Which browser is the most secure, is that the question?

Over the past week I have been asked twice now for my opinion on the question “Which browser is the most secure?” Probably as a result of the release of Microsoft’s “Browser Choice” update. In my view, this choice that people are being prompted to make is leading most of us to ask the wrong question entirely. Your browser will not keep you safe, whoever made it, you need to take steps to keep *yourself* safe, whichever browser you choose.

Image: J. Anderson

This update no doubt exposes millions of users to a choice which they may not, in many cases, have even been aware they were able to make; the choice of which application to use when browsing the web. Many alternatives are available when making this important choice; Internet Explorer (natch), Mozilla Firefox, Safari, Opera, Google Chrome and seven others are on offer through the Microsoft pop-up.
Rightly security is many folks’ primary concern when browsing online these days, so they want to know which browser is the safest or will offer them the highest personal security. I’m not convinced though that “Which browser is the most secure?” is really the right question.
Every browser has its flaws, vulnerabilities and patches (or lack of them). In any case attacks are increasingly aimed not only at browsers but at application plug-ins like QuickTime, Flash or Acrobat that can be used in multiple different flavours of browser. Either that or they are simply attacks aimed at the individual using the browser (like phishing, pretexting and other social engineering attacks).
Better (and more useful) advice than “Which browser is most secure?” would be “How can I best secure my browser of choice?” Trend Micro offers free tools such as Browser Guard and the Web Protection Add On for Internet Explorer. Browser Guard detects and blocks popularly used exploit techniques (such as heap spray and buffer overflow as well as looking for shellcode) offering proactive protection against unknown threats. The Web protection Add-On blocksknown malicious sites. Many other tools and plug-ins for many other browsers are also out there such as AdBlock Plus or NoScript for Firefox just for example.
It’s different strokes for different folks and various security tools or techniques require varying degrees of familiarity with the browser, with technology or with threats in general in order to effectively protect you without ruining your Internet experience beyond redemption. Helpfully, different indpendent tests and opinions will give you conflicting advice, of course.
In most cases the best advice is stick with the browser you are most familiar with but take steps to secure it. If you suddenly jump into using a browser with which you are unfamiliar, just as a simple knee-jerk reaction your unfamiliarity may leave you less secure than you were before the change.

12 thoughts on “Which browser is the most secure, is that the question?

  1. Pingback: IE, Chrome, Firefox三巨頭,漏洞數量比一比 | 雲端防毒是趨勢

  2. Thrawn

    While it’s true that different browsers have different strengths and weaknesses out-of-the-box, I find that to be *more* of a reason to shop around, rather than less. If you’re tech-savvy, you may want a browser that offers higher protection at the cost of more configuration time & effort. If your computer is shared with less tech-savvy people, you may want one that gives as much silent protection as possible. Etc.

    For those willing to put in some effort, the NoScript addon for Firefox gives protection unmatched by anything else that I’ve seen. It not only blocks JavaScript and other active content (Java, Flash, Silverlight, etc) on all sites by default (with easy whitelisting of trusted sites), but it protects you from cross-site scripting, clickjacking, tabnabbing, and some types of cross-site request forgery. Initially lots of sites will break without JavaScript, but you can whitelist the ones you trust with a single click, so pretty soon your usual sites will work just fine. And even if you tell it to allow all sites, it will still give you the protections against XSS, clickjacking, etc.

  3. Pingback: Secure browser | Jloxterman

  4. Pingback: IE9 comes in on top?? - Tech Support Forums - TechIMO.com

  5. Pingback: Merry Christmas and a Happy New 0-Day | Threat Trend Security News

  6. G

    Google Chrome has been letting in tons of viruses in the last few days, popups from websites. Avast caught them luckily… I would not recommend the browser anymore, going back to Opera.

  7. Pingback: YES the partner friendly exploit system. | Business Computing World

  8. Pingback: Which browser is the most secure, is that the question? | Business Computing World

  9. Pingback: Qual o browser mais seguro? Será essa a questão? | WebSegura.Net

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.