Every day it seems I hear of some new exploit or vulnerability
in Internet Explorer. Several of my friends have suggested I switch from IE to
this other browser they claim is more secure: Firefox. Will I be safer if I
Maybe. It really depends on how secure you are to begin with.
But before you switch it’s worth understanding what you are and are not
getting and what you’ll still need to do.
Become a Patron of Ask Leo! and go ad-free!
I actually run Firefox. It’s a fine
internet browser, and works very well on 99% of the web sites I visit. Like
many of the IE alternatives, it actually does a better job of implementing the
various HTML standards than IE does. Unlike IE, it’s in active development,
which means that features are being added, and bugs are being fixed on a
Firefox works well.
If you do switch, you’ll still need Internet Explorer at times. Not
surprisingly, several Microsoft sites, including Windows Update, require Internet Explorer to work. In addition,
many sites are “optimized for Internet Explorer” often whether they know it or
not, and they take advantage of IE-specific quirks, extensions, and features not
supported in other browsers. The result is that some sites just won’t look the
same in browsers other than IE.
But what about all those exploits?
In my opinion, IE is an “ok” piece of software; it’s better than some and worse
than others in terms of overall quality and security. Certainly the news would
have you believe that it’s a total disaster and security nightmare, but I
disagree with that strenuously. I believe IE (and in general Microsoft) is a
victim of its own success.
All software has bugs. Period. It’s a fact. IE has bugs, Firefox has bugs,
and some of those bugs are certainly security related.
Pretend you’re a hacker. You want to cause some trouble, and gain a little
notoriety – do you look for exploits in the product that 85% of people use
(that’s Internet Explorer, by the way, though market share is falling), or the
one that perhaps 10% of people use (Firefox, who’s market share is growing)?
Obviously you want the bigger bang for your hacking buck, and you’ll target the
bigger crowd – the crowd using IE. Couple that with a strong anti-Microsoft
sentiment in the hacking community, and you can see that the number of times IE
gets exploited actually says more about the number of people trying and
nothing about the relative quality of IE versus alternatives like Firefox.
Regardless of their relative merits, IE will be hacked more often simply
because it’s a bigger target. And as I said, I believe the same is true
for Microsoft software in general.
Should you switch? Well, as I said earlier, it depends on how secure you
already are. If you’re doing the right things already:
- you run up to date anti-virus and anti-spyware software with regularly
- you have auto-updates enabled, or you regularly visit Windows Update
- you’re behind some kind of firewall
- you general visit only “safe” websites
- you don’t download things you don’t trust or open email attachments you
you’re probably just fine with IE. The fact is, you should be doing all
those things even if you’re running an IE alternative.
However, if you want a little more protection and if you want to make yourself
a little less of a target, then by all means, Firefox is a great
Yes, I have all those things, and I run Firefox. Why? Mostly to become
familiar with it enough to write articles such as this. I also happen to like
tabbed browsing (also available for IE via some add-on products), and appreciate
some of the add-ons that are available for Firefox. However my wife, who is
probably a more typical computer user, has been using IE for years without a
single incident. Not one.
So absolutely, use Firefox if you like. But you don’t have to, and if you
do, you shouldn’t let it lull you into a false sense of security either.