SCF Advanced Search

  • Total Posts: 33912
  • Total Topics: 10097
  • Online Today: 1186
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)

Author Topic: Forbes reports: Firefox is least secure browser ?! [download study for free]  (Read 1362 times)

0 Members and 1 Guest are viewing this topic.


  • SCF Administrator
  • *****
  • Posts: 7445
  • KARMA: 313
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • - Samker's Computer Forum

Forbes reports that researchers at the security firm Accuvant released a new study on Friday assessing the security features of Microsoft Internet Explorer, Mozilla Firefox and Google Chrome, the three most popular web browsers:
Accuvant's findings show that Google is the leader when it comes to security criteria, with Internet Explorer close behind and Firefox in last place.

There is one major reason for pause at these results, however: the independent study was commissioned and funded by Google. "Although both Google Chrome and IE are competitive, Chrome is a little better," said Ryan Smith, an Accuvant researcher. "We've tried to point out areas where Firefox can improve its code base."

Rather than counting the known vulnerabilities in the three browsers, Accuvant's study assumes that hackers will find exploits and instead rated the three browsers on how well they would deal with an attack that had already gained access to the machine. The areas that the browsers differed the most in were sandboxing, JIT hardening, and plug-in security. Google tied or beat the other two browsers in these areas, while Firefox's features were labeled "unimplemented or ineffective."

Sandboxing limits the commands available to a website exploit, and Chrome was found to have the strictest sandboxing of the three. Just-In-Time hardening is a feature that prevents Javascript on websites from compiling code to run on the user's machine, and plug-in security limits the access of exploits that don't require user interaction on a site and also exploits that trick users into downloading add-on programs with malicious behavior.

Jonathan Nightingale, Mozilla's director of Firefox engineering, responded to the Forbes article with this statement:

   Firefox includes a broad array of technologies to eliminate or reduce security threats, from platform level features like address space randomization to internal systems like our layout frame poisoning system. Sandboxing is a useful addition to that toolbox that we are investigating, but no technology is a silver bullet.

    We invest in security throughout the development process with internal and external code reviews, constant testing and analysis of running code, and rapid response to security issues when they emerge. We’re proud of our reputation on security, and it remains a central priority for Firefox.

The full 140-page study can be viewed at Scribd:


Samker's Computer Forum -

Sponsored Links:


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Atomic vapor | Toronto dispensary | Advertising