Slashdot Mirror
Google Chrome Most Resilient Against Attacks, Researchers Find (helpnetsecurity.com)
Between Google Chrome, Microsoft Edge, and Internet Explorer, Chrome has been found to be the most resilient against attacks, an analysis by security researchers has found. Firefox, Safari, and Opera were not included in the test. From a report: "Modern web browsers such as Chrome or Edge improved security in recent years. Exploitation of vulnerabilities is certainly more complex today and requires a higher skill than in the past. However, the attack surface of modern web browsers is increasing due to new technologies and the increasing complexity of web browsers themselves," noted Markus Vervier, Managing Director of German IT security outfit X41 D-Sec (and one of the researchers involved in the analysis). The researchers' aim was to determine which browser provides the highest level of security in common enterprise usage scenarios.
There's an important paragraph in the introduction:
You can read the paper yourself to determine whether they succeeded at avoiding biasing their results. One up-front question is why they didn't include Firefox. Based on public vulnerabilities and Pwn2Own and similar competitions, FF is less secure than Chrome, but often better than Edge. Safari tends to trail by a large margin, so its exclusion doesn't surprise me, nor does the exclusion of Opera and other browsers with very small market share.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Your attitude is a perfect example of why Firefox is on its way out. If you knew anything about Firefox 57 you'd know that it could very well be the final nail in Firefox's coffin. You would not be recommending that users look forward to it!
Firefox 57 is due in November, and it's the first release that's supposed to only support WebExtensions extensions. This will very likely break many existing extensions. Due to differing capabilities between the existing extension model and WebExtensions it may not even be possible to reimplement some existing extensions!
So I think we'll see two things happen:
1) A small number of Firefox users will continue to use pre-57 versions, so they can continue to use extensions that won't be or can't be supported in Firefox 57 and beyond.
2) A much larger number of Firefox users will move to Chrome (or Chromium) and never look back. If all of their extensions use a Chrome-like model, there's no reason to use Firefox. In my experience, and that of many other people, Firefox is very slow, bloated, and memory-hungry compared to Chrome. I'm sure you'll parade some bullshit "benchmarks" showing otherwise, but these benchmarks don't correspond at all to the actual experience of using Firefox and feeling just how less responsive it is than Chrome.
Firefox's market share is already pretty pathetic. Firefox 54 has only 2.94% of the market. Firefox 55 has only 1.19%. Firefox 52 has 0.49%. The rest of Firefox's releases, including Firefox for Android, are well under 1%. Many of them are in the 0.01% to 0.05% range.
I wouldn't be at all surprised if Firefox 57 knocks Firefox down to the 1% to 2% range.
Firefox is already pretty irrelevant now that's down to about 5%. When it's down to the lowest of the low single-digit percentages, the chance of a recovery will basically become non-existent. And once the Yahoo search deal expires, it's doubtful that any other organization will want to sign a search deal with Mozilla. Why would they, if Firefox has only 1% or maybe 2% of the market at that time? Firefox's future will be even bleaker than it already is if Mozilla were to lose out on their main source of income.
You hype Firefox 57 as if it's a good thing. The evidence suggests otherwise. It shows that Firefox 57 has the potential to be the most disastrous release in Firefox's history, even worse than the early rapid-release extension breakage debacle and even worse than the Australis debacle.