Peter Torr on his Blog examines the secuitry with Firefox, particulary signed (or lack of) software installs. He does raise some interesting points throughout the article right down to simple default choice when installing unsigned extentions.MozillaZine (where i originally found the article) has said that IE is better at preventing accidental installations of malicious code in some situations but the Extention mechanism is trickier to exploit. Be sure to read the MozillaZine article as it goes on to mention the Slashdot discussion which lead to a follow-up post by Peter