Share

Related Stories

Top 5 Stories

News

Malware blocking – not sandboxing – key to browser security, says Imperva

23 December 2011

The browser’s ability to block socially engineered malware, not sandboxing technology, is the most important criteria to judge browser security, argues Rob Rachwald, director of security strategy at data security firm Imperva.

Rachwald questioned the criteria used in the recent Accuvant browser security study, which based its evaluation on sandboxing capability. To no one’s surprise, the Google-sponsored study picked Chrome as the most secure browser.

The Accuvant evaluation was based on the premise that anti-exploitation technology, such as sandboxing, reduces the vulnerability of a browser to a single exploit or an entire class of exploits.

But Rachwald opined that sandboxing is not the best criteria for evaluating browser security. “If you avoid a bad site, sandboxing is secondary in the process after not getting infected in the first place”, he told Infosecurity. Actually stopping socially engineered malware through the use of URL reputational services and blacklisting of malicious sites is more essential to browser security, he added.

Based on this criteria, Rachwald said that Internet Explorer (IE) 9.0 is the most security browser, a conclusion also reached by NSS Labs in a browser security study it released ealier this year.

According to the NSS Labs’ report, IE9 caught 92% of live social engineered malware threats, while Apple Safari 5, Mozilla Firefox 4, and Google Chrome 10 each caught only 15% of the live malware threats, while Opera 11 pulled up the rear with only 5%. NSS said that browser users are four times more likely to be tricked into downloading socially engineered malware than be compromised by an exploit.

“Microsoft has taken security very seriously, and they have done a very good job of updating their security capabilities in the browser”, while Firefox has “fallen down on security” because it is poor at blocking malware and its sandboxing technology is not as strong as Chrome or IE, Rachwald said.

While Rachwald would recommend that the average user go with IE9 because of its stronger malware blocking capabilities, geeks should use an obscure browser that cybercriminals have not targeted yet. “The way to avoid cyber accident is by using a platform which is less targeted by hackers due to its small market share”, he argued in a recent blog.

Surprisingly, Rachwald said Opera was the best choice for geeks, even though it came in last in the NSS Labs’ study. “In fact, if you look at some hacker blogs, a lot of them use Opera because hardly anyone develops anything nasty for it due to its miniscule market share”, he said.

This article is featured in:
Application Security  •  Internet and Network Security  •  Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×