|
|
|
|
|
|
by tptacek
870 days ago
|
|
|
(1) I think public exploit price lists are bullshit, and mostly about marketing, but directionally they consistently put Chrome >2x of Firefox. You can choose not to take that seriously. (2) The fact that people attack Chrome as a badge of honor is a reason to use it, not to avoid it. It's why exploits for Firefox would be cheaper. (3) I don't think my take is spicy at all? I haven't refreshed it in a few years, but when last I did, I don't think I talked to anybody on either side of browser security who felt that Firefox outclassed Chrome (I got a long, valuable Slack thread from a FF security person that I wish I'd saved that built a claim that FF was approaching parity with Chrome architecturally). I have spicy takes, to be sure, but I think I'm giving you a pretty mainstream take from software security land. (4) Even if you believed Firefox and Chrome (or Chrome and Safari) were at parity, it makes a great deal of sense to standardize browsers, for the reasons I gave previously. The right way to think of your browser "fleet" is as multiple single points of failure; diversity isn't helping you at all. This is one of those "put all your eggs in one basket and guard it" situations. I don't have any particular personal reason to love Chrome. I'm a Mac person, so I guess the best outcome for me would be for Safari to be perceived as the best browser. Certainly my batteries would last longer! Every couple of years I talk to people about what the landscape looks like; if I ever get different answers, I'll be sure to update my take. |
|
|