August 16th, 2009, 11:46 AM
Browser Security Review
OK all you browser fanbois get your teeth stuck into this:
It is a test of certain aspects of browser security
CARLSBAD, CA, Aug 13, 2009 (MARKETWIRE via COMTEX) -- NSS Labs, a world leader in independent product analysis and certification, today published its second round of live browser security tests. Two separate tests measured protection against phishing and socially engineered malware across 5 browsers: Apple Safari 4, Google Chrome 2, Mozilla Firefox 3, Opera 10 Beta and Windows Internet Explorer 8.
Socially engineered malware is the most common and impactful threat on the Internet today, with browser protection averaging between 1% and 81%. Internet Explorer 8 caught 81% of the socially engineered malware sites over time, leading other browsers by a 54% margin.
Safari 4 and Firefox 3 caught 21% and 27% respectively, while Chrome 2 blocked 7% and Opera 10 Beta blocked 1%.
Phishing protection over time varied greatly between 2% and 83% among the browsers. Statistically, Internet Explorer 8 at 83% and Firefox 3 at 80% had a two-way tie for first, given the margin of error of 3.6%. Opera 10 Beta, exhibited more extreme variances during testing and averaged 54% protection. Chrome 2 consistently blocked 26% of phishing sites, and Safari 4 offered just 2% overall protection.
Firefox 3.5 crashing issues prevented it from being tested reliably.
The URLs sample set used in the test was representative of the phishing and socially engineered malware threats Internet users face every day. "In addition of comparing browsers among themselves, the test also benchmarked the browsers against cybercriminals," said Rick Moy, President, NSS Labs. "While the other browsers maintained or decreased protection between the two tests, Internet Explorer continued to improve its protection against cybercriminals." The full text and analysis of these and other reports on browser security can be found at http://nsslabs.com/browser-security
Last edited by nihil; August 16th, 2009 at 11:50 AM.
August 16th, 2009, 02:00 PM
while I do admit surprise at the results, I have to point out that even 81% is not all that stellar. Still leaves plenty of room for infection.
August 16th, 2009, 02:12 PM
I guess FF will need to change the whole
Web Browser is the faster, more secure, and fully customizable way to surf the web.
Quick here come the FanBoy's...
August 16th, 2009, 06:30 PM
I wonder if that's Firefox with any add-ons installed or just a vanilla installation. Out of the box, IE8 is more secure than all of them (and I'll admit that without a review), but with the addons installed (Ad-block, No-Script, etc), I think Firefox will give IE a run for it's money.
And that's one thing which gives firefox a heads-up over IE8. The ease in creating, customizing, and installing addons for the browser. IMHO.
Have a great day
This is typed in Firefox only because that's what opened the first time I checked the forums. Typically, I surf in IE8.
August 16th, 2009, 06:41 PM
Also, here's Ars Technica's take on the report
It does skew the facts a little, that Microsoft sponsored the tests--although according to NSS Labs, it was Microsoft's Security Engineering Team that sponsored the tests as a way to foster improvement in IE8.
My personal take is that IE8 is good, although on one of my systems I have nothing but problems with it (both on Vista and Windows 7 RC). On my other system it's doing a fairly good job -- although I haven't installed anything else to compare it with. And I don't use the third system enough to actually give an opinion about it. But, all three of my systems are running IE8 either upgraded or because they run Windows 7.
Have a great day
August 16th, 2009, 07:35 PM
Except that all browsers have that. What Firefox doesn't have is process merging and crash recovery.
The ease in creating, customizing, and installing addons for the browser. IMHO.
August 16th, 2009, 07:56 PM
Why would they test opera 10 (which is in beta 3 now).. why couldn't they test the current stable version ?
CISSP, CISM, CISA, SSCP
*Thank you GOD*
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
August 17th, 2009, 01:15 AM
Ie has similar offerings. Check out IE7Pro
Originally Posted by PatrickDickey
And there is also an active userscript's also.
IE7Pro is a must have add-on for Internet Explorer, which includes a lot of features and tweaks to make your IE friendlier, more useful, secure and customizable. IE7Pro includes Tabbed Browsing Management, Spell Check, Inline Search, Super Drag Drop, Crash Recovery, Proxy Switcher, Mouse Gesture, Tab History Browser, Web Accelerator, User Agent Switcher, Webpage Capturer, AD Blocker, Flash Block, Greasemonkey like User Scripts platform, User Plug-ins, MiniDM, Google sponsored search,IE Faster and many more power packed features. You can customize not just Internet Explorer, but even your favorite website according to your need and taste using IE7Pro.
There is a version coming out that will be more compatible with ie8, but this current version works fine under ie8, just need to have compatibilty mode turned on.
August 18th, 2009, 12:12 AM
You can get the test results straight from NSS Labs at http://nsslabs.com/browser-security
Also, the IE Blog had a post regarding thier malware protection last week - http://blogs.msdn.com/ie/archive/200...en-filter.aspx
MSFT Internet Explorer Outreach Team
August 18th, 2009, 01:37 AM
... as Nihil pointed out in his original post...
By Tiger Shark in forum Microsoft Security Discussions
Last Post: January 14th, 2005, 07:47 PM
By gore in forum Newbie Security Questions
Last Post: December 29th, 2003, 07:01 AM
By MrLinus in forum The Security Tutorials Forum
Last Post: October 11th, 2003, 03:22 AM
By Szafran in forum Miscellaneous Security Discussions
Last Post: September 7th, 2003, 09:41 PM
By E5C4P3 in forum Product / Book / Training / Conference Reviews
Last Post: March 3rd, 2002, 02:24 PM