handyfloss

I am shocked to read this article in El Pais, regarding yet another bug in Internet Explorer, for which there is no official patch as of now.

What shocks me is that, in the same line, they go bash Firefox because “it also has its issues”. The example they give is the following: a guy browses to some date-finding web pages, instructing the browser not to save the passwords. Next, his girlfriend uses the same computer, but from her account, to surf the web (with Firefox), and apparently, when setting herself some password-related options, she comes across a list of sites that had the option “Do not save the password for this site”… the sites her boyfriend had visited. Result: a) they split up, and b) a bug gets reported (by the woman) to Firefox, regarding a user privacy breach.

Now, the reputed bug consists in the fact that the privacy settings (list of sites for which passwords are and are not saved) for a user (the guy), was supposedly accesible for another one (the gal). This would indeed be a security hole, and worth a big fat bug warning.

However, this was not the case. First, what seems to have happened is that the guy actually used her gf’s account to surf the web (when he set up her account), so there you are.

Second, they were running Firefox under Windows. If somehow the private settings of one account were accesible by the other one, it would be Windows’ fault, not Firefox’s. When running under, e.g., Linux, the privilege separation of users would not allow for that, no matter how wickedly wrong Firefox would have been made!

In short: the journalist reports a grave bug of Internet Explorer (product of Microsoft), and then tries to level the MS/Open Source battlefield by charging Firefox with another “bug” that is either due to user incompetence, or the OS’s fault (Windows, which is a product of… yes, Microsoft again). In my view, it’s a 2-0 victory for Firefox/Open Source movement, trying to pass as a 1-1 draw for IE/MS.