There Is No Safe Web Browser

Michael writes "David Sheets has up an interesting article on browser security, and I have to agree with his conclusion: no web browser is safe. The article details the recent Netscape fiasco, and touches on the whole Firefox/Internet Explorer debate. From the article: 'So if it sounds as if we're all at the mercy of hackers just looking for some new challenge, that's partially true. As law enforcement officers will tell you, crime finds you if it wants you bad enough, no matter what preventative measures you take. But the vast majority of criminals have an Achilles' heel: They prefer convenience to challenge. For now, it's more convenient for them to pick on Internet Explorer.'"

Doesn't go far enough.

[El+Cubano]

David Sheets has up an interesting article on browser security, and I have to agree with his conclusion: no web browser is safe

No program that accepts input is safe. Even some programs that don't accept input aren't safe either. It is the nature of how complex software really is and how little of it we understand.

Nor is there a "safe" OS....

[Total_Wimp]

...at least not one you'd want to use. Sorry people, Linux is not "safe." Mac OS/anything is not "safe." There are a very few OSs that are pretty safe, but the only reason Mac and Linux fans can brag right now is that they're ignoring all the patches, hacks, etc that already exist for their OS of choice.

TW

Re:Nor is there a "safe" OS....

[NickFortune]

The flaw here lies in considering safe as an absolute. There is no safe method of travelling, but there are substanially more risks associated with skydiving than there are with walking.

Even apologists for MS poor security record acknowledge that firefox is more secure, if only with the argument "when more malware starts targetting it, then it will be just as bad"

And the same applies to OS security as well. Safe is a relative concept, and to try and confuse the issue by casting it as an absolute does no one any favours.

Hit the Nail on the Head

I think that this author has finally gotten it right. Note the increasing instances of popup ads that are tailored for firefox users etc.

As firefox gains in popularity, expect that the number of exploits aimed towards it will continue to rise.

That being said, the nice thing about firefox (and OSS), is that lots of eyeballs can look at, and fix, the code in a timely manner.

Re:Hit the Nail on the Head

[jedidiah]

No, the greatest thing about Firefox is that it exists for the benefit of it's end users. This means that it is far more likely that Firefox will be changed (and changed quickly) to suit end user requirements than IE.

If it turns out that there is some feature or technique that really should never be in a browser, we have some hope that Firefox would expunge it and do so quickly.

Obvious -1

[Nom+du+Keyboard]

I'd give this article an Obvious -1 simply because it is axiomatic, and everybody should have realized by now that There is no 'safe' web browser. Especially how after it was demonstrated that a Firefox exploit allowed infection of IE when IE itself would have blocked the malware site. Cute!

Integration with the OS is B-A-D.. BAD

[TheCeltic]

When a webbrowser is integrated with the OS, this greatly increases the ways a hacker can damage the system. Hence, while no browser is secure, one can is MORE secure simply because it is NOT woven into the OS. Of course, having updates frequently and being in more active development are good things as well.

Come on

[a_greer2005]

The problem is ignorant users, the headline is like saying "THERE IS NO SAFE CAR" of cource no car is safe when you dont buckle up, drive 120MPH and swirve, but when proper precautions are taken, I dare say a Lexus is safer than a Pinto.
Browsers can be totaly safe, as much as I hate to say it, IE can be pretty safe too. just follow these rules:
1:USE A FIREWALL
2: update your browser
3:disable ActiveX, any site that uses it is a site you should learn to live without.
4: (the one most often broken) DONT CLICK YES ALL THE TIME, warnings are there for a reason.
5: Dont DL and run STUPID executables

Most Browsers do a decent job of protecting you fron the bad stuff, but NOTHING can protect you from yourself, short of cutting the cable, and if you do that, dont run with scisors

Re:Dictionary Security Definition

[Tenebrious1]

While I understand the point that Mr. Sheets is making, however, I disagree with his definition of safe.

I have Firefox on a computer, and it's 100% safe. I have IE loaded on that machine, heck it's unpatched Win2K, and even that's 100% safe. The reason it's "safe" is because the power supply died a few months ago and I haven't been able to turn it on.

So in this case, 100% safe = 0% usability. Which doesn't help me much, there has to be some acceptable level of "safe" that corresponds to a high level of usability, and that's where Firefox wins over IE.

Re:Lynx is safe

[sp0rk173]

Well, if you're moderating posts based on the content within the story thread, it seems illogical. However, if you're moderating based on the attitudes prevalent in the community, then it's perfectly reasonable to mod redundant a comment that is so common-place and uninsightful that it is a predictable response, bound to turn up more than 10 times in the thread. I would classify "use lynx!!1!!1one!1" as such a comment. This place is full of parrots, so i'm down with the community-centric moderation model. Plus it's fun to watch people bitch about moderation.

I don't think you understand economics

[geekee]

"Market forces of the sheer user base would dictate that if this were not so, more spyware would have been ported to Firefox by now. 25 million downloads, right? That's a sizable chunk for any malware vendor, or aspiring intruder, to infiltrate."

If 1 hack hits 90% of the market, spending more money to get a hack for the rest may not be worth the effort even if Firefox has as many holes as IE. Simple economics.

I use

Konqueror mostly, Mozilla on ocassion, Firefox on lesser occasions. I tend to like the swiss army knife abilities of konqueror (ftp, fish, far better tab control than Firefox without installing extensions, overall integration with kde, etc) over Mozilla and Firefox. I guess I pick Mozilla over Firefox because of composer and I'm just used to Mozilla a lot more than Firefox simply due to familiarity and length of use.

What I can state is that since I've been using Konqueror (khtml, like Apple's browser) on Linux, I've never had an issue with spyware or adware. Never. I've never had a problem with security, even though there have been security alerts for konqueror as well as the other browsers. Konqueror makes it simple to surf without images turned on (one button click on top of window without going into drop down boxes to turn images on), makes it simple to surf without javascript turned on (simple and fast two step process to turn it on for a web site, can specify in settings which web sites to turn on javascript by default if needed regularly), and makes it a satisfying all-around experience in using the web.

I help adjust/maintain/bugfix windows for another user and I just can't understand how windows users can possibly put up with the spyware/adware. Taking a look at server logs, I can't believe how many people's browsers are infected with FunWeb, something else "Fun", and other spyware.

If you are a windows user, do yourself a favor and visit a friend's website (after alerting them) and ask them to send you a copy of the log entry from your visit. If your browser is infected with spyware, it just may show up as part of the browser identifier.

The ability of spyware/adware to infect a windows computer is a serious security problem. If you've been infected, you are running a system that is insecure. Please re-read that last sentence. If you've been infected with spyware/adware, you are running a system that is insecure.

Re:OS's in the same boat?

[Durandal64]

I would be willing to wager a very large bet that if Mac OS X was the industry leader there would be the same difficulties with viruses, and other criminal activities that are currently associated with Microsoft's products.

I'd take that bet, and I'd win. Here's why. Windows happens to be in the precarious condition of being both the most popular operating system and being poorly-designed. Samba services are on by default, meaning that the user is automatically vulnerable to worms that propagate through the Samba service. This is why a machine with a fresh Windows install can be infected with a worm within minutes of connecting to the Internet. This was a huge problem on my campus a couple years back at the beginning of the semester. Blaster was hammering away at everything, and even the machines that were wiped got infected with it as soon as they were connected back to the Internet.

Why would this not happen (or at least happen far less frequently) on OS X? Because none of the services are enabled by default. Samba, AFP, SSH, Apache, everything is off. In order to infect a Mac OS X machine, it would take more social engineering than to infect a Windows machine. A Mac OS X user, to really, really do harm to the entire system, has to be tricked into entering his administrator password, even if he is logged in as an administrator.

Microsoft has acknowledged this flaw. They want to transition users to a model of the lowest possible privilege assignment. If a user doesn't need to be an administrator, he shouldn't be. Unfortunately, as Microsoft has also acknowledged, there is too much poorly-designed Windows software that won't run unless the user is an administrator (even though the software does nothing that requires administrative privileges ... it may just be storing its preferences in a weird way) to make such a transition in the short-term possible. This is a direct consequence of the design choices Microsoft made with Windows and their encouragement of developers to write easy software first, secure software second.

In Mac OS X, software installers must acquire administrative rights by getting the user to authenticate as an admin if they want to write to anything that isn't in the current user's space. Apple encourages developers to avoid having the user authenticate authenticate at all costs and to only attempt to gain admin privileges if absolutely necessary. That is smart design, and since it's been that way since 10.0, there aren't very many applications that absolutely require an administrator for no reason.

I'll go even further.

[khasim]

The implication of this article stems in the absolutes of security: can it ward off intruders or not. This is a flawed approach, and while seemingly a logical one, denounces another reality of this level of breach: the lion's share of these breaches are not of the most malicious sort (read: that stupid data miner which causes popups, search bars from hell, etc).

The FIRST aspect of "security" is limiting the avenues of attack. You sort of touched on that, but I'll say it explicitly.

If FireFox doesn't run ActiveX, then that is one avenue that is NOT available for an attack.

As others have pointed out, lynx is very secure and that is because it completely blocks so many avenues of attack.

One must acknowledge the reality of security by statistics alongside security by absolutes.

Exactly. Now, from TFA:

As law enforcement officers will tell you, crime finds you if it wants you bad enough, no matter what preventative measures you take.

If they say that, then they are wrong.

Look at the typical junkie on the street. He's be happy to rob a bank. But the bank's security system is beyond his capabilities to SUCCESSFULLY attack.

So he picks easier targets with LOWER payoffs (mugging pedestrians).

Which brings me to the SECOND aspect of security: Build the defenses on the available avenues to defeat the attacks.

Sure, there are criminals out there who can pick any lock and defeat any alarm system. But they are very few and very far between. The odds that you, specifically, will be targetted by one of them is less than the odds of you winning the lottery.

So, contrary to what TFA says, crime will NOT find you if it wants you bad enough. It has to want you bad enough AND be intelligent enough AND be skilled enough.

But the vast majority of criminals have an Achilles' heel: They prefer convenience to challenge.

Sort of. More accurately, they're lazy. The "vast majority" will NOT spend time and effort to learn how to bypass alarm systems. If there's an easier target, they'll go for it.

If your (and your neighbor's) defenses are more than they can bypass, they'll leave the area.

For now, it's more convenient for them to pick on Internet Explorer.

No. While it is more "convenient", that is NOT the reason that IE is subject to all the attacks.

The reason is that the level of skill/intelligence required to successfully attack IE is SO VERY LOW. ANYONE with a bit of programming skill can write an exploit for IE.

Sure, any junkie can get a knife, and a knife is good enough for a mugging. But that knife isn't going to get you very far in a bank robbery.

Clearly, hackers wouldn't be so successful if they didn't have so many potential targets.

Again, it isn't about the POTENTIAL targets.

It's all about the AVAILABLE targets in your SKILL RANGE.

Of course, it's up to software makers to hold up their end, too. But they're no less susceptible to market forces, deadlines and bureaucracy than anyone else.

Which is why Open Source has such a great security rep. There aren't any market forces or deadlines to deal with. It's ready when it is ready.

Mistakes happen. Hacking happens. To assume you won't fall prey to either fairly begs for trouble.

This gets back to your statement on statistics and "the absolutes of security".

Sure, my system is vulnerable.
An attacker has to get to Seattle.
And into the office building.
And disable the cameras.
And disable the alarm system.
And break into the office.
And blow the server room door.
And then steal the server.

I'm not losing any sleep.

Of the thousands of computer viruses now available, most ar