FUD Flows Both Ways at Mozilla Corporation
Whenever a report is released that says something positive about Microsoft the open source world rises up in anger and announces it is FUD – Fear, Uncertainty and Doubt – or even just plain lies.
It is inconceivable to them that one of the largest software companies in the world could get something right, even though they have an impressive and industry standard lineup of software – Exchange, Office, SQL Server etc. Ironically a lot of open source software aspires or is created specifically to counter Microsoft titles.
Late last year Microsoft sponsored a comparison between Internet Explorer 7’s anti-phishing capabilities, which found it to be better than Firefox’s. This is no surprise – often when Microsoft sponsors a comparison the results are found in their favour.
The surprise is that Mozilla sponsored a comparison as well, that showed their results are not just better, but significantly better.
The Microsoft report
The report can be read in full here, with reviews here, here and here.
Generally unbiased, it found that both Microsoft and Google (Firefox uses Google for their anti-phishing feature) got no false positives and were both pretty good, with Microsoft being a little better. The runner up was Netcraft’s toolbar which scored only slightly less than Internet Explorer 7.
IE 7.0 ended up with a score of 172, only four ahead Netcraft’s toolbar which scored 168. Google/Firefox was a distant third with 106, eBay fourth on 92, Earthlink ScamBlocker fifth on 76, GeoTrust Trustwatch sixth with 67, Netscape 8.1 seventh with 56, and McAfee SiteAdvisor coming in last place with an almost useless 3.
The Mozilla report
I had to double-check this when I first read it because it didn’t make sense. After re-reading it and doing some Googling I realised it was correct, but it still didn’t make much sense.
The Mozilla-funded comparison found that the Firefox/Google combo for anti-phishing was not just better, but significantly better than Internet Explorers.
You can read various reviews of their findings here, here, here, here and here.
Essentially they found that
- Mozilla’s anti-phishing detected slightly more than Internet Explorer’s in that test – 79% vs 66%
- Mozilla’s anti-phishing detected significantly more than Internet Explorer when IE’s phishing detection is turned off.
Huh?? Their phish-finding works better than Microsoft’s when Microsoft’s is disabled.
Well “duh”.
Firefox also loads pages faster than Internet Explorer when IE is “closed”.
The Mozilla funded report talks a lot about this “local list” without actually explaining what it is. It’s a list of known phishing urls that is updated twice hourly. Just using the local list means you’re just using a list of known-to-be-evil urls that is at most 29 minutes, 59 seconds old. Compared to Internet Explorer which compares the url to a remote database in real time, which Firefox also offers.
The real results?
By averaging out the two reports maybe a better figure can be found?
- The Microsoft report gave IE 7 a score of 172 out of 200. That’s 86%
- The Mozilla report gave IE 7 a score of 66%
- The Microsoft report gave Google/Firefox a score of 106 out of 200, 53%
- The Mozilla report gave Google/Firefox a score of 79%
Internet Explorer got an average score of 76%, while Mozilla got an average score of 66%.
While that’s a noticable difference it suggests pretty clearly that both browsers have made impressive first-steps in their efforts to combat phishing. Is one better than the other? I don’t know. What I do know is that Mozilla funded a report that used a ridiculously uneven playing field, and from that I must conclude that they’re retarded.
Cynically Speaking 
Leave a comment