Google Chrome Most Resilient Against Attacks, Researchers Find (helpnetsecurity.com) 37
Between Google Chrome, Microsoft Edge, and Internet Explorer, Chrome has been found to be the most resilient against attacks, an analysis by security researchers has found. Firefox, Safari, and Opera were not included in the test. From a report: "Modern web browsers such as Chrome or Edge improved security in recent years. Exploitation of vulnerabilities is certainly more complex today and requires a higher skill than in the past. However, the attack surface of modern web browsers is increasing due to new technologies and the increasing complexity of web browsers themselves," noted Markus Vervier, Managing Director of German IT security outfit X41 D-Sec (and one of the researchers involved in the analysis). The researchers' aim was to determine which browser provides the highest level of security in common enterprise usage scenarios.
Why even compare (Score:3)
Re: (Score:2)
http://i0.kym-cdn.com/photos/i... [kym-cdn.com]
Uh, Chrome vs Firefox is all that matters (Score:3, Insightful)
Seriously, what is the point of this unless it compares Chrome to Firefox. Those are the only ones that actually matter!
Re: (Score:1)
Chrome, Safari and Edge are the only ones that matter in the real world. Even if you combine both Firefox and Opera they still have less marketshare than any of those three.
Re: (Score:2)
Re: (Score:2, Funny)
Not for long. Edge's marketshare is increasing and Firefox's marketshare is decreasing.
And unless Firefox starts listening to their users instead of doing the opposite, and starts doing that five years ago, they're doomed.
Re: (Score:3)
Not for long. Edge's marketshare is increasing and Firefox's marketshare is decreasing.
Edge's usage is one quarter to one third [wikipedia.org] of Firefox's. It's got a way to go yet.
they're doomed
Unlikely. You should try Firefox 57. It will be released to the beta channel in a week or so [mozilla.org].
Re: (Score:1)
Firefox has always sucked on OS X.
Re: (Score:2)
Moderated "troll" by some idiot who only use Firefox on Windows.
Re: (Score:3)
Chrome, Safari and Edge are the only ones that matter in the real world. Even if you combine both Firefox and Opera they still have less marketshare than any of those three.
Given the general level of ignorance and stupidity that often leads to consumers being successfully hacked and exploited, I don't know why people continue to value the metric of marketshare when it comes to mass ignorance and browser usage.
Marketshare doesn't keep me secure. A good browser does.
Re: (Score:2)
But marketshare is what determines which browsers are tested when making websites. Clients won't accept a 10% increase to their invoices if Firefox represents only 2% of their users.
Re: (Score:2)
#otherbrowsersmatter
Re: (Score:3)
The point is to say "Hi, we're so skilled and want funding". Who cares about doing proper research, we're just doing enough to make a pretty 190 page document. Slightly more useful is a document that helps instruct new programmers on information on how to harden code, as opposed to a comparison on which features browsers implement.
My opinion on the research itself: A quick scan on the document doesn't have mention of "Punycode", which was a semi-recent vulnerability which is rather important. Comparing the
Re: (Score:2)
Re: (Score:1)
So you are saying that that a rabbit, who must eat his own poop to survive, was not a mistake?
Re: (Score:3)
Firefox is but one open source projet. And the failure is not in being OSS, it's in not listening to their users, i.e. the users keep saying for years that your program has memory leaks, that you should fix that instead of adding more bloated features that nobody asked for, and all you do is put your fingers in your ears and go "la-la-la-I can't-hear-you-la-la-la" then of course you're going to fail.
Re: (Score:2)
And the memory leaks are largely caused by an unsafe extension system that is being replaced by a new, more thread-safe extension system. And the wailing and gnashing of teeth continue.
"Firefox has memory leaks!"
"Fixed the ones in Firefox, the rest are bad extensions (probably AdBlock)"
"Firefox's Javascript is slow!"
"Fixed that [arewefastyet.com]"
"Firefox is slow"
"We'll move to a new threading model that's lots faster and requires us to fix our leaky extension model too"
"You're breaking my extensions - why don't you listen to
Re: (Score:1)
Are you kidding me?! (Score:3)
Re: (Score:3)
Yeah, without Firefox, Safari, and Opera... it's really a pointless study unless you're merely looking for documented empirical backing for common knowledge.
Of course, the study was sponsored by Google. I'm willing to concede it was likely a fair study for what it studied, but I'd bet the scope was limited to make Chrome look better.
Re: (Score:2)
This is probably how it went...
Chrome vs Safari and Firefox: Chrome is 1.27% better.
Chrome vs the retarded Duo (Internet Explorer and Edge): Chrome is 45.9% better.
"Let's use the 45.9% one."
Not surprisingly. (Score:3)
Chrome is a pillar of Googles strategy against Apple, Facebook and MicroSoft. They'd be stupid to let things slide with Chrome.
Important paragraph from the intro (Score:3)
There's an important paragraph in the introduction:
You can read the paper [x41-dsec.de] yourself to determine whether they succeeded at avoiding biasing their results. One up-front question is why they didn't include Firefox. Based on public vulnerabilities and Pwn2Own and similar competitions, FF is less secure than Chrome, but often better than Edge. Safari tends to trail by a large margin, so its exclusion doesn't surprise me, nor does the exclusion of Opera and other browsers with very small market share.
Being as how Chrome users... (Score:1)
...surrender all there personal info to google, I can see how this can be so.
Shit comparison, shit software (Score:2)
Link to actual research (Score:2)
https://browser-security.x41-dsec.de/X41-Browser-Security-White-Paper.pdf
because Slashdot editors are lazy. More seriously, this paper appears to be a must-read if you're responsible for desktop or other end-user security. (The examples are great.)