News Stay informed about the latest enterprise technology news and product updates.

Security Blog Log: Burning about Firefox recruitment

This week, a security blogger frowns on an independent group's efforts to force IE users onto the Firefox bandwagon. Plus, an international fight over identification cards.


The Firefox faithful are stepping up the search for converts, and all the Internet Explorer (IE) security holes Microsoft has scrambled to plug in recent weeks have probably helped the cause.

But one security blogger is frowning on the latest efforts of one pro-Firefox Web site, adding to the ongoing debate over whether Firefox would become as threatened as IE if enough people were using it.

Web developer Sid Karunaratne took the Explorer Destroyer Web site to task in one of his SecuriTeam blog entries this week after it suggested that Web developers use a range of aggressive tactics to make people switch to Firefox.

About Security Blog Log

Senior News Writer Bill Brenner peruses security blogs each day to see what's got the information security community buzzing. In this column he lists the weekly highlights. If you'd like to comment on the column or bring new security blogs to his attention, contact him at

Recent columns:
Man of God, man of ID theft

Yahoo's click-fraud problem

Nash, still at helm, addresses IE fixes

The Explorer Destroyer Web site was created by four self-described open source advocates from Worcester, Mass. The site offers free scripts that Web developers can put on their sites to encourage IE users to switch to Firefox. The scripts detect visitors running IE and try forcing them onto the Firefox bandwagon by either showing them a splash page telling them to switch or by putting a big pro-Firefox banner at the top of the page.

Today a number of Web sites won't display or function properly unless the Web surfer is using IE. The Explorer Destroyer team hopes its approach will lead to more sites that only work using Firefox. There's even a financial incentive. The group cooked up a deal with Google where the search giant will pay $1 for each new Firefox user recruited.

"Now you can advance your ideals, save people from pop-ups and spyware hell, and make some serious money," the Explorer Destroyer site said. "Millions of people have heard about Firefox and are ready to switch -- all they need is a friendly push. That's where these scripts come in. They're specially formulated to give just the right push, maximizing souls saved and dollars for you."

The whole concept is silly as far as Karunaratne is concerned. For starters, he asks in his blog entry, "If everyone used Firefox then what's to stop that [from] being the next IE?"

Furthermore, he said, no one browser should dominate. There should be an "even spread" of browser use because it would encourage Web developers and browser providers to maintain high security and functionality standards and speed up browser improvements. "All the various companies would have to constantly improve their browsers to maintain their use base," he added.

Karunaratne compared the Explorer Destroyer effort to a South Park episode where the people rebel against Wal-Mart and burn it down. Then they all shop at a local shop and turn it into the next Wal-Mart, repeating the whole process.

"I'm all for people saying how bad one thing is and promoting another, but to me this seems too far," he said. "They go as far as saying that Firefox has to quickly gain users so that IE 6 users don't switch to IE 7 and stay with it." In his opinion, IE 7 is a good browser that fixes a lot of issues people hate about IE 6.

And regardless of which browser is safer, he said, people are smart enough to choose their own Web surfing tool without being influenced one way or another.

ID cards run into opposition
Moving to another topic, the Identity Theft Spy blog had an interesting item this week on how a group called No2ID is on a crusade against the ID cards the British government wants to issue.

"It's an unavoidable fact that technology has crept into every aspect of our day-to-day lives, so it's no big deal that the U.K government wants to issue identity cards that will carry biometric and other personal information about the holder [that] can be used to conduct financial transactions and apply for public services and benefits," the blog said. "The data on the card will also be stored in a national identity register in a measure that will help prevent identity theft and fraud."

But, Identity Theft Spy noted, No2ID is trying to persuade people to avoid taking part in the ID card scheme by using potential privacy and technical loopholes.

With the government planning to use the renewal and application of passports as opportunities to collect data for the cards, the blog said that No2ID is asking the public to renew their passports in May, regardless of their expiration dates.

The registry is expected to be up and running sometime in 2008, and No2ID national coordinator Phil Booth hopes that if 20,000 to 50,000 additional people renew their passports in May, the campaign will make its point since the renewals will happen just as the passport office is preparing for the busy summer period.

Dig Deeper on Penetration testing, ethical hacking and vulnerability assessments

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.