Ivybridge_I7Cyber-Crime Researcher OpSec Premium Member join:2004-06-09 Daytona Beach, FL
1 recommendation |
Internet Explorer 8 leads in malware-blocking capabilitiesIE8 whups rivals in blocking malware sites Microsoft's browser lengthens lead over No. 2 Firefox, blocks 81% of infected URLsBy Gregg Keizer August 14, 2009 12:23 PM ET » www.computerworld.com/s/ ··· 09-08-14Computerworld - Microsoft Corp.'s Internet Explorer 8 again trounced rival browsers in a test of their malware-blocking abilities, catching 81% of attack code-infected sites, according to a testing company. IE8's skills at sniffing out malware sites improved by 17% since March, said Rick Moy, president of NSS Labs, the firm that conducted the benchmarks. The testing was sponsored by Microsoft's security team. IE8's improvement, and its dominance over competitors, could make some users reconsider their decision to abandon Microsoft's browser for one of its challengers. "Should people rethink that decision?" Moy asked. "By [this] data, absolutely." While IE8 blocked eight of 10 of the malware-distributing sites that NSS included in its 12-day test, the nearest competitor, Mozilla's Firefox 3.0, caught just 27% of the same sites. Apple's Safari 4.0 and Google's Chrome 2.0, meanwhile, blocked only 21% and 7% of the sites, respectively. Opera Software's browser properly identified only 1%. "I think it comes down to resources and the focus of these companies," Moy said in an interview, referring to Microsoft's ability to out-spend rivals on such things as security research and malicious site investigations. "The more researchers you have, the better you'll do. Microsoft has a certain amount of paranoia [about security] because of its footprint of services that get attacked all the time, like Hotmail, and it has the money to hire really smart people." Opera, which performed the poorest in the malware-blocking benchmarks, is an example on the other end of the spectrum, said Moy. "What resources do they really have to bring to the problem?" Moy said. "There's a lot that can't be solved with software, but requires the human element." NSS tested five Windows-based browsers -- IE8, Firefox 3.0.11, Safari 4.0.2, Chrome 2.0.0.172.33 and Opera 10 beta -- against more than 2,100 malware sites in 69 test runs over 12 days. Like the tests NSS Labs ran last March, the sites were so-called "socially engineered" malware sites, the type that trick users into downloading attack code. Typically, the download is disguised, often as an update to popular software such as Adobe's Flash Player. The tests did not include sites that launch "drive-by" attacks that don't require user interaction, an increasingly common tactic by hackers who often infect legitimate sites with kits that try a number of different exploits in the hope of compromising an unpatched browser or PC. To defend against the kind of sites that NSS tested, browser makers have added anti-malware features to their software. Microsoft, for instance, has aggressively touted its SmartScreen Filter, a new malware-detection feature in IE8. All browsers that include such a tool -- or anti-phishing tools, which operate in a similar fashion -- rely on a "blacklist" of some sort. The list, which includes known or suspected malware sites, is used to display warnings before a user reaches a site, but after the URL is typed in. "The foundation is an in-the-cloud reputation-based system that scours the Internet for malicious sites," explained Moy, "then adds them to a black list or white list, or assigns them scores." The browser then uses that information to block or allow access to a site. IE8 significantly improved its lead over other browsers since March, Moy noted, with its browser's malware-blocking rate up 12 percentage points -- a 17% improvement -- while rivals' scores declined across the board. Firefox dropped three percentage points, for example, as did Safari 4; Chrome fell eight percentage points and Opera, four. Even though Firefox, Safari and Chrome all rely on the same data source for their anti-malware blacklists -- Google's SafeBrowsing API -- their scores varied considerably, something Moy thought was due to each browsers' use of the list. "Google produces the API, but that doesn't mean all the browsers consume the data in the same way at the same time," he said. "We don't have any visibility on how many people are looking at the [SafeBrowsing] data, but clearly Firefox must be adding other things to it." Moy also said that IE8's anti-malware protection improved over time at a greater rate than did its rivals. Because NSS Labs tested every four hours, it was able to measure how quickly each browser reacted, and blocked, a new threat introduced into the test. While IE8's score jumped from 51% on Day Zero -- the day the infected site debuted on the Internet -- to 91% by Day 5 (a 40 point jump), Firefox was only able to muster a 10-point increase, from 14% to 24%. Chrome improved the most over the course, starting at just 3% on Day Zero and ending at 14% on Day 5. "I was surprised when Microsoft got 69% in the first study," said Moy. "Then they went from 69% to 81." NSS hopes to repeat the test before the end of the year. According to the most recent data from Web metrics vendor Net Applications, IE8 accounted for 12.5% of all browsers used in July, representing 18% of all versions of IE in use. The NSS report can be downloaded from the company's Web site » nsslabs.com/test-reports ··· 2009.pdf |
|
1 edit
1 recommendation |
chachazz
Premium Member
2009-Aug-14 1:41 pm
Aug 13, 2009 Q3 2009 Browser Security Tests Published » nsslabs.blogspot.com/sea ··· /Testingquote: Statistically, Internet Explorer 8 at 83% and Firefox 3 at 80% had a two-way tie for first, given the margin of error of 3.6%.
quote: Firefox 3.5 crashing issues prevented it from being tested reliably.
What are these people doing with Firefox that they are not reporting, to cause "crashing"? v. 3.5-.1.- 2 is not crash-happy; and who paid for the tests |
|
2 edits |
Im happy with IE 8. One feature is that they updated the Trusted Sites Zone to were I dont have to manually type the trusted webpage's address, instead, it automatically put it there and all I have to do is click OK....
Also, many people say its too too bloated than IE 6. You have some menus to hidden and it almost looks like the classic IE 6 window frame.
But one issue bugs me a little regarding this statement of one of IE 8's features. NOT ALL family PCs run IE 8 though.... So what do they mean by this below???
==========================================
InPrivate Browsing When checking e-mail at an Internet café or shopping for a gift on a family PC, you don't want to leave any trace of specific web browsing activity. InPrivate Browsing in Internet Explorer 8 helps prevent your browsing history, temporary Internet files, form data, cookies, and usernames and passwords from being retained by the browser, leaving no evidence of your browsing or search history. |
|
|
to Ivybridge_I7
Two things concern me around this test:
1) The testing was sponsored by Microsoft. That alone gives me some pause.
2) It specifically did not include drive-by tests, which are becoming more and more commonplace. Why exclude an emerging vector? |
|
Mem join:2002-01-03 Nashville, TN ·Google Fiber ·AT&T FTTP
|
to slajoh01
said by slajoh01: NOT ALL family PCs run IE 8 though.... So what do they mean by this below??? Many family PC's use one account for the family. If the husband buys a gift and doesn't want the sig. other to snoop (or the kids for that matter), the inprivate browsing feature will hide their tracks from others using the same account. |
|
|
said by Mem:said by slajoh01: NOT ALL family PCs run IE 8 though.... So what do they mean by this below??? Many family PC's use one account for the family. If the husband buys a gift and doesn't want the sig. other to snoop (or the kids for that matter), the inprivate browsing feature will hide their tracks from others using the same account. A gift... p0rn... same thing... |
|
|
to slajoh01
said by slajoh01:InPrivate Browsing When checking e-mail at an Internet ...... MS came very late to 'private browsing' nor is it their !wow! "innovation" ... all the major browsers have it.. Safari led the way [2005] with Private Browsing - years ago |
|
|
1 recommendation |
to Ivybridge_I7
quote: We will never know what's really going on because important part of their selection and methodology is simply not revealed. As such, there is no way to verify or falsify their claims, possibly pushing this into the realm of pseudoscience...
...An interesting observation is that the report is from March 12th, 2009. They claim to have done 24/7 testing for 12 days, meaning that they must have started before Opera 9.64 was released, even though it's in their report!
source |
|
1 recommendation |
to chachazz
Firefox v3.5 had crashing issues?? I must have missed that.
Maybe they just need to have someone install Fx v3.5 for them. |
|
|
Unknown_P to Hangetsu
Anon
2009-Aug-14 6:49 pm
to Hangetsu
said by Hangetsu:The testing was sponsored by Microsoft. That alone gives me some pause. No . . . . Surely you don't think that might skew the results any? |
|
omnibusPencil.. Yum join:2002-01-23 New Zealand |
to Ivybridge_I7
Firefox uses Google as it's anti-phishing list provider... It has nothing to do with the browser itself, really. |
|
1 edit |
We need to use our common sense here. No offense, but its really up to on how the OS (Windows or Linux and etc...) is locked down...So if malware gets into your PC using the AVENUE of a web browser, then that malware would have a hardtime affecting the OS itself. Esp, running as a Restricted user.
It can be Firefox, Opera or IE 8....does not matter, its up to on how your OS is secured.
Web browsers are just a "vehicle" or a "bridge" for malware to get into the Operating System...So, therefore, locking down the entire OS would help instead of figuring out what browsers to use as far as security goes.
And of course, patches would also help too. |
|
siljalineI'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC |
to Ivybridge_I7
|
|
Ivybridge_I7Cyber-Crime Researcher OpSec Premium Member join:2004-06-09 Daytona Beach, FL |
Microsoft Internet Explorer 8 Is Updated with New Default Options By: Nicholas Kolakowski 2009-08-11 Microsoft is offering users the upfront option of making Internet Explorer 8 their default browser, or else staying with a rival browser, as part of a Patch Tuesday update. The new version of IE 8 comes as Microsoft finds itself losing browser market share to Firefox and other rivals, and negotiating with European antitrust officials over the inclusion of IE 8 in the upcoming Windows 7. » www.eweek.com/c/a/Window ··· -572652/ |
|
1 edit |
Despite them adding new security features of IE 8, I still do manually lock things down further on ActiveX and scripting controls...But like I posted, the OS is REALLY locked down to the bone.....
But, I do like IE 8 so far. and I would of thought the looks of this are too goofy and bloated, but its ain't that bad.
However, the popup blocker is not that effective though...Pretty much the same as IE 6.Still getting SOME popups on occassion.
The TIF and cookies are REALLY REALLY cleared....compared to that of IE 6, which had a bug that even though I checked to remove the TIF when browser closes on exit, I still had TIF junk files in the TIF folder....But IE 8 does the job of cleaering them out... |
|
jram join:2003-08-06 Albany, NY |
to Ivybridge_I7
Internet Explorer 8 leads in malware-blocking capabilities
Tell that to the people in security clean.. |
|
|
to Ivybridge_I7
They are blocking Opera. I had to fake the UserAgent of my browser in order to read the article. Just another browser sniffing site that blocks Opera. Probably with articles as balanced and trustworthy as such a despicable site can only be. |
|
your moderator at work
hidden :
|
AB57 Premium Member join:2006-04-04 equatorial |
to MeDuZa
Re: Internet Explorer 8 leads in malware-blocking capabilitiessaid by MeDuZa:They are blocking Opera. I had to fake the UserAgent of my browser in order to read the article. Just another browser sniffing site that blocks Opera. Probably with articles as balanced and trustworthy as such a despicable site can only be. Well, they don't seem to be blocking Firefox. (Or if so, doing a darn poor job of it.) So maybe eweek.com isn't quite as despicable as you seem to think. |
|
|
MeDuZa
Member
2009-Aug-16 1:53 am
said by AB57:Well, they don't seem to be blocking Firefox. (Or if so, doing a darn poor job of it.) They don't block K-Meleon a less known browser neither. Probably Opera is the only browser they are selectively blocking. IMO they are not only despicable but dumb as well. After all I went round their stupid UA sniffing. said by AB57:So maybe eweek.com isn't quite as despicable as you seem to think. Wonder how would you apprais sites with such objectionable practices? However they managed at least to loose their credibility and an occasional visitor. |
|
sivranVive Vivaldi Premium Member join:2003-09-15 Irving, TX |
to MeDuZa
Works here. Opera 9.64. (Yeah, I'm on one of my Opera kicks. I'll be back to SeaMonkey soon enough. ) |
|
your moderator at work
hidden :
|
|
to slajoh01
Re: Internet Explorer 8 leads in malware-blocking capabilitiessaid by slajoh01:We need to use our common sense here. No offense, but its really up to on how the OS (Windows or Linux and etc...) is locked down...So if malware gets into your PC using the AVENUE of a web browser, then that malware would have a hardtime affecting the OS itself. Esp, running as a Restricted user. It can be Firefox, Opera or IE 8....does not matter, its up to on how your OS is secured. Web browsers are just a "vehicle" or a "bridge" for malware to get into the Operating System...So, therefore, locking down the entire OS would help instead of figuring out what browsers to use as far as security goes. And of course, patches would also help too. +1 Sadly, a lot of people casually interested in security ignore this line of thinking. The truth is, all of these tests concerning which browser has the best phishing and malware blocklists are futile. Any form of security that takes a blacklist approach is ultimately of very little efficacy -- whether that be AV software or malicious website databases. The best way is to make sure that even if the browser is exploited or if malware somehow finds itself on the PC that it can't DO anything. This is how I have my systems set-up and its highly effective. |
|
your moderator at work
hidden : hidden :
|
AB57 Premium Member join:2006-04-04 equatorial 1 edit |
to MeDuZa
Re: Internet Explorer 8 leads in malware-blocking capabilitiessaid by MeDuZa:said by AB57:Well, they don't seem to be blocking Firefox. (Or if so, doing a darn poor job of it.) They don't block K-Meleon a less known browser neither. Probably Opera is the only browser they are selectively blocking. IMO they are not only despicable but dumb as well. After all I went round their stupid UA sniffing. said by sivran:Works here. Opera 9.64. This might point towards 'user error', or 'PEBKAC.' said by MeDuZa:said by AB57:So maybe eweek.com isn't quite as despicable as you seem to think. . . they managed at least to loose their credibility and an occasional visitor. Good for them. I believe all websites should loose both their credibility and every visitor. English is a mysterious and sometimes difficult language. You posting from Austria, I'll assume it's not your native one. |
|
19579823 (banned)An Awesome Dude join:2003-08-04 1 edit |
to siljaline
quote: IE 8 is stiil My Browser of Choice
Boo hiss!! |
|
mers2 Premium Member join:2004-03-20 USA |
to Ivybridge_I7
As has been said, security has more to do with how the OS is locked down and the operator using the browser. I've never had a problem with firefox - but my set up is locked down. |
|
Mele20 Premium Member join:2001-06-05 Hilo, HI |
to MeDuZa
Yep. That site doesn't like Opera. I had to fake the User Agent as Firefox to be able to read the article. It displays just fine on Opera 10 beta2. |
|
siljalineI'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC |
to 19579823
said by 19579823:quote: IE 8 is stiil My Browser of Choice
Boo hiss!! Everyone is entitled to use whatever Browser mon ami |
|