We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Group test: which web browser is most secure?

Chrome, Firefox, Safari, Opera and IE tested

All of the most popular browsers such as Chrome, Firefox, Internet Explorer, have different security advantages and shortcomings. We've put them through rigorous tests, to find out which is best for you.

Making a secure browser

If you're looking for the perfectly secure browser, stop looking. Each new browser entry typically promises a more secure browsing experience, only to prove that making a truly secure web browser is difficult. Each of the most popular browsers has dozens of patched vulnerabilities.

Even the newest, Google's Chrome, released in beta form in September 2008, has nearly a dozen exploits already. Perhaps the strongest testament to how hard it is to make a secure internet browser is the fact that even the text-only Lynx browser, which is as simple as a browser can be (it can't even display pictures or video without external programs), has had five vulnerabilities. If attackers can cause buffer overflows in a text-based browser, any browser more complex will have its issues.

In general, administrators must consider every internet-connected web browser as high risk. In very high-security environments, web browsers aren't allowed to run or aren't allowed to render content from the internet. But assuming your enterprise needs to browse the internet and seeks a browser with an acceptable level of security, keep reading. A secure browser must include the following traits as a minimum:

  • It was coded using Security Development Lifecycle (SDL) techniques.
  • It has undergone code review and fuzzing.
  • It logically separates network and local security domains.
  • It prevents easy malicious remote control.
  • It prevents malicious redirection.
  • It has secure defaults.
  • It allows the user to confirm any file download or execution.
  • It prevents URL obscurity.
  • It contains anti-buffer overflow features.
  • It supports common secure protocols (SSL,TLS, etc.) and ciphers (3DES, AES, RSA, etc.).
  • It patches and updates itself automatically (with the user's consent).
  • It has a pop-up blocker.
  • It utiliss an anti-phishing filter.
  • It prevents website cookie misuse.
  • It prevents easy URL spoofing.
  • It provides security zones/domains to segregate trust and functionality.
  • It protects the user's website logon credentials during storage and use.
  • It allows browser add-ons to be easily enabled and disabled.
  • It prevents mischievous window use.
  • It provides privacy controls.
  • It has been battle tested by hackers over a sufficient period of time.

Another good place to start learning the detailed basics of web browser security is Part 2 of the Browser Security Handbook maintained by Michal Zalewski. The Browser Security Handbook gives a great introduction to many of the behind-the-scenes security policies that underlie most of today's browsers and indicates which features are supported in various browsers.

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security products

Visit Broadband Advisor for the latest internet news, reviews, tips & tricks - and to take advantage of PC Advisor's unique, independent Broadband Speed Tester

NEXT PAGE: How to measure the security of a browser

  1. We put Chrome, Firefox, Safari, Opera and IE through their paces
  2. Making a secure browser
  3. How to measure the security of a browser
  4. Vulnerability announcements and attacks
  5. The most secure browser
  6. Google Chrome and Mozilla Firefox
  7. IE8, Opera and Safari

IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model