All of the most popular browsers such as Chrome, Firefox, Internet Explorer, have different security advantages and shortcomings. We've put them through rigorous tests, to find out which is best for you.

When it comes to the most secure browsers, there are a number of different opinions out there. The recent out-of-schedule emergency patches for Internet Explorer that Microsoft has rolled-out have had some pundits recommending any browser but IE as the best security defence.

Although there is some safety in using less frequently attacked software, a better question is which is the safest choice among the most popular browsers? What are the most important security features to look for in a browser, and what are the weaknesses to beware?

This review focuses on security features of the following Windows-based internet browsers: Google Chrome, Mozilla Firefox, Microsoft Internet Explorer, Opera Software's Opera and Apple's Safari. All but Chrome are included because they rank among the most popular browsers, with long track records and millions of users.

Google Chrome is included because it boasts a unique security model and the wide expectation to significantly eat into the other browsers' market share. The latest publicly available versions (including beta versions) have been used in the review. Each browser has been tested on Windows XP Pro SP3 and Windows Vista Enterprise.

The purpose of this review was to test each browser's security fitness. As such, these reviews generally do not cover any new features not related to security. Also, since this review was focused on testing the security of each particular browser, all browsers were tested with the default vendor-installed add-ons only.

For example, although NoScript is a popular Firefox browser add-on often installed to enhance security, it isn't installed by default and isn't created by the vendor, so it wasn't included in the review.

Full disclosure: the author of this article is employed full-time by Microsoft as a security architect. He has no involvement in the development or marketing of Internet Explorer. He uses multiple browsers across several OS platforms on a daily basis and has several favorites, including browsers not included in this review.

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security products

Visit Broadband Advisor for the latest internet news, reviews, tips & tricks - and to take advantage of PC Advisor's unique, independent Broadband Speed Tester

NEXT PAGE: Making a secure browser

  1. We put Chrome, Firefox, Safari, Opera and IE through their paces
  2. Making a secure browser
  3. How to measure the security of a browser
  4. Vulnerability announcements and attacks
  5. The most secure browser
  6. Google Chrome and Mozilla Firefox
  7. IE8, Opera and Safari

All of the most popular browsers such as Chrome, Firefox, Internet Explorer, have different security advantages and shortcomings. We've put them through rigorous tests, to find out which is best for you.

Making a secure browser

If you're looking for the perfectly secure browser, stop looking. Each new browser entry typically promises a more secure browsing experience, only to prove that making a truly secure web browser is difficult. Each of the most popular browsers has dozens of patched vulnerabilities.

Even the newest, Google's Chrome, released in beta form in September 2008, has nearly a dozen exploits already. Perhaps the strongest testament to how hard it is to make a secure internet browser is the fact that even the text-only Lynx browser, which is as simple as a browser can be (it can't even display pictures or video without external programs), has had five vulnerabilities. If attackers can cause buffer overflows in a text-based browser, any browser more complex will have its issues.

In general, administrators must consider every internet-connected web browser as high risk. In very high-security environments, web browsers aren't allowed to run or aren't allowed to render content from the internet. But assuming your enterprise needs to browse the internet and seeks a browser with an acceptable level of security, keep reading. A secure browser must include the following traits as a minimum:

  • It was coded using Security Development Lifecycle (SDL) techniques.
  • It has undergone code review and fuzzing.
  • It logically separates network and local security domains.
  • It prevents easy malicious remote control.
  • It prevents malicious redirection.
  • It has secure defaults.
  • It allows the user to confirm any file download or execution.
  • It prevents URL obscurity.
  • It contains anti-buffer overflow features.
  • It supports common secure protocols (SSL,TLS, etc.) and ciphers (3DES, AES, RSA, etc.).
  • It patches and updates itself automatically (with the user's consent).
  • It has a pop-up blocker.
  • It utiliss an anti-phishing filter.
  • It prevents website cookie misuse.
  • It prevents easy URL spoofing.
  • It provides security zones/domains to segregate trust and functionality.
  • It protects the user's website logon credentials during storage and use.
  • It allows browser add-ons to be easily enabled and disabled.
  • It prevents mischievous window use.
  • It provides privacy controls.
  • It has been battle tested by hackers over a sufficient period of time.

Another good place to start learning the detailed basics of web browser security is Part 2 of the Browser Security Handbook maintained by Michal Zalewski. The Browser Security Handbook gives a great introduction to many of the behind-the-scenes security policies that underlie most of today's browsers and indicates which features are supported in various browsers.

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security products

Visit Broadband Advisor for the latest internet news, reviews, tips & tricks - and to take advantage of PC Advisor's unique, independent Broadband Speed Tester

NEXT PAGE: How to measure the security of a browser

  1. We put Chrome, Firefox, Safari, Opera and IE through their paces
  2. Making a secure browser
  3. How to measure the security of a browser
  4. Vulnerability announcements and attacks
  5. The most secure browser
  6. Google Chrome and Mozilla Firefox
  7. IE8, Opera and Safari

All of the most popular browsers such as Chrome, Firefox, Internet Explorer, have different security advantages and shortcomings. We've put them through rigorous tests, to find out which is best for you.

How to measure the security of a browser

Vulnerability counts and the frequency of announced exploits account for much of the overall risk to a web browser, but they are far from the only relevant factors to consider. In this security review, the following are the general categories that were considered when reviewing each internet browser.

Security model
Each browser is coded on the underlying strength of the browser vendor's chosen security model. This model is what keeps the untrusted network side separated from the more trusted security zones. If malware is able to exploit the browser, how easily can it compromise the whole system?

What defences did the vendor include in the browser's underlying design to prevent malicious use? How is malicious redirection (such as cross-domain cross-site scripting and frame theft) prevented? Is memory secured and cleared against malicious reuse?

Does the browser give end-users multiple security domains or zones with varying levels of functionality in which to place different websites according to their level of associated trust? What end-user protections have been built into the browser? Does the browser attempt to update itself? All of these questions, and more, go into determining the fitness of a browser's security model.

When the browser runs on Windows does it take advantage of Data Execution Prevention (DEP)? If it runs on Windows Vista, does it use file and registry virtualisation, Mandatory Integrity Controls or Address Space Layout Randomisation? These topics require too much space to discuss appropriately in this review, but all four mechanisms can make it harder for malware to gain system control.

Feature set and complexity
More features and increased complexity are the antithesis of computer security. Additional features mean more code available to exploit with more unexpected interactions. Conversely, a browser with a minimal feature set may not be able to render popular websites, which forces the user to employ another browser or to install potentially insecure add-ons. Popular add-ons are often exploited by malware writers.

User-definable security zones (also known as security domains) are also an important feature. Ultimately, less functionality translates into better security. Security zones provide a way to classify various websites as more trustworthy and, hence, suited for greater functionality. You should be able to trust your company's websites significantly more than a website offering pirated software or a small web page served up by someone you don't know. Security zones allow you to set various security settings and functionalities based upon the website's location, domain or IP address.

Security domains are used in every computer security product (firewalls, IPSes, and so on) to establish security boundaries and areas of default trust. Having a security zone in a browser extends that model. Browsers without security zones encourage you to treat all websites with the same level of trust - as well as to reconfigure the browser or use another browser for less trustworthy websites before each visit.

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security products

Visit Broadband Advisor for the latest internet news, reviews, tips & tricks - and to take advantage of PC Advisor's unique, independent Broadband Speed Tester

NEXT PAGE: Vulnerability announcements and attacks

  1. We put Chrome, Firefox, Safari, Opera and IE through their paces
  2. Making a secure browser
  3. How to measure the security of a browser
  4. Vulnerability announcements and attacks
  5. The most secure browser
  6. Google Chrome and Mozilla Firefox
  7. IE8, Opera and Safari

All of the most popular browsers such as Chrome, Firefox, Internet Explorer, have different security advantages and shortcomings. We've put them through rigorous tests, to find out which is best for you.

Vulnerability announcements and attacks
How many vulnerabilities have been found and publicly announced against the browser product? Are the vulnerability counts going up or down as the vendor patches its browser? How severe have the vulnerabilities been? Do they allow full system compromise or denial of service? How many vulnerabilities are currently unpatched? What is the history of zero-day attacks against the vendor? How often is the vendor's browser targeted versus a competitor's product?

Browser security test
How did the browser fare against popularly available browser security test suites? In this review, all of the products passed the most well-known browser security tests located on the internet, so each item was further exposed to dozens of real-life malicious websites. Often the outcome was not pretty. I experienced frequent browser lockups, objectionable content, and sometimes complete system reboots.

Enterprise manageability features
It's generally easy to secure a favourite individual browser for personal use, but doing so for an entire business requires special tools. If the browser were selected for enterprise use, how easy is it to install, set, and manage secure configurations for every user?

How I tested

I downloaded the latest publicly available version of each browser (including beta products) and installed it on fully patched 32-bit versions of Windows Vista Enterprise SP1 and Windows XP Pro SP3. I reviewed all security settings and options and checked the vendor documentation for clarification. I then subjected each browser to numerous tests, including dozens of pre-defined tests made in the lab, internet-based test suites, and exposing the browsers to known-malicious websites.

The Internet-based test suites included several browser security test sites, such as scanit and Jason's Toolbox; several JavaScript, Java, and pop-up blocker testing sites; several cross-site scripting (XSS) testing websites; and several browser privacy test sites. I tested the security of the browsers' password handling using the Password Manager Evaluator and the security of cookie handling using the Gibson Research Corporation's Cookie Forensics. I tested Extended Validation certificates using links provided on the IIS7 site.

I surfed to dozens of sites known to contain live malware from several public and private malware site lists, including ShadowServer. I also visited dozens of known phishing websites, courtesy of PhishTank and similar referral sites. I used Process Explorer to monitor local processes and resources during install and ongoing operations. And I sniffed the browsers' network traffic using Microsoft Network Monitor Overview or Wireshark and examined the results for information leaks.

Finally, I also relied on public vulnerability testing for these evaluations, including Metasploit and milw0rm.com. Vulnerability statistics were taken from Secunia.com or CVE.

Additionally, each browser was used over a series of several weeks (or longer) to test general use, patching intervals, and other involved functionality.

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security products

Visit Broadband Advisor for the latest internet news, reviews, tips & tricks - and to take advantage of PC Advisor's unique, independent Broadband Speed Tester

NEXT PAGE: The most secure browser

  1. We put Chrome, Firefox, Safari, Opera and IE through their paces
  2. Making a secure browser
  3. How to measure the security of a browser
  4. Vulnerability announcements and attacks
  5. The most secure browser
  6. Google Chrome and Mozilla Firefox
  7. IE8, Opera and Safari

All of the most popular browsers such as Chrome, Firefox, Internet Explorer, have different security advantages and shortcomings. We've put them through rigorous tests, to find out which is best for you.

The most secure browser

Which of the browsers tested can claim to be the most secure? Here's the big shocker: none of the fully patched browsers allowed silent infections or exploitation beyond simple DoS attacks. All of the browsers stopped the latest malicious attacks available on the internet.

Occasional zero-day attacks could silently infect a particular browser during a particular period of time, but all of the browsers have this same risk, and all of the browser vendors in this review are fairly consistent in patching significant problems in a timely manner.

Hence, the overall conclusion of this review is that any fully patched browser can be used relatively safely. You can change browsers, but your risk is the same with all of them - nearly zero - if your browser, OS, and all add-ons and plug-ins are fully patched.

However, if I pretended to be an end-user tricked into running a malicious executable (such as a fake anti-virus program), each browser allowed the system to be infected and compromised.

End-users running on Windows Vista without elevated credentials would have prevented most malware infections from occurring, but even those users were readily exploited if they purposefully elevated themselves to install the rogue program.

Browser security tips

Instead of accusing one browser of being weaker than another, real-world testing has revealed that users should pick a browser that has the security features and functionality they desire, and implement the following suggestions.

  • Don't log on as admin or root when running an internet browser (or use UAC on Windows Vista, SU on Linux, etc.).
  • Make sure the browser, OS and all add-ons and plug-ins are fully patched.
  • Don't be tricked into running malicious code.
  • If unexpectedly prompted to install third-party software while browsing a site, open another tab and download the requested software directly from the software vendor's website.
  • Be careful about which add-ons and plug-ins you use. Many aren't secure, many are very insecure, and some are actually malware in disguise.

Browser findings

As expected, each browser had its fair share of security advantages and disadvantages. All of the browsers reviewed here, save Google Chrome, have had years to mature in response to previous malicious attacks. All of the browsers had SSL/TLS (Secure Sockets Layer/Transport Layer Security) support, anti-phishing filters, pop-up ad blocking, cross-site script (XSS) filtering, automated updates, private session browsing, and cookie handling. The following review summaries highlight their differences.

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security products

Visit Broadband Advisor for the latest internet news, reviews, tips & tricks - and to take advantage of PC Advisor's unique, independent Broadband Speed Tester

NEXT PAGE: Google Chrome and Mozilla Firefox

  1. We put Chrome, Firefox, Safari, Opera and IE through their paces
  2. Making a secure browser
  3. How to measure the security of a browser
  4. Vulnerability announcements and attacks
  5. The most secure browser
  6. Google Chrome and Mozilla Firefox
  7. IE8, Opera and Safari

All of the most popular browsers such as Chrome, Firefox, Internet Explorer, have different security advantages and shortcomings. We've put them through rigorous tests, to find out which is best for you.

Google Chrome 1.0

Google's first browser is a security paradox. It begins with the best browser security model, but then layers questionable decisions over a dearth of security features. It utilises Windows Vista's new security features even better than the browser that came with Vista. JavaScript runs inside of a virtual machine environment, where it is further restricted.

Unfortunately, Chrome has almost no significant security granularity, and no separate security zones in which to place websites with different trust expectations. More disappointing, you cannot disable JavaScript at all. This is a huge security oversight, even if Google believes the browser can trap malicious JavaScript within the sandbox. Perhaps most troubling, Chrome has been plagued by relatively simple buffer overflow problems.

Chrome has the potential to be one of the most secure internet browsers, but its initial showing only leaves significant questions.

Mozilla Firefox 3.12

Mozilla's Firefox deserves the growing market share it has today. It is a battle-tested veteran with best-in-class cipher support, excellent add-on management, and growing enterprise features. Firefox has a fair amount of security granularity and is the only browser besides Internet Explorer to provide multiple security zones, although they are not easy to configure.

JavaScript can be disabled on a global basis, but it takes a separate add-on (called NoScript) to enable or disable it on a per-site basis. Using the About:security option in the URL bar allows the user to configure dozens of features and security settings, but the only enterprise deployment and management tools are offered by third parties. Firefox makes a good browser choice for anyone, especially for users who want to avoid the risk of native ActiveX support.

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security products

Visit Broadband Advisor for the latest internet news, reviews, tips & tricks - and to take advantage of PC Advisor's unique, independent Broadband Speed Tester

NEXT PAGE: IE8, Opera and Safari

  1. We put Chrome, Firefox, Safari, Opera and IE through their paces
  2. Making a secure browser
  3. How to measure the security of a browser
  4. Vulnerability announcements and attacks
  5. The most secure browser
  6. Google Chrome and Mozilla Firefox
  7. IE8, Opera and Safari

All of the most popular browsers such as Chrome, Firefox, Internet Explorer, have different security advantages and shortcomings. We've put them through rigorous tests, to find out which is best for you.

Microsoft Internet Explorer 8 beta 2

Internet Explorer is the most frequently attacked browser in the world. Its popularity, complexity, and support of ActiveX controls gives it an elevated risk as compared to the rest of the competition. Still, it also has best-in-class enterprise support, superior security granularity, and multiple security zones in which to deploy websites with different trust requirements. It's the only browser with built-in parental controls and a granular add-on manager.

It is also the only browser with serious enterprise management features, providing more than 1,200 customisable settings across multiple security zones. For example, the US government requires what is called Federal Desktop Core Configuration (FDCC) on all of its software, and Federal Information Processing Standards FIPS) ciphers only. Tens of millions of PCs fall under these requirements. Only IE allows these policies to be enforced across all desktops. It is difficult to achieve with any of the other browsers.

IE 8 is bringing many new features to the table, including per-user and per-site control of ActiveX programs and other add-ons. Its improved base security model is second only to Google's Chrome, and nearly every security feature it has is mature and built for enterprise use.

Opera 9.63

Opera is a solid browser that deserves more market share in the PC world. It has impressive security granularity, good anti-DoS handling, strict Extended Validation certificate handling, and many unique features. Its lack of market share means it hasn't been as tested as Internet Explorer and Firefox, but it has been involved in fighting many found vulnerabilities.

On the downside, Opera doesn't support Data Execution Prevention (DEP), Address Space Layout Randomisation (ASLR) or Elliptical Curve Cryptography (ECC) ciphers. These deficiencies need to be corrected before its use can be more highly recommended. Even now, I invite readers to check out Opera. I think many people will be pleasantly surprised.

Apple Safari 3.2.1

Apple's Safari browser has many good features, but lacks security granularity and zones. It has good pop-up blocking, good local password protection, and a surprisingly accurate anti-phishing filter. Unfortunately, DEP is disabled, something that needs to be corrected. Safari has the weakest cipher support, failing to offer AES ciphers, 256-bit keys or ECC ciphers.

Safari always automatically prompts the user before downloading files, and it prevents some high-risk files from being executed before downloading. Safari has good default cookie control. It is one of only two browsers in this review (the other is Chrome) to prevent all writes by third-party cookies by default, which is a nice privacy bonus.

Although local password protection is strong, Safari had the weakest remote password handling of the bunch. Safari is a great-looking browser but a mixed bag with respect to security.

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security products

Visit Broadband Advisor for the latest internet news, reviews, tips & tricks - and to take advantage of PC Advisor's unique, independent Broadband Speed Tester

  1. We put Chrome, Firefox, Safari, Opera and IE through their paces
  2. Making a secure browser
  3. How to measure the security of a browser
  4. Vulnerability announcements and attacks
  5. The most secure browser
  6. Google Chrome and Mozilla Firefox
  7. IE8, Opera and Safari