Solution is Linux  despil | 08/29/07
Stupid study  Antagonist | 08/29/07
real world experience  boguscomputer | 08/30/07
turn off tabs???????????  rman56 | 09/10/07

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement
  • Smart Tech Expert advice on innovations in healthcare and the green technologies that make it happen. Find out more
  • Smart Business Discussion and advice on management issues that revolve around making your world smarter and more useful. More Smart Advice
  • Smart People The best and worst moves in the management and strategy trenches. Learn More