Browser Security Review
Page 1 of 4 123 ... LastLast
Results 1 to 10 of 31

Thread: Browser Security Review

  1. #1
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178

    Wink Browser Security Review

    OK all you browser fanbois get your teeth stuck into this:

    It is a test of certain aspects of browser security

    CARLSBAD, CA, Aug 13, 2009 (MARKETWIRE via COMTEX) -- NSS Labs, a world leader in independent product analysis and certification, today published its second round of live browser security tests. Two separate tests measured protection against phishing and socially engineered malware across 5 browsers: Apple Safari 4, Google Chrome 2, Mozilla Firefox 3, Opera 10 Beta and Windows Internet Explorer 8.

    Socially engineered malware is the most common and impactful threat on the Internet today, with browser protection averaging between 1% and 81%. Internet Explorer 8 caught 81% of the socially engineered malware sites over time, leading other browsers by a 54% margin.

    Safari 4 and Firefox 3 caught 21% and 27% respectively, while Chrome 2 blocked 7% and Opera 10 Beta blocked 1%.

    Phishing protection over time varied greatly between 2% and 83% among the browsers. Statistically, Internet Explorer 8 at 83% and Firefox 3 at 80% had a two-way tie for first, given the margin of error of 3.6%. Opera 10 Beta, exhibited more extreme variances during testing and averaged 54% protection. Chrome 2 consistently blocked 26% of phishing sites, and Safari 4 offered just 2% overall protection.

    Firefox 3.5 crashing issues prevented it from being tested reliably.

    The URLs sample set used in the test was representative of the phishing and socially engineered malware threats Internet users face every day. "In addition of comparing browsers among themselves, the test also benchmarked the browsers against cybercriminals," said Rick Moy, President, NSS Labs. "While the other browsers maintained or decreased protection between the two tests, Internet Explorer continued to improve its protection against cybercriminals." The full text and analysis of these and other reports on browser security can be found at http://nsslabs.com/browser-security.
    Enjoy!
    Last edited by nihil; August 16th, 2009 at 11:50 AM.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  2. #2
    Senior Member JPnyc's Avatar
    Join Date
    Jan 2005
    Posts
    2,734
    while I do admit surprise at the results, I have to point out that even 81% is not all that stellar. Still leaves plenty of room for infection.

  3. #3
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    I guess FF will need to change the whole

    The Firefox Web Browser is the faster, more secure, and fully customizable way to surf the web.
    statement then?


    Quick here come the FanBoy's...

  4. #4
    Junior Member
    Join Date
    Aug 2009
    Posts
    27
    I wonder if that's Firefox with any add-ons installed or just a vanilla installation. Out of the box, IE8 is more secure than all of them (and I'll admit that without a review), but with the addons installed (Ad-block, No-Script, etc), I think Firefox will give IE a run for it's money.

    And that's one thing which gives firefox a heads-up over IE8. The ease in creating, customizing, and installing addons for the browser. IMHO.

    Have a great day
    Patrick.

    This is typed in Firefox only because that's what opened the first time I checked the forums. Typically, I surf in IE8.

  5. #5
    Junior Member
    Join Date
    Aug 2009
    Posts
    27
    Also, here's Ars Technica's take on the report
    http://arstechnica.com/microsoft/new...ost-secure.ars

    It does skew the facts a little, that Microsoft sponsored the tests--although according to NSS Labs, it was Microsoft's Security Engineering Team that sponsored the tests as a way to foster improvement in IE8.

    My personal take is that IE8 is good, although on one of my systems I have nothing but problems with it (both on Vista and Windows 7 RC). On my other system it's doing a fairly good job -- although I haven't installed anything else to compare it with. And I don't use the third system enough to actually give an opinion about it. But, all three of my systems are running IE8 either upgraded or because they run Windows 7.

    Have a great day
    Patrick.

  6. #6
    Banned
    Join Date
    Jan 2008
    Posts
    605
    The ease in creating, customizing, and installing addons for the browser. IMHO.
    Except that all browsers have that. What Firefox doesn't have is process merging and crash recovery.

  7. #7
    StOrM™
    Join Date
    Aug 2004
    Posts
    1,003
    Why would they test opera 10 (which is in beta 3 now).. why couldn't they test the current stable version ?
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  8. #8
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    Quote Originally Posted by PatrickDickey View Post
    but with the addons installed (Ad-block, No-Script, etc), I think Firefox will give IE a run for it's money.

    And that's one thing which gives firefox a heads-up over IE8. The ease in creating, customizing, and installing addons for the browser. IMHO.

    Have a great day
    Patrick.
    Ie has similar offerings. Check out IE7Pro

    IE7Pro is a must have add-on for Internet Explorer, which includes a lot of features and tweaks to make your IE friendlier, more useful, secure and customizable. IE7Pro includes Tabbed Browsing Management, Spell Check, Inline Search, Super Drag Drop, Crash Recovery, Proxy Switcher, Mouse Gesture, Tab History Browser, Web Accelerator, User Agent Switcher, Webpage Capturer, AD Blocker, Flash Block, Greasemonkey like User Scripts platform, User Plug-ins, MiniDM, Google sponsored search,IE Faster and many more power packed features. You can customize not just Internet Explorer, but even your favorite website according to your need and taste using IE7Pro.
    And there is also an active userscript's also.


    There is a version coming out that will be more compatible with ie8, but this current version works fine under ie8, just need to have compatibilty mode turned on.

  9. #9
    Junior Member jake_ie8team's Avatar
    Join Date
    Aug 2009
    Posts
    1
    You can get the test results straight from NSS Labs at http://nsslabs.com/browser-security

    Also, the IE Blog had a post regarding thier malware protection last week - http://blogs.msdn.com/ie/archive/200...en-filter.aspx

    - Jake

    MSFT Internet Explorer Outreach Team

  10. #10
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,429
    You can get the test results straight from NSS Labs at http://nsslabs.com/browser-security
    ... as Nihil pointed out in his original post...

Similar Threads

  1. Network Security made easy?
    By Tiger Shark in forum Microsoft Security Discussions
    Replies: 5
    Last Post: January 14th, 2005, 07:47 PM
  2. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 07:01 AM
  3. CISSP Notes: Security Models: Access Control Models
    By MrLinus in forum The Security Tutorials Forum
    Replies: 4
    Last Post: October 11th, 2003, 03:22 AM
  4. Multiple browser timed document.write cross domain policy vulnerability
    By Szafran in forum Miscellaneous Security Discussions
    Replies: 1
    Last Post: September 7th, 2003, 09:41 PM
  5. 2002 * Linux Web Browser Review
    By E5C4P3 in forum Product / Book / Training / Conference Reviews
    Replies: 2
    Last Post: March 3rd, 2002, 02:24 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides