Browsing by default in IE means you're asking to be bent over as every helper app is
enabled by default.
Certificate store in FF for me is MORE secure since I have control over the folder &
the methods of protecting it unlike Windows store. Personally I store my FF profile
on a TrueCrypt partition and wish I could move more stuff I protect with EFS now to
there but much of it needs to be there at bootup which I am not getting with TC right
now.
Deploying FF is a bitch so far as I read for lack of branding apps & yes no GPO's
unless you write your own.
Greg Sevart wrote:
I use and like both. IE is my default, but I have an "Open in Firefox" menu
item configured in IE. I use FF for any website I consider suspicious. By
the way, IE7 under Vista with UAC enabled has proven invulnerable to a great
number of exploits. FF doesn't have a perfect security record either. That's
the nature of software development.
My biggest problems with Firefox:
1. It doesn't use the native Windows certificate store. On a Windows
platform, maintaining a separate certificate store is absolutely absurd (and
potentially insecure). This is especially a pain on intranet sites using
certificates issued by your own organizational CA. On a Windows domain, the
CA's certificate is automatically added to the computer account's trusted
root store.
2. I can't approve, install, validate, and report on patch status using
WSUS.
3. I can't control settings and values via GPO.
<snip>
