Slashdot Mirror
IE 9 Beats Other Browsers at Blocking Malicious Content
Orome1 writes with an article in Net Security. From the article: "Microsoft's Internet Explorer 9 has proved once again to be the best choice when it comes to catching attacks aimed at making the user download Web-based malware. This claim was made by NSS Labs in the recently released results (PDF) of a test conducted globally from May 27 through June 10 of the current year, which saw five of the most popular Web browsers pitted against each other. Windows Internet Explorer 9, Google Chrome 12, Mozilla Firefox 4, Apple Safari 5, and Opera 11 were tested with 1,188 malicious URLs — links that lead to a download that delivers a malicious payload or to a website hosting malware links."
I'm fairly sure both Firefox and Chrome are the safest browsers out there, especially if you use Adblock and NoScript. GOOG has done a remarkable job in making their browser as secure as it can be, with autoupdating, sandboxing and different processes for tabs. They also bundle their own fixed Flash version that updates itself automatically. Microsoft should stop paying for these fake studies.
You could say it's beating off the competition.
This rock beats IE9 at blocking all malicious content. You plug your keyboard, mouse, and monitor into it and I guarantee, you will see NO malicious content.
"has proved once again"
uh-huhhhhhhhh....
Lynx is safer still. Some of the browsers for Emacs are fairly secure, too.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
This report was produced as part of NSS Labs’ independent testing information services.
Leading vendors were invited to participate fully at no cost, and NSS Labs received no
vendor funding to produce this report.
Firefox still does not have a sandbox in place. That right there is a severe problem. Especially as Firefox is *the* browser with most vulnerabilities. The only thing Mozilla has going for Firefox security is that they are really fast to patch once a vulnerability has become known.
Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
That is all.
The dangers of knowledge trigger emotional distress in human beings.
I almost believed this story, then, with my superior intelligence (as shown by my browser, Opera) I realized that this story is probably pulled out someone's ass.
It would be HELPFUL if IE9 showed the transfer rate on a download. It didn't when I tried it a while back, and I'm not especially eager about downloading it again to see. Firefox for me it is.
And what or who has installed IE9 to begin first? Whos so crazy to navigate internet with a IE explorer?
-Woof woof woof!
MSIE got the highest "malware detection rate" because they used it in a mode where nearly every page is marked as "dangerous". It had the highest detection rate but also the highest false positive rate.
If I sit at the airport saying "that plane is going to crash" for every plane that takes off, and eventually get it right, that doesn't mean I'm able to predict which planes are going to crash (even though I got "100% of the crashes" right)...
subject
Please, NSS Labs is just another Microsoft shill organization. Check out what they did for Explorer 8.
They found IE9 to be the best choice to defend against attacks aimed at IE9. Other browsers where found to be severely lacking in in defending against attacks aimed at IE9.
Yep. Mostly because Microsoft has a history of purchasing favourable "findings" from "independent" "research" firms.
Kind of. The process and parameters should always be checked. But the other browsers do not have a history of their parent companies purchasing favourable "findings".
It's called "learning from experience".
There is no reason to forget every past instance when evaluating a new instance. Quite the opposite, in fact.
>catching attacks aimed at making the user download Web-based malware
so what it compares is how stupid the company views the end-user....and i would like to see a comparison of what site Microsoft blocks as 'malicious' to what other browsers block
I could have sworn that Firefox and Chrome both used the same list of websites from Google. If so, how did the applications vary so much? Something else must be going on.
... when you are the one providing it to the company testing you.
Of course, when your methodology is that only the bare browser configuration is allowed (e.g., no AdBlockPlus, no NoScript) and you carefully select the malware URLs (obtained from "honey pot" email addresses and then filtered, and then "prune out non-conforming URLs" -- without fully specifying what made them non-conforming) *and* require the malware URLs to be live for at least 6 consecutive hours it gets a lot easier to massage the results. To further exaggerate results not only does a "hit" increase the score but a "miss" decreases it to magnify the difference.
This is the same song as they sang about IE8 with the same, predictable, results. Microsoft didn't pay them a wad of money for this study for nothing.
IE's idiot mode where it tells you "I'm sorry, Dave, I'm afraid I can't do that" might be better at keeping users off bad websites than other browsers, okay.
Give me a study that shows the actual infection rate once you've visited the site; I'm betting that the scores would look different then.
Wrong question with "firefox is better", etc etc. The real question is, who the hell uses IE9 in the first place?
I dont' care how good it is at "blocking malicious content" if the underlying OS is still completely unsafe, which is due to what consumers put on their PC's.
End result = IE9 could be bulletproof and the OS will still be pwned a million times over.
IE 9 does not work with XP-the most used OS in the world.
Well IE9 HAS to be the best at "catching attacks aimed at making the user download Web-based malware".
That's because only the most stupid web user (read: the most stupid 50%) click banners which go "OMG YOU MUST MAKE YOU COMPUTER FAST AND NOT HAVE VIRUZES NAO!". And yes...they are using Internet Explorer, because quite frankly, they aren't smart enough to spot that Chrome/Firefox are better than IE.
No kitty, this is my pot pie!
Yet again another M$ sponsored study makes IE look better by using an ancient version of Firefox. FF4 is like way out of date. How dare they make such claims.
OSX IS BETTER /thread
block as many things as you can. i wonder how many legitimate sites were caught in those blockings. why not block it altogether and only allow microsoft or orher corporate sites ? - wait - there could still be xss attacks.
ps : the typo r in the word 'other' is intentional. i bet a lot of you grammar nazis went berserk in the duration of one and a half sentence in between that word and this disclaimer.
message : grammar nazism is bad for your health. content over form. yadda yadda. grow up.
Read radical news here
1) The false positive rate of IE is very high. It should be obvious that if you give a lot of false warnings, users will disable or ignore the feature, making it worthless. IE already warns if you download something uncommon, for crying out loud.
2) This "cloud based protection", tracking, among other things, popular downloads, means that info about visited URLs gets sent to Microsoft. There are privacy issues with such a system.
You try delivering malware through all those Javascript and CSS compatibility issues.
Wrong question with "firefox is better", etc etc. The real question is, who the hell uses IE9 in the first place?
About 7 in 10 Windows 7 users in the states.
As we've mentioned before, Microsoft skipped XP support for Internet Explorer 9 in order to compete more effectively on Windows 7. In July on Windows 7, Internet Explorer 9 hit 18.5% share worldwide and 24.8% in the United States. There are indications that this strategy is working. Although Internet Explorer lost usage share on XP, on Windows 7, Microsoft increased global usage share, going from 54.6% in June to 54.8% in July. And in the U.S., Internet Explorer share on Windows 7 grew 0.6% to 68.1%.
Browser Wars [August 1, 2011]
I dont' care how good it is at "blocking malicious content" if the underlying OS is still completely unsafe, which is due to what consumers put on their PC's.
Unpatched 0%
Vendor Patch 100%
Microsoft Windows 7 Solution Status (Based on 28 advisories from 2011)
The choice is quite interesting ... Opera 11 dates back to 16.12.2010 and Safari 5 to 17.6.2010.
Mozilla Firefox v4 entered the "end of life" on May 25, 2011.
Chrome 12 dates back to 07.06.2011, but that's v12.0.742.
Without proper version numbers all those tests are at least dubious.
Sent as ripples into the electromagnetic field. No single photon has been harmed in the process.
Is IE9 safer than Firefox + NoScript running on a non-Windows operating system that's less targeted by malware authors?
It doesn't hurt, and IE 9 has no free foundations, so I can't really accept it. Firefox works just fine, as does Chromium, under Ubuntu. Under Windoze I use FF also. IE just isn't relevant anymore. Microsoft should GPL the source of IE... then it would be a real player in the browser market, but for now it is their pet and not mine, and they can keep it.
John_Chalisque
I'd like to see how Firefox + WOT perform in such a test.
While many browsers are base platforms that allow users the freedom to modify and extend as they, and the community, see fit, Microsoft targets its core user base (businesses and Mom & Dad) with an all-inclusive user portal to the world. IE9 deftly includes a reputation-based scoring and warning system that scored them huge points in this test. Firefox developers, OTOH, allow the community to provide such functionality, recognizing that it isn't for everyone and is better left to the community to provide add-ons like WOT (Web of Trust). To integrate such a service into the core browser would saddle the Mozilla Foundation with the need to maintain a cloud-based service to support it.
BTW, NSS claims that their work is no longer vendor-funded: http://www.networkworld.com/news/2009/091009-nss-labs-independent-testing.html Who, then is footing the bill for this "free" study & report, when all of their neutral studies are non-free?
S.T.F.U.
You have no credibility in the matter. In fact, you are completely wrong. I use IE9 on a daily basis (and as my main browser), and I don't get any false positives. I have only gotten a few where it says I shouldn't download the file and that's simply because it doesn't have a digital signature attached (on executables).
So stop whining because IE won fair and square. Other places have determined essentially the same results as well. Go search it.
Essentials:
NoScript
Greasemonkey
Tor
Useful:
bugmenot
betterprivacy
I don't think IE9 is capable of reproducing anything except the Tor button listed above, and in terms of security these add-ons make a world of difference.
Here's the downside, mom & pop have no idea what I'm talking about here, and most require technical knowledge. So in customization vs. practically, the latter tends to win, so I guess I can only agree with the article 50%, and blame the other 50 on ignorance.
Did anyone bother fixing the obnoxious memory leak that doubles the browser's footprint every 30 minutes?
Two of my imaginary friends reproduced once
I think IE9 is malicious content...
Do you have ESP?
If Google Chrome was found to be the best at blocking malicious content, no one would doubt this study.
There is no reason why Microsoft can't have the safest browser on the market. If the Microsoft was smart, they would invest heavily in security to undo the years of damage IE6 caused to its reputation.
This still could be a flawed study, but people shouldn't be so quick to judge just because Microsoft is the winner.
Apparently on Slahsdot, the scientific method has no merit when the result favors Microsoft somehow.
Forget that these tests are repeatable, and can be independently conducted and verified most of the "OMG M$ SPONSORED MICROSOFT FAKE STUDY = ADVERT" crowd ignores this fact.
How do you know how much M$ paid these people, anyways? Prove it. Like, with pictures. Better yet, maybe some shredded invoice numbers and accounting figures from M$ headquarters trash dumpsters? Seriously some of these claims are so paranoid and out of line with reality one wonders if some of the postsers are not just some psycho homeless people happening upon an open laptop at starbucks.
There was a time when a headline like this never would have made the front page of slashdot. It's because of this kind of thing that I only come back to slashdot on the rare occasion that I have run out of other things to read on the internet. And what's this? Addthis.com showing up in noscript? Please, bring back the quality!
The study was just concerned with links which prompt you to DL/install something malicious. Of course IE wins: it's the only browser with a built-in link check which validates the links you're going to with MS's servers.
Or, alternatively, you could just not install malware, that would work too. The study is kinda valid, though; if you're too dumb to not install/run random junk from suspicious sites online, you should probably be using something which blocks them for you, IE SmartScreen, anti-"virus" app, or otherwise.
I prefer IE over Mozilla, and Chrome. I find it somewhat more intiutive than firefox and omg much intiutive than Chrome. Chrome seems faster at displaying video somewhat but a lot of websites don't seem to fully support Chrome from my experience.
Can NSS define a "malicious URL"? It appears to be based on website reputation. However, do these so called "malicious URLs" achieve installing malware on other browsers?
.exe file they come across on the web... but the only real solution there is education.
It seems that Microsoft is trying to win by tracking the entire web for malware, and basing its protection on that. That doesn't exactly signify a "secure product".
I suppose it might prevent users from installing every ActiveX and
"Microsoft's Internet Explorer 9 has proved once again to be the best choice when it comes to catching attacks..."
Is that "Catching" like "Aha! I caught that wascawy wabbit" or is it "Catch" like "If I connect this PC to the internet for a couple minutes without loads of anti-virus protection and a beefy firewall, IE will catch something really nasty..." or even "Catch" like "A filter on a drain, a low place where nasty things tend to accumulate...". Because inquiring minds want to know!.
This isn't to say that IE9 isn't a lovely product, but if you're going to tout it, you might want to say it in a way that makes people clear about what you're saying at first glance. Just a suggestion :-)
Important question.
FireFox is a platform where we have these things called addons.
NoScript prompts you before running any piece of Javascript, classified by the site it came from.
if its that good, well i simply cant wait to compile it .. anyone know where i can get the source ?
"Microsoft's Internet Explorer 9 has proved once again to be the best choice when it comes to catching attacks aimed at making the user download Web-based malware .. Windows Internet Explorer 9 (IE9) caught an exceptional 99.2% of live threats: .. Google Chrome 12 caught 13.2%5" link
Once these attacks got past protections what damage did the 0.80% of malware that got past IE9, do to the underlying Operating System and what were the effects of the 86.8% of malware that got past Chrome running on Ubuntu? And why is slashdot giving this self serving BS space on its website?
"All tested browser software was installed on identical virtual machines with the following specifications: Microsoft Windows 7, 1GB RAM, 20GB hard drive"
In the interests of balance shouldn't they also publish the results of these browser tests running under Apple and Linux?.
But wise Slashdot sez:
There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.
(translated: you stoopid dinosaur, you refuse to enjoy the boons of The Webz 2.0 [or was it 5.0?]. Then at least enable cookies or what).
Sorry, folks. I still prefer to enjoy the Web in black-and-white and with mono sound.
Ok I jest but seriously, FF 4 was current until about a month and a half ago. That a study was using it is unsurprising, it probably was current when they set up the study.
The article can be better summarized with the following:
"Current version of browser X is better than old, outdated version of browser Y. Film at Eleven."
One methodology could be to test the last 3 versions of a browser - IE6-9, FF3-5, Opera 10 & above and so on. But one assumption here is that the latest version of any browser would have the maxumum #fixes, since it would have all the cumulative fixes of predecessors, plus the new ones. So naturally IE9, FF5 and other latest versions would have the latest & greatest security fixes. Since they were measuring which browser did the best job in blocking the maximum # malicious URLs - 1188 of them - it's irrelevant how many of those copies are out in public. There could be a browser that has only 1 user, but if it blocked all 1188 of them, it would be better than IE9 or Chrome. So the fact that IE9 doesn't run on XP, or that IE7 would be the most popular on XP, is tangential to whether IE9 is more secure or not.
IMPERVIOUS to scripted attacks (especially if foisted on the end-user via javascript, plugins, iframes, & even cookies): It's Opera's "Site Preferences" feature!
Here, I set all of those items globally, to DISABLED status... & I only turn them on for sites that absolutely NEED them (think ecommerce sites & ones that NEED database scripted access for example, or ones that need plugins, like YouTube - For a couple quick examples) enabled...
(Thus, lessening potential for attack surfaces available to scripted or malicious plugin style attacks, or those embedded in iframes etc./et al).
* Between THAT, & using HOSTS files to blockout 1,556,420++ KNOWN bad sites/servers/hosts-domains that either serve up malicious scripts or malwares, botnet C&C servers, bogus/rogue DNS servers + more, alongside firewalls (both in software &/or hardware routers here) to blockout attacks/malware-in-general via IP address (vs. host-domain names which HOSTS files handle in "layered-security"/"defense-in-depth" fashion supplementing firewalls doing both IP addresses + HOST/DOMAIN names as well), which operates FAR FASTER & MORE EFFICIENTLY THAN DO USERMODE/RING3/RPL 3 BROWSER ADDON SOLUTIONS (because HOSTS are a filter for the IP Stack, which operates in Ring 0/RPL 0/kernelmode (usually PnP design nowadays too on most all OS of modern design as well))?
Yes... I am TRULY very nearly "impervious" here!
(Simply because the only OTHER real way "into my system" for an attacker, & via a webbrowser? Would be a flaw in the browser's code being exploited, & keeping up on updates for security to them &/or my Operating System (Windows 7 64-bit) does the rest...).
By the way, some "FYI": IE9 has a nice new feature too called "TPL"'s you all may wish to look into also -> http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ ...
Opera has an analog called urlfilter.ini/filter.ini that does the same as well (there are sources for those online also that populate them vs. attack, & iirc, SpyBot "Search & Destroy" fortifies this "automagically" for a user as well).
Firefox has a similar "internal to browser" blocklist feature as well!
FireFox also has "NoScript" which functions a BIT better than Opera's "By Site Preferences" (which globally disables scripting wholesale on a site's pages, whereas NoScript can do so "by source item" on each page IF needed - not really "superior", just more "granular" is all).
Chrome has a "sandbox" feature which is nice, because even IF you "suck in" a malware, it technically can only operate within said 'sandbox' & not hose your OS... but, sandbox features have been known to be broken (e.g. -> chroot jail breaks for 1 example thereof).
HOWEVER: Does my "browser 'weapon-of-choice'" have room for improvements? Sure, & some areas come from ideas from OTHER browsers (lord knows they've copied enough of Opera's featureset over time via addons or just blatantly ripping them off from Opera)
I'd like to see Opera have the following features added:
---
1.) Sandboxing like Chrome
2.) A native 64-bit build for Windows
3.) Something a bit more "granular" than bysite prefs for Javascript &/or iframes + plugins...
---
HOWEVER, & overall?
Well - Because Opera has "by site preferences" & HOW I use it (again - e.g.: All features are globally OFF, & only turned on where a site DEMANDS them)?
Well - thus, I am very, Very, VERY SAFE online (because what I cannot touch, cannot hurt me! Simplest principle of all really...).
APK
P.S.=>
"Opera 11 caught 6.1% of the live threats, providing considerably less protection against .PDF FILE, titled
socially-engineered malware than the other browsers tested." - SOURCE ARTICLE
almost no-one uses it?
and should be treated as such. There isn't any reason to continue talking about this dinosaur of a browser. :)
MS could test their IE6 against FF4, and than get surprised again.
Microsoft paid some mother suckers to conduct this study! Take this down Slashdot! That's like Apple saying OS X is the most secure, advanced OS in the world - It is....compared to Windows 3.11.....LOL!
NSS Labs was the one that posted a "study" about IE8 back in 2009, claiming how it was the new hotness in security. Microsoft even said they had sponsored the company.
http://arstechnica.com/microsoft/news/2009/08/microsoft-sponsors-two-nss-reports-ie8-is-the-most-secure.ars