Windows 10 Informs Chrome and Firefox Users That Edge is 'Safer'

An anonymous reader shares a VentureBeat report:Microsoft has turned on a new set of Windows Tips that inform Chrome and Firefox users on Windows 10 that Edge is a "safer" browser. We reached out to Microsoft to find out how long this latest recommendation has been active. "This wave of Windows Tips for Windows 10 users began in early November," a Microsoft spokesperson told VentureBeat. If this sounds familiar, that's because Microsoft turned on similar Windows 10 tips back in July, warning Chrome/Firefox users about battery drain and then recommending Edge instead.

Safer this week

[OffTheLip]

but over time the MSFT security track record is not so good. Thanks but I will pass.

Re:Safer this week

Yeah bullshit. Those devices are being owned not by flaws but by default passwords. Try again.

Re:Safer this week

[nine-times]

To me, that's entirely beside the point. I manage a bunch of Windows 10 machines, and I've told the users to use Chrome (for a variety of reasons). Not Microsoft is going to send out a "tip" saying that Edge is "safer"?

Fuck off, Microsoft. I don't want you to give my users tips. I have to set a policy for which browser people should use, and I don't need you undermining that with your propaganda.

Re:Safer this week

[fibonacci8]

Think of it like all the other Microsoft hints, job security for those that fix or repair machines for others.

Re:Safer this week

[mlts]

I used to do that, but I prefer browsing in VMs, just so if something escapes one browser, it can't do much, and a snapshot rollback instantly fixes all damage.

Browser-wise, I would give Chrome the nod (although it doesn't have NoScript-like functionality) because of how it runs Flash and other items in separate VMs, limiting the context a compromised add-on can damage. Add uBlock Origin and Tampermonkey, and this does an adequate job at dealing with malvertising.

In my experience, blocking ads does a lot more for security than almost any AV utility. AV utilities are stymied by 0-days. Ad blockers don't care how old the exploit is... if it can't load through an ad server, it doesn't run.

Re:Safer this week

[Man+On+Pink+Corner]

In the brave new world according to Microsoft: they're not "your users."

Not anymore.

Re:Safer this week

No, not so much.

Re:Safer this week

[Qzukk]

If you're just trying to isolate your sessions and you're not worrying about other programs installed locally screwing with them (hi, Ask toolbar!), then you can use Firefox's profile manager to run different Firefox processes from different profiles (firefox.exe -p -no-remote). I believe you'll have to reinstall/reconfigure your plugins in each profile you use, but each will have a completely separate cookie jar, history, etc. If you're willing to risk it, nightly builds have a new feature called "Container Tabs" that is supposed to provide session isolation within a single process more on that here.

The beauty of VM-type isolation is that unless you're important enough for someone to burn a VM escape exploit on, everything you do is completely unaware of everything else you're doing. So you can install crap in VMs, and that crap can't install toolbars or "helpers" in your browsers, or a remote-access exploit for Firefox running in one VM can't give access to any other Firefoxes in other VMs.

Re:Safer this week

[espenskaufel]

Unless you are a tyrant, they should be allowed to choose for them self what they want to use. Besides google.com, gmail and google+ says they should use Chrome, so it evens out...

Re:Safer this week

[CaptainDork]

This whole IoT security stuff is bullshit.

Default passwords should be burners with installation halting until a human changes the password.

How many of us have Googled "default password for (insert router model)?

Re:Safer this week

[nine-times]

Unless you are a tyrant, they should be allowed to choose for them self what they want to use.

Nothing to do with being a tyrant. Businesses can decide what runs on business computers. But as a matter of fact, I don't block them from using Edge, I just tell the users to use Chrome instead. Which is exactly the problem here. Microsoft is telling my users that I'm lying, and telling them not to use the browser I'm telling them to use. That's seriously overstepping their bounds.

Besides google.com, gmail and google+ says they should use Chrome, so it evens out...

I'm not a huge fan of that either, but to be fair, it's very different. In one case, you have websites telling the people who choose to visit the site which browser the site is designed to work well on. In the other case, the OS is telling people to use a particular browser for no reason whatsoever, regardless of which sites they're visiting.

Re:Safer this week

[LinuxIsGarbage]

If you're just trying to isolate your sessions and you're not worrying about other programs installed locally screwing with them (hi, Ask toolbar!), then you can use Firefox's profile manager to run different Firefox processes from different profiles (firefox.exe -p -no-remote). I believe you'll have to reinstall/reconfigure your plugins in each profile you use, but each will have a completely separate cookie jar, history, etc.

It's frustrating that aside from "incognito mode" it's clunky and inconvenient to achieve this isolation. I looked at firefox profiles, but you'll have to install plugins to colour tabs, etc to differentiate the sessions.

Antitrust

Remember when just bundling Internet Explorer with the OS was enough reason to provoke an anti-trust response?

Re:Antitrust

[NatasRevol]

Remember when that response was a governmental 'meh'?

At least in the US.

Re: Antitrust

It's not hard to install another browser its something an average user is likely Capable of.

I think you're vastly overestimating the "average user." Many people aren't even aware of what a web browser is, it's just "the internet" to them.

Re: Antitrust

[Nunya666]

I honestly never understood that. It's not hard to install another browser its something an average user is likely capable of.

Perhaps, but history proves that users don't do what they don't have to do. A long time ago, MS automatically installed IE and enabled it as the default browser. Doing that killed Netscape because users no longer had to find a web browser. One already existed, albeit a sh*tty one, so most users used what was already there. Only techies looked for something better.

By giving MS a slap on the wrist for their shenanigans with IE, the U.S. government gave MS permission to do whatever they want to do. And they have kept doing whatever they wanted to do, resulting in the malware known as Win10.

Re: Antitrust

[swb]

I may be wrong, but I think some of the motivating factor early on was that MS browser bundling was basically a way for MS to kill web compatibility by not supporting standards and/or implementing their own standards.

I also seem to remember that at the time there was some vague notion of web + java replacing the operating system paradigm altogether by producing "universal" applications which would run in a browser, and this where the anti-trust aspect gained traction -- MS was using the browser "built in" to the OS to kill off this model to keep its operating system relevant.

Re: Antitrust

[Calydor]

Those worries were because there were realistic alternatives to the browser at the time. Not so much true for the desktop OS, at least from the average user's point of view.

Re: Antitrust

[BeerCat]

A long time ago, MS automatically installed IE and enabled it as the default browser. Doing that killed Netscape because users no longer had to find a web browser.

Even worse, MS claimed that the browser (IE 4.0) and the OS (Win 98) were so entwined that it would be "impossible" to uninstall the browser. And they were believed by the anti-trust lawyers, even though there was a hidden folder labelled "Uninstall IE4"

Re: Antitrust

[Impy+the+Impiuos+Imp]

And when a judge in Europe said "jail or unintertwine", they literally showed how it could be done with no months-long OS reprogramming required and just an uninstall. Imagine that.

Just like your non-replacable batteries in new cell phones are easily replacable socket batteries, just behind a sticker saying you violate warranty if you do so.

Re: Antitrust

[Zontar+The+Mindless]

Were you actually around then?

MSIE 3.0 was not better than any damn thing save maybe an Etch-a-Sketch. MSIE 3.0 *defined* "suck".

Abuse?

[networkBoy]

Not actually sure, but could this be considered as an abuse of position (monopolistic activity)?

Re:Abuse?

[networkBoy]

M: Yes, but I came here for an argument!!

A: OH! Oh! I'm sorry! This is abuse!

M: Oh! Oh I see!

A: Aha! No, you want room 12A, next door.

M: Oh...Sorry...

A: Not at all!

Re:Abuse?

[Zontar+The+Mindless]

And yet the Internet runs on the red-headed stepchild.

Impossible claim

It's impossible for MS browser to be "safer".

Why?

Because, they always have features intended for corporate IT deployments and similar which allow deep interaction with the underlying operating system. They cater to the needs of companies who think they need these kind of idiotic "features".

Just reminded of GWBush quote "Safer"

[rsborg]

Can't find the video, but this kind of message has the same tone.

The reality is that if you wanted to be statistically safer, in fact, you should use a Mac (if you can afford one) or a Chromebook.

Re:Just reminded of GWBush quote "Safer"

[smooth+wombat]

Bush said he protected this country. Tell it to the 3,000 dead on September 11th.

Re:Just reminded of GWBush quote "Safer"

[mrclevesque]

That's not how you find out that crime has been dropping for the past 30 years

Re:Just reminded of GWBush quote "Safer"

[hey!]

ISIS is taking a shellacking. Americans just don't realize it because we're not spending a trillion dollars and 4400 lives doing it. Mosul will probably fall before Trump takes office, and if Obama and Kerry can work out the problems with Turkey there's a good chance ISIS will be getting kicked out of its capital Raqqah as the new president takes office. This will destroy even the semblance of a claim to an ISIS caliphate since that requires holding territory.

And as for Al Qaeda... Al who?

Oh, and the destabilizing influences of energy dependency? US oil and gas production has soared under Obama's policies (much to the displeasure of his base) so that the US will be a net energy exporter this year for the first time since 1957. If Trump continues Obama's policies we'll be able to replace most of Russia's gas supply to our trading partners in Europe.

So yeah, I'll take "Obummer" on security over someone who was briefed a month in advance about 9/11 and dismissed it as CYA.

As for Orlando, a mass shootings of one sort of another are a regular event in the US. The last year we went without a mass shooting was 1995. Sometimes like this time it'll be Muslim nutjobs pledging allegiance to the flavor-of-the-month; but just as often it'll racists, misogynists, anti-gummint conspiracy theorists, or just plain apolitical nutjobs. Like always.

But here's the thing: we've decided essentially that mass shootings are rare enough we can live with them. Back in the 70s it used to be revolvers or hunting rifles with internal magazines. Now it's semi-automatics with big removable magazines, so the body count is higher. But statistically it's still rare enough that Amerians (rightly) treat these things as a negligible risk.

bridge

[dmbasso]

I'm the most trustworthy bridge seller, you're safer buying a bridge from me. Believe me!

Re:bridge

[fcis]

Hi Daniel, I hope my message finds you well. I know that this my sounds random, but did you write the .c3d file importer add-on for blender 3d software?

That's nothing, Edge will:

[mykepredko]

- Cure your acne
- Find you a gorgeous sexual partner
- Help you with your investments
- Bring the news of the world to you

All you need to do is Google It!

Er, maybe that's not the message Microsoft wants to give.

They picked the wrong name for their browser then

[JoeyRox]

"Edge" connotes the word edgy or edgier, which most would interpret as the opposite of safer.

The new standard for the OS: pushing crap & sp

[StandardCell]

It seems that those peddling your average mainstream OS these days are hellbent on pushing their views of the world on what is largely an unsuspecting and technically ignorant user base. Use Android? We'll spy on you wherever you go and push a bunch of ads for something you already bought yesterday. Use Windows? We'll create self-doubt in your choice of software to push you into our domain where we can collect information on you, and push ads on your start screen unless you jump through dozens of technical hoops. Use MacOS? We'll collect anything you do in Spotlight so we can "make our product better" for you.

Just like Farcebook and any other SaaS platform, the OS guys are trying real hard to squeeze a few extra dollars out of us users at the expense of users by making the user the product rather than the OS. That this happened with Edge in this case is merely another symptom of this greater problem. The /. crowd and people of similar technical capability can filter out this BS, but the average user will continually fall victim to this nonsense with no idea of the real consequences, both individually and for the overall browser market.

Safer How?

[sehlat]

Show me what is evaluated to define "safer" and show me the metrics. Without that, "safer" is just so much hot air.

Comparison of Common Vulnerabilities and Exposures

[Jon+Abbott]

Here are CVE details for each browser:

Edge: https://www.cvedetails.com/pro...
Chrome: https://www.cvedetails.com/pro...
Firefox: https://www.cvedetails.com/pro...

It looks like each of them has had their fair share of significant security flaws. Does anyone track how quickly flaws are patched for each?

Re:Comparison of Common Vulnerabilities and Exposu

Edge 124
Firefox 133
Chrome 159

Although if you just take code execution, arguably the most important ones.

Chrome 2 (Yes, that's a two!)
Firefox 53
Edge 67

"Safer" is NOT to use Win10!

[Zurkeyon3733]

Windows 10, collect enough info on the average user, that within only 2 hours of use it can produce a reasonably accurate personality profile / dossier, in only that short amount of time. I like my privacy, i dunno, Private? :-D Go figure!

Re:"Safer" is NOT to use Win10!

[Mascot]

Any links to research backing up that 2 hour claim? Cause in my experience, the average user is still on the phone to their 10 year old nephew asking them "how do I get on the internets?" at the two hour mark.

Re:"Safer" is NOT to use Win10!

[AHuxley]

Just use Windows 10 to play dx12 games.

Re:They picked the wrong name for their browser th

[slazzy]

The word makes me think "Bleeding Edge" when it comes to technology.

Why does MS care which browser is used?

[bagofbeans]

Splain to me. Is that the browser tracking can only work on Edge? Or Bing traffic is more likely?

Re:Why does MS care which browser is used?

[Comen]

Easy! Many default features send data to Microsoft to improve your browsing experience. Even if you have Google as the default search provider they have features that offer suggestions, I assume this is sending data to MS. IT ALL ABOUT WHO OWNS THE DATA! INFORMATION IS POWER IS MONEY!

No ad or script blockers

[malditaenvidia]

In related news, the author of umatrix and ublock origin has shown no intention of porting these products to edge.

Re:No ad or script blockers

[kruug]

Edge is starting to use Chrome add-ons, but they have to be submitted to the Windows Store. So, yet another place to update the app, and I don't believe they can be side-loaded like uBlock:O typically does.

The new Microsoft?

[markdavis]

I love how just two days ago how some people were posting here: https://linux.slashdot.org/sto... how much better and open Microsoft is than it used to be. How they are such a better company.

Sorry, this is the same old news- using their near monopolistic powers to put up messages about their competition. I guess this just follows after making sure dual boot is a disaster, locking out competing OS's on certain hardware, giving away near free licenses of their products to governments trying to break free of MS lockin by using Linux....

Abused OS monopoly to force browser incompatibilit

[raymorris]

They got in trouble because of how they abused their operating system monopoly to forcefully promote their browser.

HAVING a monopoly isn't illegal, and certainly TRYING to have one isn't illegal. ABUSING a monopoly in certain specific ways is illegal. They had a monopoly on the desktop OS, more or less. Enough that when they told Dell and HP "you may not sell computers with Windows and also provide Netscape", Dell and HP had no choice but to comply. Microsoft basically made it "illegal" to pre-install any browser other than IE. You're not allowed to abuse a monopoly in one area (operating systems) in order to unfairly gain a monopoly in another area (browsers).

In addition, Microsoft did other unfair, anticompetitive things like for a while IE would refuse to download Netscape. Netscape couldn't be pre-installed, because Microsoft wouldn't allow that, and it couldn't be downloaded on a fresh Windows system, because Microsoft wouldn't allow that.

can't even use it on MS pages

[sipke.van.der.meulen]

Well of course it's safer: You can't use it on Microsoft's own admin webpages: (office 365 portal admin/ azure admin/ iaas portals ) Funny people, those MS guys

Technological imperialism

[Rick+Schumann]

This is just one more example of the technological imperialism of Microsoft, and one more reason to never use it. What's next? Are they going to disallow Firefox and Chrome from being installed or executed?

Don't fix it if it ain't broke

[MarcAuslander]

It's amazing how often Microsoft reminds be to be thankful I turned down their generous offer and stayed with Windows 7.

9 out of 10 doctors who smoke agree!

[sizzzzlerz]

Lucky Strike cigarettes are healthier for your lungs!

Re:Comparison of Common Vulnerabilities and Exposu

[thegarbz]

Based on a least-squares linear fit Next year's stats are going to be:
Chrome 117
Edge 221

It doesn't look good based on Microsoft's trend

Of course it's safer!

[genner]

When it crashes and keeps you off the internet you're perfectly safe,

Misleading

[CyberNigma]

This is misleading. Once you have at least 128GB of ram then most of Chrome's features are able to be loaded and then it becomes the safest browser. Edge may only be safer in situations where users have less than 128GB of ram...

Welcome to the new Microsoft

[Tough+Love]

Same as the old Microsoft

Re:Comparison of Common Vulnerabilities and Exposu

[Calydor]

Wait, what happens to Firefox in the coming year to drop them to 0% market share?

Ok but..

[XSportSeeker]

Do they have anything to make that claim?

Software freedom is its own reward.

[jbn-o]

A major difference being that of those three only Firefox lets users see what's going on, alter the code, and share their improvements with others (even commercially). It's a lot harder to get away with spying and other kinds of subterfuge in software users are free to run, inspect, share, and modify. Subterfuge is trivially easy to do in proprietary software, thus proprietary software is never trustworthy and never safe to use. Furthermore, both Google and Microsoft work with government agencies (such as the NSA) to help their spying efforts. You're better off with even worse quality code that is free software than more featureful, less buggy, faster, or in any other way "better" proprietary software. Software can be improved to become technically better but only the copyright holder can free their proprietary software.

post-truth

[kirkb]

I was going to get all riled up about how a company could make false claims like this.

But then I remember that we are firmly entrenched in the "Post-truth" era. Pity that. I used to love it when facts and opinions and lies were three different things.

Edge and Chrome are both spyware

[WaffleMonster]

What goes around comes around. With persistent harassment campaign from Google to get people to install chrome they all need to fuck off.

Its not a tip at all.

[Stan92057]

First its not a tip, its a backhanded advertisement and they should be called out for it by the authorities IMO

In the spirit of honesty ...

[Alain+Williams]

will Windows 10 also inform its users that Linux and macOS are safer ?

Of course it's safer! Nobody uses it!

[Tony+Isaac]

Hackers will go after browsers that have an actual user base, because they want access to things like stored account or contact information. Why in the world would they bother with Edge? They would get very little return for their efforts.

Actually, I'd guess that Lynx is the safest browser out there.

I do not know how people tolerate Windows anyway

[iamacat]

I grudgingly suffer through login screen, "working on updates" and various nag popups like trying Office 365 to run Steam games not available elsewhere. But who would want that just to do web browsing and basic productivity tasks? My "desktop" is $265 Intel Compute Stick running Ubuntu connected to $500 45 inch 4K TV. I can walk away for two weeks and come back to find things exactly as I left them, without any nag screens. My laptop is a Chromebook Flip that again does not aggregate me and that runs a decent selection of Android games and Ubuntu for when I need it.

Microsoft also used to sell drama-free operating systems that ran a large selection of apps. Windows 2000 was about the pinnacle, though XP is Ok if you forget about activation issues. Windows 7 is decent from UI point of view, but quicky chews up globs of disk space in mysterious directories like WinSXS. Everything afterwards is just obnoxious.

Re:Comparison of Common Vulnerabilities and Exposu

[thegarbz]

Wait, what happens to Firefox in the coming year to drop them to 0% market share?

Oh I thought they were at zero already so I left them out :-P

How about the EU?

[phorm]

In the USA. However this could get expensive for them in Europe...

Re:Not in Our Dear Leader's Amerika

[MercTech]

Why not anti trust under trump since most of the oligarchical trusts and cartels are owned by democratic party supporters.

Tryed it, rejected it....

[MercTech]

I tried Edge. It does not display HTML consistently with other browsers. HTML5 menu objects and control buttons to not behave consistently.

    I've relegated Edge to a display platform for Youtube running in the corner while I use either Chrome or Firefox for meaningful work.

How is that any different from what Google does?

[A+Friendly+Troll]

If I visit Google, or Gmail, or Gmaps, YouTube, or anything else, with a non-Chrome browser, the top of the screen will ALWAYS have "do you want to install Chrome?" nagware. You can dismiss it in your session scope, but next time you come back, so does the message.

Why is that not a problem, and what Microsoft does is a problem?

Is it better on battery tests? Yeah, it is. Is it safer? It very well might be - but we don't know, since we're all running ad-blockers on non-Edge browsers, so our experiences are anecdotal at best.

Re:I do not know how people tolerate Windows anywa

[strikethree]

winsxs is literally, Windows Side by Side (WinSxS). It is what gets you out of dll hell... you know, where each program needs its own special version of a particular dll. Those alternate (read not the latest) dlls all reside in winsxs while the most recent dll is out in the native filesystem.

I am not saying this is a good idea or a bad idea, I am merely trying to remove the mystery for you.

As an administrator, I have seen this folder grow beyond 10 gigabytes. As a security guy, all of those ancient dlls laying around can be a problem as occasionally, the security updates forget to update those folders from time to time.

HTH, AFK LOL