“Google Chrome offers more protection against online attacks than any other mainstream browser, according to an evaluation that compares exploit mitigations, malicious link detection, and other safety features offered in Chrome, Internet Explorer, and Firefox,” Dan Goodin reports for The Register. “‘We found that Google Chrome did the most sandboxing,’ Chris Valasek, who is a senior research scientist for Accuvant, told The Register. ‘It restricted the movements more than any other browser. Internet Explorer came up a close second because it implemented a sandbox where you could do certain things but you were allowed to do more things than you could in Chrome. Lastly, Firefox came in last because it didn’t implement a sandbox yet.'”
Goodin reports, “The report was commissioned by Google, but the authors insist they had complete autonomy in deciding what metrics to use and what conclusions they made… The report refers to sandboxing as a ‘standard best practice within many popular applications’ …Even Apple, which commands a tiny fraction of the browser market, implemented a robust sandbox in versions of Safari that run on Lion, the latest release of OS X.”
Read more in the full article here.
[Thanks to MacDailyNews Reader “Fred Mertz” for the heads up.]
comparing IE to FireFox or Chrome is like comparing a sieve to a cup.
Why didn’t Safari get tested?
Google commissioned the study. Why bring attention to a competitor’s browser much like its own.
Because Safari would win.
Google knows many people only read the headline.
I don’t know about that.
Chrome was the only browser left standing at Pwn2Own for the past 3 years. It has yet to be exploited at the contest.
At the 2011 contest held back in March, Safari and IE were taken down on day 1.
… as if those statistics mean squat. Bringing in a pre-packaged Trojan and deploying it on day 1 is hardly representative of actual browser security.
When Chrome stops sending every user statistic back to the google mother ship, then they might earn my respect. until then, Chrome itself is listed as a Trojan in my book.
Really?
Well what is representive of browser security then?
Every trojan in existence is “pre-packaged”.
I dont use chrome. Im a firefox and occasional safari user.
This past year at Pwn2Own, no one bothered with Chrome. IOW: It wasn’t in the contest. This may or may not have anything to do with Chrome’s actual security.
Hackers have a choice of what they wish to hack as well as MONTHS of time to prepare their security breach.
It’s important to read about Pwn2Own before making assumptions about its results. I can’t think of a more misquoted or misunderstood hacking contest.
It was there, and in all fairness the same exploit that took down the blackberry was believed to be a possible attack vendor on chrome.
Lol im well aware of how it works and the fact a hacker has months to prepare means nothing. Thats exactly how it is in the real world – when you hit a website that exploits your browser on the web thats noy a random event. Someone spents days/weeks/months planning it out.
Well yes, all true, but given the fact there was a MacBook Air as the prize, all rational bets are off. I can’t imagine anyone passing up the opportunity of some desirable reward. If reports are to be believed, the competitive steam dissipated as soon as the prize was won.
Chrome and Safari are essentially the same browser, both using webkit as the foundation.
Well, let’s say that the foundation/rendering engine for both browsers is the same. This is also the case with beloved OmniWeb (which is also free). However, the GUI and fine details of each of these browsers are extremely different.
Im not running any stinking turd browser in my Mac. Piss on em.
I run it ONLY when I absolutely positively HAVE to have Flash enabled.
It might be secure from other attacks but Google keeps all your info.. I’m sure they have a nice backdoor.
A Google product that’s “restrictive”? Well I never!
Haha good one…
Chrome IS SPYWARE!
The report was commissioned by Google
Oh, big surprise. A Microsoft move. Yawn zzzzz
Firefox came in last because it didn’t implement a sandbox yet
Because of the security add-ons for Firefox, it is EASILY my most secure browser. So bite me Google. HOWEVER, I like sandboxes! They are not any cure-all for malware or security attacks, but they do help!
So everyone:
PLEASE DONATE TO MOZILLA!
💡 So you want to try/use Chrome, but you don’t want to be a sucker to Google’s tracking surveillance?
Try no-spy Open Source versions of Chromium, such as:
-> SRWare Iron.
-> Chromium OS X
I like it! 😀
Yeah but, Google is one we need protected from!!!