August 30, 2004
Needed an excuse to buy a wsj online subscription?

This is the perfect reason to buy that WJS Online subscription you've always wanted: a feature story on the rise of Mozilla on the front page of today's business section.

Need further inducement? OK, how about this. Log on or buy today's print version of the WSJ to see the story in its full glory, including pictures.


Tech's Unlikely Comebacks
Mozilla Nips at Microsoft
In Market for Web Browsers
By Promising Fewer Glitches
By ROBERT A. GUTH and DAVID BANK
Staff Reporters of THE WALL STREET JOURNAL
August 30, 2004; Page B1

A gang of Russian cybercriminals has helped accomplish what antitrust regulators couldn't: reduce Microsoft Corp.'s share of the market for Web browsers, if even just a bit.

Millions of computer users this summer tried to avoid an attack by computer hackers in Russia by installing free software from the Mozilla Foundation, a nonprofit corporation in Mountain View, Calif. July marked the first time since Microsoft vanquished Netscape Communications Corp. in the "browser war" of the late 1990s that the software giant's share of the Web-browser market fell.

It was a sweet moment for Mozilla's ragtag group of programmers. Many of them are veterans of Netscape, the onetime icon of the Internet that was absorbed, first into America Online and then into Time Warner Inc. A federal appeals court confirmed that Microsoft acted illegally in the browser war, but a settlement with the U.S. Department of Justice has had little effect on the company's dominance. Microsoft still holds about 93% of the browser market, down from 95% in June.

Mozilla and other makers of alternative browsers have found a chink in the software giant's armor: Concern about software security is high enough that a mass of people will stop using Microsoft products if they have a viable alternative. Those concerns were validated by the Department of Homeland Security's computer-security team, which recommended in July that personal-computer users switch to Web browsers that aren't subject to the barrage of attacks aimed at Microsoft's products.


At Boston University, Michael Krugman, executive director of information technology, in July recommended that 40,000 faculty and students replace Internet Explorer with Mozilla's browser, called Firefox. "I'm a very appreciative beneficiary of Microsoft products and services," Mr. Krugman says. "But the ultimate consequence of the world having only one operating system or one Web browser is nothing short of cataclysmic for both consumers and producers."

Such converts are shining a spotlight on Mozilla as the next grass-roots challenge to Microsoft's dominance in PC software. Like Linux, an increasingly popular operating system aimed at supplanting Microsoft's Windows, Mozilla is distributed as "open source" software, which means users can modify parts of it, and it is made by a loose-knit community of programmers.

Mozilla is one of several open-source browsers, which include Opera from Opera Software in Oslo. Some PC users are also switching to Apple Computer Inc.'s computers and Apple's Safari browser to avoid attacks.

One reason these alternatives fare better against attacks is that they are installed on far fewer computers than Microsoft's wares, making them a less juicy target for writers of viruses and spyware. Also, Mozilla Foundation members argue that certain methods of open-source development and bug-tracking make Mozilla software inherently stronger than Microsoft products. Last week, however, researchers identified a software flaw that affects Mozilla, and more are sure to emerge. (Mozilla plans to release the next version of its browser this week.)


The surprising resurgence of browser competition along with the growing concern about viruses and attacks has Microsoft on the defense. Although the shift from Internet Explorer thus far is slight, Microsoft is taking pains to make its browser more secure. A year ago, it revived its Internet Explorer product team, which had been absorbed into other operations after the victory over Netscape.

Microsoft is also mulling whether to accelerate the release of a new version of its browser. The current plan is to time the upgrade with the release of Longhorn, the next version of Windows, but that's not scheduled until 2006. (See related article2.) "Any time you have people who were your customers decide they don't want to be your customers, then that's a reason to be concerned," says Gary Schare, a director in Microsoft's Windows group.

Mozilla's programmers have labored mostly in obscurity since their project began in 1998. Early versions of the group's browser were panned by reviewers.

The project's fortunes began to change in July 2003, when Time Warner contributed $2 million and spun off the team as an independent organization. Now, the Mozilla Foundation coordinates hundreds of programmers around the world who contribute code and fix bugs in Firefox and other open-source Internet software from Mozilla, such as an e-mail package called Thunderbird that offers an alternative to Microsoft's Outlook.

A redesign of the browser earlier this year drew positive reviews. The timing was fortuitous: In June, Russian hackers harnessed several low-level flaws in Internet Explorer to take control of thousands of PCs to launch spam and steal credit-card numbers.

Downloads of Firefox leaped, helping lift the number of requests for downloads of all Mozilla software to 10.8 million in June, more than double the previous month's figure of 5.2 million. In July download requests hit a high of 14.6 million, according to statistics from Mozilla.

Mozilla's gain appears to be Microsoft's loss. In June, 95.48% of Web surfers used Internet Explorer, according to WebSideStory Inc., a San Diego technology analysis firm that tracks visitors to Web sites. Internet Explorer's share dropped throughout July and stood at 93.84% as of August 20.

"It's the first sustained decline in (Internet Explorer) browser market share that we've ever tracked," says Geoff Johnston, a WebSideStory analyst, who adds that Mozilla accounted for the bulk Microsoft's decline.

Microsoft helped provide an opening for Mozilla with what critics say was a lax response to Internet Explorer's security flaws. Last year, the company issued a warning for one vulnerability, but then waited as long as 10 months to respond to several other reported bugs. The flaws that were used together to create June's "Download.ject" worm seemed too insignificant on their own to fix immediately, say members of the Internet Explorer team. Microsoft, after all, had planned to release a major security upgrade to Windows XP in August that would include the most important software fixes for Internet Explorer.

"We were aware of a bunch of disparate small steps that an attacker could make but no one of which was genuinely bad or threatening," says Dean Hachamovitch, the head of Microsoft's Internet Explorer team.

On the day the worm hit, Mr. Hachamovitch, on vacation in New York, got an urgent call from a co-worker at Microsoft's Redmond, Wash., headquarters. The message: "The world is melting. I think you need to come back."

Internet security experts, law enforcement and Microsoft's security team were able to quickly block the source of the attack -- a server computer in Russia -- but Microsoft didn't have a single fix for the browser problem. Instead, over the course of a month, it issued a series of fixes and measures that computer users could take to guard against the worm.

Some customers chose to switch from Internet Explorer altogether. Jenny Zhang, a 20-year-old student, says her PC was wiped out five times over the past two years by viruses. Co-workers at the San Francisco nonprofit where she works recommended Mozilla. "People from work were telling me that you don't get viruses when you use Mozilla," she says.

But Mozilla users have to accept other tradeoffs. Ms. Zhang says Mozilla seems to run "a little slower" than Internet Explorer and the browser doesn't seem to fully display some Web sites with many pictures. There are also problems with a Mandarin-language site she frequents; as a result, she still sometimes uses Microsoft's browser.

For Mozilla's programmers, the recent gains are sweet vindication. "After you've been crushed down to a tiny fraction of market share, you want to come back and take some turf back," says Brendan Eich, a former Netscape engineer who serves as Mozilla's chief software architect. "We're not necessarily going to get to 50% market share any time soon -- though we do aim high. But we are going to take what we can get.

"Mozilla is one of several open-source browsers, which include Opera from Opera Software in Oslo."

Opera is free (at least the ad-supported version), but not open-source.

This article confuses and blurs the Mozilla browser with the Mozilla Firefox browser. Firefox is new and is much faster and secure than the antique Internet Explorer. Mozilla is the browser that Netcape's current version is based on. It is slower than IE but still more secure. The pages that don't display 'properly' in these browsers are pages that aren't W3 compliant; they use non-standard Microsoft HTML. Any site that uses the W3 standards will display just fine.

Thank you, someone else has noticed this. I have made mention of this from time to time.

Micro$uck$ has grown to big for its britches. I no longer use IE as a browser. I uninstalled all I could. However in true Micro$suck$ fashion whenever you need a d/l of an update, guess what? IE reinstalls without so much asking if you want this or not. You never truely get rid of IE even if you unistall it. The desktop requires it to display, no IE equals no desktop, no icons, no start bar.

In typical fashion, the new sp2 has some of the same endearing features. Take their firewall for instance. You can not uninstall it. You can disable it but you can't get rid of it. If you work on network connections after turning it off, it will turn itself right back on. The miniapps that Micro$uck$ uses are nowhere near as good as 3rd party apps and a good portion of the 3rd party apps are freebees.

In two years, due to security flaws, I have lost a motherboard and had to rebuild a home network twice, including a low level format of every hd on every computer to clean the system out of what these "loving Russian programmers" produce.

There is not a spyware killer, trojan hunter, antivirus seeker, ip blocker, firewall, or other program that will hold these folks out. Once in, it starts to disable the rest of your security functions and then really goes to work.

One of the top champions in fighting these folks is from The Netherlands where he runs a site dedicated to removing such malware. Every time he successfully develops a tool to kill one of these darlings, he suffers DoS attacks that take his site down, denying help to many that would be able to fix some of these problems. It has now reached a point that it is all but impossible to design a tool to remove these malwares as they no longer use fixed names. Rather they generate random names every startup so that it is never the same name twice for a long period of time.

Micro$uck$ is directly responcible for the hacking, identity theft, financal loss, spam, popups, viruses, trojans, worms and the like affecting each member that reads this site or any other on the net that uses its products. It has always been more concerned with getting all the money, killing competion so that a computer user has no choice in what they use, and ignoring its basic faults. The end of the matter would be to work on security till it has a reasonable secure enviroment for a software or to build a new OS with this in mind from the scratch. They have taken your money, in fact everyones money that uses windoze, but have not given you what they charge you for. Given the holes in the OS they charge a lot.

When this problem gets bad enough, our law makers are going to look around one day and say we have no security, why? In the end they are going to finally reach the conclusion that Micro$uck$ is in violation of anti-trust and it is the only reason it has gained the level of usage it has. Many are trying that and have tried that, only to be kept at bay by the army of lawyers Micro$uck$ keeps on hand. Doesn't change the facts nor the reality. It is time for Micro$uck$ to face the same thing that the oil companies did in the past. That of being broken up and becoming diverse.

I here use Mozilla as well as firefox they do seem much faster than the old IE browser. will continue to use those forget IE.

I don't use Mozilla, I use Firefox, and Thunderbird. I also tried MyIE2, but I just didn't like it.

http://news.com.com/2010-1071-281588.html?legacy=cnet
argues for open source really well..