Internet Explorer 8 is the safest web browser on the market, according to a pair of studies sponsored by, um, Microsoft.
One study focused on socially engineered malware and the other on phishing.
In the first study, NSS Labs found that IE8 caught 81 percent of live threats, while Firefox 3 caught 27 percent, Safari 4 caught 21 percent, Chrome 2 caught 7 percent and Opera 10 Beta caught 1 percent. NSS attributed this to "concerted efforts Microsoft is making in the SmartScreen technology." But one might wonder about the mathematical validity of the results when the report said there was a 54 percent margin of difference between IE8 and Firefox when it was actually a 54 percentage point difference.
The tests were done July 7 through 18, every four hours, with 69 test runs during which new malware URLs were added, for a total of 608. All of the products were the most current versions available when the testing began and had access to the Internet during the testing. For the tests, a "socially engineered malware URL" was considered a link that led directly to a download "that delivers a malicious payload whose content type would lead to execution" - i.e., masquerading as a link to a screensaver, software upgrade or the like.
According to The Next Web, the NSS Labs president did respond to questions about Microsoft's sponsorship:
"[T]his stuff is expensive to do right, and we need to monetize it somehow." … "We invited Google, Mozilla, Apple, Opera to participate, but they didn't even bother to respond, except for Opera, which stated they 'don't really focus on malware.'"
In the phishing study, the gap between IE8 and Firefox was not nearly as wide. Internet Explorer blocked 83 percent of phishing attacks, according to the study, while Firefox blocked 80 percent, Opera blocked 54 percent, Chrome blocked 26 percent and Safari blocked 2 percent. The study results did note that the test copy of Opera 10 Beta "experienced operational issues" during the testing that caused it to perform worse and before that, it had performed at levels comparable to Internet Explorer and Firefox.
This study was conducted from July 7 through 20, also every four hours, for a total of about 80 test runs, each time adding new phishing URLs, for a total of 593. Again, the browsers were updated to the most current version available when the tests began and each had access to the Internet. Phishing URLs were considered to be those that "both falsely impersonates another entity and attempts to trick the user into disclosing personal information via a web form."