Slashdot Mirror
IE 9 Beats Other Browsers at Blocking Malicious Content
Orome1 writes with an article in Net Security. From the article: "Microsoft's Internet Explorer 9 has proved once again to be the best choice when it comes to catching attacks aimed at making the user download Web-based malware. This claim was made by NSS Labs in the recently released results (PDF) of a test conducted globally from May 27 through June 10 of the current year, which saw five of the most popular Web browsers pitted against each other. Windows Internet Explorer 9, Google Chrome 12, Mozilla Firefox 4, Apple Safari 5, and Opera 11 were tested with 1,188 malicious URLs — links that lead to a download that delivers a malicious payload or to a website hosting malware links."
How secure can Emacs be with all that malicious Lisp code floating around?
Hail Eris, full of mischief...
E pluribus sanguinem
This report was produced as part of NSS Labs’ independent testing information services.
Leading vendors were invited to participate fully at no cost, and NSS Labs received no
vendor funding to produce this report.
Firefox still does not have a sandbox in place. That right there is a severe problem. Especially as Firefox is *the* browser with most vulnerabilities. The only thing Mozilla has going for Firefox security is that they are really fast to patch once a vulnerability has become known.
Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
Prediction:
The results are favorable to Microsoft, so there will be a ton of skepticism, investigation, and outright dismissal. However, when studies favorable to this particular community's ideologies are announced, none of that occurs, even though the same kinds of skepticism can and should be applied.
I almost believed this story, then, with my superior intelligence (as shown by my browser, Opera) I realized that this story is probably pulled out someone's ass.
MSIE got the highest "malware detection rate" because they used it in a mode where nearly every page is marked as "dangerous". It had the highest detection rate but also the highest false positive rate.
If I sit at the airport saying "that plane is going to crash" for every plane that takes off, and eventually get it right, that doesn't mean I'm able to predict which planes are going to crash (even though I got "100% of the crashes" right)...
Yep. Mostly because Microsoft has a history of purchasing favourable "findings" from "independent" "research" firms.
Kind of. The process and parameters should always be checked. But the other browsers do not have a history of their parent companies purchasing favourable "findings".
It's called "learning from experience".
There is no reason to forget every past instance when evaluating a new instance. Quite the opposite, in fact.
Of course, when your methodology is that only the bare browser configuration is allowed (e.g., no AdBlockPlus, no NoScript) and you carefully select the malware URLs (obtained from "honey pot" email addresses and then filtered, and then "prune out non-conforming URLs" -- without fully specifying what made them non-conforming) *and* require the malware URLs to be live for at least 6 consecutive hours it gets a lot easier to massage the results. To further exaggerate results not only does a "hit" increase the score but a "miss" decreases it to magnify the difference.
This is the same song as they sang about IE8 with the same, predictable, results. Microsoft didn't pay them a wad of money for this study for nothing.
Frankly, the page itself screams bias with the line "has proved once again". I don't recall this being proved in the past, but hey, I try to be open minded. So I threw NSS labs into google, and immediately turned up:
http://www.thetechherald.com/article.php/200912/3268/Can-you-trust-the-NSS-Labs-report-touting-the-benefits-of-IE8
So apparently they tested IE8 and thought it was awesomesauce. Uhm, ok... I thought IE8 wasn't completely terrible but I wouldn't say it was good. That link seems to think NSS might be a microsoft shill. But ok, I like to be open minded. Let's keep looking. Going down the first page of my google search:
Firewall Vendors Challenge Findings of NSS Labs Report | PCWorld
Haavard - Malware report from NSS Labs manipulates statistics?
Google Responds to NSS Labs Browser Security Report | News
A recent test by NSS Labs gave a near-perfect score to Internet Explorer 9 beta and very poor marks to Chrome and other browsers.
So uhm... yeah... at first glance, I'd say treating them with some skepticism seems more than warranted here.
Yet again another M$ sponsored study makes IE look better by using an ancient version of Firefox. FF4 is like way out of date. How dare they make such claims.
They also made a few technical errors in the report, at least surrounding Opera. At one point, they list "Opera 10" as having 6.1% block rate, yet earlier in the report they list that as the rate for Opera 11 and Opera 10's rate as 0.00%. That, combined with the absolutely gushing praise for IE9 and its App block (or w/e they call it) filter lead me to suspect quite strongly that this is just another MS paid add by an "independent" (i.e. not directly MS-owned) company.
No technical examination of any other browser's malware blocking was mentioned. Nor did they seem to do any testing of add-ons or extensions. I imagine Add-block alone probably blocks many malicious sites. Oh, and no list of URL's tested was given. Even if this wasn't horribly biased (which I doubt), it was terribly conducted technically speaking.
"None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
I don't know, but I use my PIN number at the ATM machine all the time now!
Karnal
1) The false positive rate of IE is very high. It should be obvious that if you give a lot of false warnings, users will disable or ignore the feature, making it worthless. IE already warns if you download something uncommon, for crying out loud.
2) This "cloud based protection", tracking, among other things, popular downloads, means that info about visited URLs gets sent to Microsoft. There are privacy issues with such a system.
...and I respectfully ask: Who cares?
The study is comparing the latest released versions of the major browsers to show who can handle current threats. IMHO if you are still using an outdated browser then you have no right to feel all warm and fuzzy with your security.
Step 1: Upgrade to latest version of browser of your choice.
Step 2: THEN decide if this study gives you reason to want to switch to IE (of said latest version)
I predict you didn't RTFA and are doing exactly what Parent said only trying to sound smarter about it.
The choice is quite interesting ... Opera 11 dates back to 16.12.2010 and Safari 5 to 17.6.2010.
Mozilla Firefox v4 entered the "end of life" on May 25, 2011.
Chrome 12 dates back to 07.06.2011, but that's v12.0.742.
Without proper version numbers all those tests are at least dubious.
Sent as ripples into the electromagnetic field. No single photon has been harmed in the process.
I'm fairly sure both Firefox and Chrome are the safest browsers out there
Well shit, man, what the hell are you doing? Have you contacted the authors of the study to inform them that you are "fairly sure"? I'm sure this is information that will be useful to them. All they have now are one thousand, one hundred and eighty-eight data points for each of five browsers, I doubt they even allowed themselves to dream that you would be "fairly sure" about what they were trying to study. I'm fairly sure that they only reason they didn't contact you first to get your input was because they never dreamed it possible.
especially if you use Adblock and NoScript
Don't look now, Sport, but AdBlock and NoScript aren't part of Firefox. I know this because my installation of Firefox doesn't include either of them. If Mozilla wants to enjoy the benefits of those extensions for studies like this one then they should merge them into the trunk. Any respectable study should test the vanilla browser as it ships from the vendor, without changing any defaults.
It should be zero surprise to anyone that Microsoft puts a heavy focus on security for IE9+. Microsoft has been hammered for a long time about IE's poor security, if there's any single browser vendor that would put a disproportionate amount of development work into security features, it's Microsoft. Hell, that's probably why they still lack support in other areas.
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
I am sorry, I don't live in America so I can't follow your lack of culture or your references. Never did I say, by the way, that Microsoft was to be blamed. I merely pointed an obvious fallacy in Bonch's arguments. Unlike you, though, I'm not an Anonymous Coward. I also loved the way you showed how you hate Christians and Jews. Fine with me, I'm an atheist, but I'm sure you have valid reasons for being a tiny dick lover.
Have you heard about SoylentNews?
Apparently on Slahsdot, the scientific method has no merit when the result favors Microsoft somehow.
Forget that these tests are repeatable, and can be independently conducted and verified most of the "OMG M$ SPONSORED MICROSOFT FAKE STUDY = ADVERT" crowd ignores this fact.
How do you know how much M$ paid these people, anyways? Prove it. Like, with pictures. Better yet, maybe some shredded invoice numbers and accounting figures from M$ headquarters trash dumpsters? Seriously some of these claims are so paranoid and out of line with reality one wonders if some of the postsers are not just some psycho homeless people happening upon an open laptop at starbucks.