Firefox

Two articles recently surfaced amid the wave of information that deluges me daily, and both were regarding the extension of Group Policy—a key feature of Active Directory—into areas that were previously untapped.

First, there came the announcement of the FrontMotion Firefox Community Edition, a version of Firefox that is deployable and configurable via Group Policy in Active Directory.  With this build of Firefox, organizations can deploy Firefox and centrally manage Firefox settings via Group Policy, much in the same way that organizations can centrally deploy and manage Internet Exploder, er, Explorer.  (Sorry about that.)  Given that the lack of central configuration control over Firefox is one key sticking point to many organizations deploying Firefox en masse, this is good news.

Second, I saw the announcement of Group Policy for Mac OS X, from Centrify and their DirectControl for Mac OS X product.  DirectControl extends Group Policy to allow Macintosh-specific settings to be controlled centrally via Active Directory.  In addition, it also provides single sign-on (SSO) to Active Directory from Macintosh systems.  Of course, we know that we can achieve SSO to AD from a Mac today without DirectControl, but DirectControl also gives us the Group Policy functionality as well.  As a side note, it’s also worth mentioning that Centrify offers DirectControl for Samba (enabling Windows users to seamlessly authenticate to UNIX Samba shares), DirectControl for VMware ESX Server (for automatic provisioning of ESX Server accounts; not terribly useful in deployments using VirtualCenter), and DirectControl for ADFS (Active Directory Federation Services).  Pretty neat stuff, although I haven’t had the chance to see it in action yet.

These announcements show that independent software vendors are now becoming comfortable and knowledgeable enough about Active Directory to begin building these kinds of add-on products to extend the usefulness of Active Directory to non-Windows platforms.

Mozilla released Firefox 1.0.5, which patches a number of security vulnerabilities.  You can get more information on the release here or by visiting the Mozilla.org web site.

In addition, more information has been revealed about Firefox 1.1, the next version of the open source web browser.  An alpha version of Firefox 1.1 could be ready within just a few days.

If Mozilla can continue to innovate with Firefox and address my two primary concerns—ease of deployment and distributing security updates—then they will continue to steal market share away from Internet Explorer.  If nothing else, Mozilla will at least force Microsoft to be competitive again, and that is a success in and of itself.

Mozilla is also updating Thunderbird, the companion e-mail client to Firefox, and that update is expected to be available soon as well.

A couple of articles are highlighting a recently uncovered security flaw in Microsoft Internet Explorer–this article from eWeek and this article from ComputerWorld, both of which reference this security advisory from Microsoft.

The fix is to set the Security Level for the Internet Zone to High, which disables the functionality required for the exploit to work.  Unfortunately, it also disables a lot of other things that non-malicious sites use, so this workaround will affect your ordinary browsing experience.

My recommendation is to switch to Mozilla Firefox.  While Firefox was shown to be vulnerable to a recent spoofing flaw (this flaw also affected IE, Safari, Camino, etc.), it’s still better than IE’s security record.  And, yes, for those of you out there who are yelling at your computer screens right now:  I know that you probably believe that Firefox is only more secure because there are fewer people using it.  Perhaps that’s true, but the end result is that it’s more secure.  Isn’t that what we are seeking to achieve?