If your a student, XP is much cheapter.

well those aren't the default settings. to make ie that insecure you have to manually go in and change the settings.

i dunno i use linux i dont have those type of problems.

People with older hardware may not be capable of running XP, but they probably can run Firefox/Thunderbird. Now there's an indentifiable market to target.

FUD!

Asa: 'Note that he didn't say "if you agree to execute, install, or even download my program"'

No, he said "if your security settings are set low enough". You can make Firefox's security equally crappy if you go into about:config and turn off a bunch of security settings.

Andrew: "People with older hardware may not be capable of running XP, but they probably can run Firefox/Thunderbird"

But only "probably"... I recently installed Firefox for someone with an older machine with 96MB RAM, and it's hopelessly slow to load. You click the icon and nothing happens for about 20-30 seconds. Then bug 171349 (lack of Firefox icon) showed its ugly head. On my next visit I took Firefox off and put Seamonkey on instead, just for the quick launch which makes a world of difference.

They're going to be getting a new computer soon, but if Firefox is going to be of use to folks that can't run Windows XP, then more work is needed...

Don't forget about Antivirus- most people will stop updating once their version runs out. AVG is great. Plus an anti-spyware program too!

I don't understand, why do you recommend upgrading XP, not switching to Linux or *BSD? As a free software developer, you should at least have to mention it, as a solution, as I think. IE is crappy, but not so much, as you say it. No, I'm not an IE fan, but I created firefox.hu, but still don't agree with you. You have to set IE to low level security to not ask you about starting an application from the net. It could be a feature, not just a security hole, if IE wouldn't have so much bug inside. If we think that we don't like people FUDding about IE, we don't have to make postings like this!

I guess not recommending Linux or *BSD because if people are at a level where they can't figure out how to update Windows, then they probably won't be able to deal with changing their OS.

I'm not sure Firefox entirely solves that issue. If people don't update Windows, and don't update their anti-virus software, will they update Firefox? We don't even have a good auto-update system yet (hopefully that will be improved for Firefox 1.1)

You can download executable code, from the internet, using a web browser! OMGWTF?!?!?!!!!11

Teh s1/\5hd0t is sux0rs.

michaell said: "You can make Firefox's security equally crappy if you go into about:config and turn off a bunch of security settings."

Oh? What settings would those be?

To the best of my knowledge, the only remotely dangerous feature in Firefox is the XPInstall system, and that doesn't allow installations from random websites, only sites you specifically permit. It also doesn't run without intervention -- you *have* to click the OK button. And you can't easily click it by accident, because it is disabled for 3 seconds when it first appears.

If past debates that I've seen on this topic are any indication, your next point will be about security vulnerability bugs, since that's the only way Firefox can actually subject the user to the level of danger that ActiveX (at a low security setting) presents for IE users. But that's a completely different topic, isn't it? Comparing a (mis-)feature of IE to a bug in Firefox is rather disingenuous. If we compare features to features and bugs to bugs, Firefox's security is ahead of IE's by leaps and bounds.

I'm disappointed.
Nice FUD. :roll:

"Oh? What settings would those be?
...
XPInstall system... doesn't allow installations from random websites, only sites you specifically permit. It also doesn't run without intervention -- you *have* to click the OK button. And you can't easily click it by accident, because it is disabled for 3 seconds when it first appears."

You've answered your own question - there are config settings that will allow installations from any site, get rid of the 3 second delay, and change the dialog with the OK button.

"If past debates that I've seen on this topic are any indication, your next point will be about security vulnerability bugs, since that's the only way Firefox can actually subject the user to the level of danger that ActiveX (at a low security setting) presents for IE users."

It's not the only way. It's also possible for Firefox to subject the user to the same level of danger if you go in and turn off a bunch of security features. If you turn off the security features in Firefox and compare that with IE's default settings, then IE will have better security.

I don't see why my next point would have been security bugs - certainly Firefox has them, but that's an area where IE's history is much worse.

OK, name the settings and I'll admit that you are right. Though I will still hold that IE's single radio-button option is much more dangerous.

Maybe I'm lazy, but I find IE's security zones confusing. I either have to set things to absurdly high levels and be annoyed by nothing working or lower them to incredibly low levels and risk being infected all the time. When I finally get annoyed and try to setup some sort of custom scheme I'm presented with a dialogue that has far to many options organized in hard to navigate ways. That's where IE's security fails. The security features are there, but they're not easy to use. It's more of an interface problem IMO.

FF has done a good job of determining a default configuration that makes browsing usable and safe, and makes finding and changing options is a helluva lot easier than IE (about:config excepted... maybe).