Malware blocking – not sandboxing – key to browser security, says Imperva

Rachwald questioned the criteria used in the recent Accuvant browser security study, which based its evaluation on sandboxing capability. To no one’s surprise, the Google-sponsored study picked Chrome as the most secure browser.

The Accuvant evaluation was based on the premise that anti-exploitation technology, such as sandboxing, reduces the vulnerability of a browser to a single exploit or an entire class of exploits.

But Rachwald opined that sandboxing is not the best criteria for evaluating browser security. “If you avoid a bad site, sandboxing is secondary in the process after not getting infected in the first place”, he told Infosecurity. Actually stopping socially engineered malware through the use of URL reputational services and blacklisting of malicious sites is more essential to browser security, he added.

Based on this criteria, Rachwald said that Internet Explorer (IE) 9.0 is the most security browser, a conclusion also reached by NSS Labs in a browser security study it released ealier this year.

According to the NSS Labs’ report, IE9 caught 92% of live social engineered malware threats, while Apple Safari 5, Mozilla Firefox 4, and Google Chrome 10 each caught only 15% of the live malware threats, while Opera 11 pulled up the rear with only 5%. NSS said that browser users are four times more likely to be tricked into downloading socially engineered malware than be compromised by an exploit.

“Microsoft has taken security very seriously, and they have done a very good job of updating their security capabilities in the browser”, while Firefox has “fallen down on security” because it is poor at blocking malware and its sandboxing technology is not as strong as Chrome or IE, Rachwald said.

While Rachwald would recommend that the average user go with IE9 because of its stronger malware blocking capabilities, geeks should use an obscure browser that cybercriminals have not targeted yet. “The way to avoid cyber accident is by using a platform which is less targeted by hackers due to its small market share”, he argued in a recent blog.

Surprisingly, Rachwald said Opera was the best choice for geeks, even though it came in last in the NSS Labs’ study. “In fact, if you look at some hacker blogs, a lot of them use Opera because hardly anyone develops anything nasty for it due to its miniscule market share”, he said.

What’s Hot on Infosecurity Magazine?