Asa Dotzler: Firefox and more

I think it is a bug, just not much of a vulnerability. (394075, maybe also 416318)

It's a design feature?

YEah, as jesse said, it is a bug, a flaw, but it's not terribly exploitable.

If your browser violates the sandbox - it has a flaw. I think it is irresponsible for an employee of the Mozilla Corporation to declare otherwise.

It might be considered a sub-optimal design but I certainly wouldn't call it a bug or a flaw. This kind of criticism is useful when it's fresh news. When it's stale news mixed with hyperbole and propaganda it generates more heat than light.

Hard-coded access to a single directory in which nothing of importance is kept is not a breach of the sandbox. It's more like a peak into a broom-closet which is adjacent to a public space. There's nowhere to go from the broom-closet and nothing of value inside it.

The aspiring security guy shouldn't be irrationally exuberant about his find. This isn't a noteworthy find, it's not an exploit or a vulnerability. He has nothing but hypothetical exploits. Also, declaring his preference for Opera only makes him look silly.

Any real security guy wouldn't be recommending proprietary software to run on a proprietary operating system as a means of securing yourself from the internet.

I trust the security of Firefox over Opera any day of the week because Opera's design is not subject to public audit.

@Paul I suggest you use open source firewall and anti-virus software for security as well because you wouldn't trust security software like spybot s&d, avg free or say windows defender.

And Opera is very much more cross-platform than FF is, its on loads of phones, as well as some obsecure operating systems. Sure its a proprietary engine, but a resource efficient one nonetheless.

Any real security person would use software on the server level regardless of the open source tagline.

I don't need a single browser which is trying to fill both niches - full feature set and resource efficiency.

Firefox is an important developer tool for me as a web developer. Firefox is the best browser hands down.

Also, Lynx is quite a snappy little browser and far more resource efficient than Opera.

If you're stuck in a job where you have to use proprietary software, you use what you have to on your server or workstation. Thankfully, I'm not in that position.

Dependence on proprietary software is a mark of mediocrity because proprietary software continues to lag behind free software in security.

Being an Opera fan-boy is especially poignant because you're evangelizing software which primarily serves those who developed it rather than those who use it. On top of that, Opera has very little market-share and an ax to grind against the only browser which is actually taking market-share from IE.

BTW, "open source" evangelism isn't my cup of tea. I promote free software.