IE 8 Found To Be Safest Web Browser In Studies Funded by Microsoft

Internet Explorer 8 is the safest web browser on the market, according to a pair of studies sponsored by, um, Microsoft.

One study focused on socially engineered
malware and the other on phishing.

In the first study, NSS Labs found that
IE8 caught 81 percent of live threats, while Firefox 3 caught 27 percent, Safari 4 caught 21 percent, Chrome 2 caught 7 percent and Opera 10 Beta caught 1 percent. NSS attributed this to "concerted efforts Microsoft is making in the SmartScreen technology." But one might wonder about the mathematical validity of the results when the report said there was a 54 percent margin of difference between IE8 and Firefox when it was actually a 54 percentage point difference.

The tests were done July 7 through 18, every four hours, with 69 test runs during which new malware URLs were added, for a total of 608. All of the products were the most current versions available when the testing began and had access to the Internet during the testing. For the tests, a "socially engineered malware URL" was considered a link that led directly to a download "that delivers a malicious payload whose content type would lead to execution" - i.e., masquerading as a link to a screensaver, software upgrade or the like.

According to
The Next Web, the NSS Labs president did respond to questions about Microsoft's sponsorship:

"[T]his stuff is expensive to do right, and we need to monetize it somehow." … "We invited Google, Mozilla, Apple, Opera to participate, but they didn't even bother to respond, except for Opera, which stated they 'don't really focus on malware.'"

In the phishing study, the gap between IE8 and Firefox was not nearly as wide. Internet Explorer blocked 83 percent of phishing attacks, according to the study, while Firefox blocked 80 percent, Opera blocked 54 percent, Chrome blocked 26 percent and Safari blocked 2 percent. The study results did note that the test copy of Opera 10 Beta "experienced operational issues" during the testing that caused it to perform worse and before that, it had performed at levels comparable to Internet Explorer and Firefox.

This study was conducted from July 7 through 20, also every four hours, for a total of about 80 test runs, each time adding new phishing URLs, for a total of 593. Again, the browsers were updated to the most current version available when the tests began and each had access to the Internet. Phishing URLs were considered to be those that "both falsely impersonates another entity and attempts to trick the user into disclosing personal information via a web form."

Via:  NSS Labs
Riks 5 years ago

wow chrome really isn't looking good right now =\

marco c 5 years ago

Or MS didn't want Chrome to look good right now...

acarzt 5 years ago

Or did they? DUN DUN DUN!!!

Riks 5 years ago

[quote user="Marco C"]

Or MS didn't want Chrome to look good right now...


alright i'll go with that Big Smile

BurgendyBlues 5 years ago

Well the important thing to note is that Microsoft funded them, that doesn't mean the results were biased in favor of them resultantly. We make that assumption because of the addage 'where thy money come from, do not excrete bodily fluids fromth'.

It's very likely that Microsoft didn't tell them to come to any specific conclusions but that they looked more favorably upon IE as a result. IE is very insecure, I still use it because it's hand to have around but it's not the safest browser - this is mostly related to the fact that people do not have proper security skills to lock up their computer with a proper firewall (hardware ideally, then software). Also people don't take the time configure the settings properly.

3vi1 5 years ago

Install the NoScript plugin, and suddenly FF blows IE8 out of the water.

digitaldd 5 years ago

Works great for users that can figure out how to temporarily unblock a site but for the average end user its a nightmare to use. i just spent 30 minutes with my GF on the phone and she got so frustrated with noscript she disabled it on my computer. At least thats what it sounded like to me. Wink

ice91785 5 years ago

HA! ...that is all...

Anonymous 5 years ago

LOL, naturally a study funded by Microsoft will favor Microsoft! What a joke. Firefox RULES!


mhenriday 5 years ago

I suggest that the really essential point is that made by signature 3vi1 - if one wants a (relatively) safe browsing experience, the best alternative is to install and use Giorgio Maione's NoScript with Firefox....


Gonzobot 5 years ago

The fact that Microsoft sponsored studies that said Microsoft's browser was best is alone cause to discredit it - but these tests themselves seem to be rooted in wrongness from the start. What good is a browser going to do to protect you from these styles of attack, exactly? THESE ATTACKS ARE BASED ON THE WEAKEST PART OF ANY COMPUTER - THE USER.

When EVERY download makes you answer 'yes I want to download this!' 3 times, it does not make your program more secure. It makes it more annoying, and more likely to condition users that to download, they have to click yes three times. It does nothing to educate them to stop downloading malware, screensavers, toolbars, and the like - which is the cause of the problem. This is not like IE6, where simply looking at a page is enough to infect your machine - this is a PEBKAC problem, PLAIN AND SIMPLE. No browser will ever overcome this hurdle, and so this study is useless.

ClemSnide 5 years ago

I remember back when an internal analysis of the CIA's practices found there to be no ethics violations in their agency. Some people had different ideas.

The thing is, people, we really aren't security experts. Sure, we've heard that certain AddOns and certain browsers are safer than others, but what empirical evidence do we have of it? I myself use FireFox because it has the usability that IE is lacking (type size and interface colors, for one, with the AnyColor extension), but I have no illusions about its unhackability.

IE is the most-used browser on the market, just as Windows is the most-used OS for home computers and Microsoft keeps sneaking the former back in as the default browser on the latter (despite antitrust decisions telling them they can't). If I'm a hacker who wants to, say, start a botnet, I'm going for the path of least resistance: the most target systems for the same programming effort. That, simply put, is IE running on a Windows system. I even understand that, as Macs have been gaining market share, hackers have started to target them. (Linux geeks can feel momentarily smug and then go back to their Windows environments to run applications.)

Certainly studies are important, but independent studies are more reliable. I'll wait. And in the meantime I won't click on links promising me herbal v1agra or nude pictures of Brittany Spears.

nelsoncp21 5 years ago

regardless of how safe it is I refuse to use it anymore. I actually had to uninstall it because it conflicted so much with my antispyware software that my computer  connection became as slow as dial up. I tried every little tweak I could find but in the end nothing got my connection back to where it was so I still run IE7.  My problem with FF is that you have to do so many add ons to it.

ClemSnide 5 years ago

@nelsoncp21: It is a kind of project to get a Firefox configuration that you like, but the good part is that much of it is automatic. For example, if it needs an AddOn to display content, it'll grab that when you tell it to after encountering something it can't display. (And with FF 3.5, that happens a lot less often thanks to its built-in support for audio and video formats.)

The AddOns that most security-minded people use are AdBlock, which does require some setting up (you subscribe to a list of blocked sites, but you can do that from the panel it pops up on installation); and BetterPrivacy, which deletes "supercookies" (Flash objects that break the rules of when traditional cookies are deleted). Both of them are nice to the user; they can be configured very specifically, but if you just go with the default settings, that works too. Finally, Ghostery merely lets you know what sites are spying on youthrough such avenues as Google Analytics and others.

To get a high-visibility window I use AnyColor, which lets me set the background color of the interface to black and the text to white (it has a lot of options but that's all I use).

Through its "Get Add-Ons" button (Tools:Add-Ons) Firefox makes it easy to add and delete these pieces of code. None of them are really necessary, since the browser has a good set of features already, but some people like fiddling under the hood. Sticking to their "Recommended" list is the safest way to pick from the available packages (some of which are just plain silly and useless-- but the same might be said for Desktop Gadgets).

I really enjoy it as a web browser, so I hope you start using it too!

nelsoncp21 5 years ago

oh I used it for awhile but honestly didn't notice much difference other then constantly needing to install add ons. FF imo has become a very common browser anymore and just as much a target but thats solely opinion on my part. IE7 works fine for me for now until something better that I like comes around. IE8 is a joke but hey some of you might like it so to each his own.

Post a Comment
or Register to comment