Robert Downey
News
My Blog
About Me
My Thoughts
Resume
Code
Contact Me
How IE7 on Vista will Make Firefox Less Secure

I have a prediction.

I predict that when IE 7 on Vista starts to take significant market share (say, 30% or so), you'll start to see the attacks on Firefox increase dramatically. In other words, Firefox will become more and more dangerous to use as IE 7 on Vista gains market share.

I use Firefox because of what basically amounts to security through obscurity. Many people claim that Firefox is simply written better than IE and that is why it seems to have fewer security related incidents.

Indeed, Firefox at least seems to be more secure, having only 36 security related issues discovered since 2003, many of which were not particularly critical. (Versus a whopping 106 vulnerabilities for IE 6.x, many of which were critical.)

But that doesn't really tell you the whole story. The fact of the matter is that Internet Explorer is the best way to attack the largest number of computers. It's the single biggest attack vector into a Windows machine. The bad guys who want to install malware on the largest number of computers possible are going to target the OS with the most users (Windows) and the browser of choice for those users is still overwhelmingly IE 6.

It has long been my opinion that the more popular and widely used a piece of software, the more people are going to attack it for both glory and monetary gain. But every once in a while a technology will emerge that will essentially remove a particular attack vector from being feasible.

When Microsoft released XP SP2, the changes it made to ActiveX installation were enough, for the most part, to remove an entire genre of social engineering attacks by forcing the user to do just a few extra steps to install an ActiveX control. Of course this had little affect on the spread of malware. Malware distributors just started using buffer overflows and other types of exploits to install their software.

But IE 7 on Vista is different. For the first time a browser will run all the time with privileges  far below that of the current user. It's called Protected Mode IE. IE will not even have the ability to write to places that the current user can write to, such as the desktop or My Documents folder. Instead, and actions which required elevated privileges will have to be done through something like the Service Broker. The Service Broker is a small (only a few thousand lines of code) application that runs with the privileges of the logged in user and takes "requests" from IE to do things like saves files to the desktop.

The result is that you really only have to audit a small piece of code to guarantee that IE 7 can't do anything bad, regardless of the vulnerability in question. Buffer overflows won't have any affect on the user because even with that overflow, IE 7 doesn't have permissions to do anything bad.

This technique has already proven itself successful. Despite the fact that a recent vulnerability in the VML rendering engine was present in IE 7, a vulnerability that was completely unknown to the IE 7 team, it had no affect on users running IE 7 on Vista thanks to protected mode.

But once the malware distributors see a decline in their successful installations due to Protected Mode IE 7, they will want to make it up somehow. The obvious choice is to attack the guy who has 2nd place in the market share battle. Guess who that is.

So while dramatically improving Windows security by removing the primary attack vector, Microsoft will have made Firefox far more dangerous a browser to use.

Just my opinion. Only time will tell if I'm right.