Now this is why I dislike OSS. It's not the technical aspect - as it's normally excellent - it's the "community".
Every time MS update IE with patches it's "here we go again" and "more fixes from M$". Mozilla fix TEN holes in one go and the comments are "well would you rather them not fix it?"
The OSS myth has been broken. It's not any more secure just cause it's OSS. The worlds second most popular browser is FF and after hundereds of peer reviews of the source still haven't uncovered all the bugs. Yeah, IE is probably less "secure" (it's subjective), and I'm not saying that OSS is insecure at all - but for the last decade or more all you hear from Linux users is that closed source is insecure by nature compared to OSS. It's fucking not. More people have probably looked as the source of FF than paid developers have for IE7 - yet FF is still full of bugs. As is Safari (that's obvious as it's by Apple), as is IE.
The two faced attitude of a rather large and vocal users/admins/devs of OSS keep giving it a bad name. MS (sorry, "M$") patches "ha ha - it's so insecure and full of bugs. Move to OSS - it's so much more secure by default cause even you can look at the code". Yet the thousands of patches released for OSS applications (Linux, OpenOffice, Apache, PHP, MySQL, The GIMP, Pidgin, Firefox, Thunderbird) get silence from everyone other than a few such as Duncan and Solomon Grundy who dare to comment get replies of "don't you want it fixed?".
Oh - and the usual corrections: Stephen, IE7 does support automated reopening existing tabs from your previous session. Though I do agree that FF is great and was required if only to get MS to pull their finger out regarding updating IE6.
Matt, Dodgy, AC's, and Huw: When you refer to Mozilla patching straightaway rather than when they want to (implying MS), would you care to re-read the article which states it's going to take several weeks (implying months) to get the same fixes into Thunderbird...? SEVERAL WEEKS?! That would put it on par with MS right?
Firefox is great. It's kicking MS up the arse which was long overdue. Now we have IE7 which has new features for end-users (tabs, RSS builtin, Phishing filter etc.), and coming up soon (hopefully) we should get IE7 that's actually compatible with web standards - which MS are going to call "IE8".
But please OSS fans, take some criticism when a single, pretty small application has 10 security holes fixed in one go (5 of which are critical) - and then won't/can't fix the OSS mail client for weeks and weeks either.
It ain't bad, but it sure as hell aint' perfect either.