Over the past week I have been asked twice now for my opinion on the question “Which browser is the most secure?” Probably as a result of the release of Microsoft’s “Browser Choice” update. In my view, this choice that people are being prompted to make is leading most of us to ask the wrong question entirely. Your browser will not keep you safe, whoever made it, you need to take steps to keep *yourself* safe, whichever browser you choose.
This update no doubt exposes millions of users to a choice which they may not, in many cases, have even been aware they were able to make; the choice of which application to use when browsing the web. Many alternatives are available when making this important choice; Internet Explorer (natch), Mozilla Firefox, Safari, Opera, Google Chrome and seven others are on offer through the Microsoft pop-up.
Rightly security is many folks’ primary concern when browsing online these days, so they want to know which browser is the safest or will offer them the highest personal security. I’m not convinced though that “Which browser is the most secure?” is really the right question.
Every browser has its flaws, vulnerabilities and patches (or lack of them). In any case attacks are increasingly aimed not only at browsers but at application plug-ins like QuickTime, Flash or Acrobat that can be used in multiple different flavours of browser. Either that or they are simply attacks aimed at the individual using the browser (like phishing, pretexting and other social engineering attacks).
Better (and more useful) advice than “Which browser is most secure?” would be “How can I best secure my browser of choice?” Trend Micro offers free tools such as Browser Guard and the Web Protection Add On for Internet Explorer. Browser Guard detects and blocks popularly used exploit techniques (such as heap spray and buffer overflow as well as looking for shellcode) offering proactive protection against unknown threats. The Web protection Add-On blocksknown malicious sites. Many other tools and plug-ins for many other browsers are also out there such as AdBlock Plus or NoScript for Firefox just for example.
It’s different strokes for different folks and various security tools or techniques require varying degrees of familiarity with the browser, with technology or with threats in general in order to effectively protect you without ruining your Internet experience beyond redemption. Helpfully, different indpendent tests and opinions will give you conflicting advice, of course.
In most cases the best advice is stick with the browser you are most familiar with but take steps to secure it. If you suddenly jump into using a browser with which you are unfamiliar, just as a simple knee-jerk reaction your unfamiliarity may leave you less secure than you were before the change.
0 comments:
Post a Comment