Google’s Chrome is the most secured browser, new study: Firefox finishes last in 3 browser security race

“Google Chrome offers more protection against online attacks than any other mainstream browser, according to an evaluation that compares exploit mitigations, malicious link detection, and other safety features offered in Chrome, Internet Explorer, and Firefox,” Dan Goodin reports for The Register. “‘We found that Google Chrome did the most sandboxing,’ Chris Valasek, who is a senior research scientist for Accuvant, told The Register. ‘It restricted the movements more than any other browser. Internet Explorer came up a close second because it implemented a sandbox where you could do certain things but you were allowed to do more things than you could in Chrome. Lastly, Firefox came in last because it didn’t implement a sandbox yet.'”

Goodin reports, “The report was commissioned by Google, but the authors insist they had complete autonomy in deciding what metrics to use and what conclusions they made… The report refers to sandboxing as a ‘standard best practice within many popular applications’ …Even Apple, which commands a tiny fraction of the browser market, implemented a robust sandbox in versions of Safari that run on Lion, the latest release of OS X.”

Read more in the full article here.

[Thanks to MacDailyNews Reader “Fred Mertz” for the heads up.]

20 Comments

      1. I don’t know about that.

        Chrome was the only browser left standing at Pwn2Own for the past 3 years. It has yet to be exploited at the contest.

        At the 2011 contest held back in March, Safari and IE were taken down on day 1.

        1. … as if those statistics mean squat. Bringing in a pre-packaged Trojan and deploying it on day 1 is hardly representative of actual browser security.

          When Chrome stops sending every user statistic back to the google mother ship, then they might earn my respect. until then, Chrome itself is listed as a Trojan in my book.

          1. Really?

            Well what is representive of browser security then?

            Every trojan in existence is “pre-packaged”.

            I dont use chrome. Im a firefox and occasional safari user.

        2. This past year at Pwn2Own, no one bothered with Chrome. IOW: It wasn’t in the contest. This may or may not have anything to do with Chrome’s actual security.

          Hackers have a choice of what they wish to hack as well as MONTHS of time to prepare their security breach.

          It’s important to read about Pwn2Own before making assumptions about its results. I can’t think of a more misquoted or misunderstood hacking contest.

          1. It was there, and in all fairness the same exploit that took down the blackberry was believed to be a possible attack vendor on chrome.

            Lol im well aware of how it works and the fact a hacker has months to prepare means nothing. Thats exactly how it is in the real world – when you hit a website that exploits your browser on the web thats noy a random event. Someone spents days/weeks/months planning it out.

            1. Well yes, all true, but given the fact there was a MacBook Air as the prize, all rational bets are off. I can’t imagine anyone passing up the opportunity of some desirable reward. If reports are to be believed, the competitive steam dissipated as soon as the prize was won.

    1. Well, let’s say that the foundation/rendering engine for both browsers is the same. This is also the case with beloved OmniWeb (which is also free). However, the GUI and fine details of each of these browsers are extremely different.

  1. The report was commissioned by Google

    Oh, big surprise. A Microsoft move. Yawn zzzzz

    Firefox came in last because it didn’t implement a sandbox yet

    Because of the security add-ons for Firefox, it is EASILY my most secure browser. So bite me Google. HOWEVER, I like sandboxes! They are not any cure-all for malware or security attacks, but they do help!

    So everyone:
    PLEASE DONATE TO MOZILLA!

Add Your Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.