Browser Security and Socially Engineered Malware

http://nsslabs.com/anti-malware/browser-security

Browsers add another layer of security on top of endpoint/Anti-malware products on the desktop. This report compares IE7, IE8, Chrome, Firefox, Safari, Opera. See how well they did.

 

Thank for the post,

Just to recap that I understand it correctly, for instance with IE8:

1. Using Microsoft search to block blacklisted URL's of the "in the cload" servers of Microsoft.

2. Using its full application sided protection mechanisme like phising filter (a), smart screen filter (b), Cross site scripting filter (c)


What would be interesting is to disclose what percentage of the high IE8 ranking (IE8 rc1 = 69%, FF v3.07 = 30%, Safari v3 = 24%, Chrome v1.0.54 = 16%, Opera v9.64= 5%, IE7=4%) contributes to [1] above and [2].

Because both IE7 and IE8 are included in the test, is it safe to say that the (when my assumption is correct, see picture included), that architectural improvements of IE8, smart screen filter and XSS filter make the difference of 65%? (IE8 compared to IE7 when ruling out shared services)

Thanks

 

Another question: would it be possible to conduct a comparable test with web reputation services like WOT, AVG/Linkscanner, Site Advisor, BrowserDefender, etc?

Thanks

 

This was already posted here: https://www.wilderssecurity.com/showthread.php?t=236747

Just a note: This test seems to be ridiculous...

 

RDSU, your are a massive poster, please eleborate, because I do not have the knowledge to catch what your are hinting at

 

It's simple: I just don't believe in these numbers!

But maybe I'm wrong...

 

Well,

I am having a hard time to understand all these opinions on webbrowsers. Taking your opinion seriously I have googled and found this http://www.thetechherald.com/articl...e-NSS-Labs-report-touting-the-benefits-of-IE8 This states that Microsoft funded the research

So it seems your guess is not off to far

Thanks

 

I think the other topic also had a reference to the same point, but I don't know why the post was deleted, or maybe I didn't saw correctly...

These number doesn't make any sense to me, and that is why I don't even bother to waste my time reading the report...

 

Some clarification. The Microsoft SmartScreen filter is an in-the-cloud URL reputation service for phishing and socially engineered malware (note: not exploits or drive-by downloads). The other tested browsers use similar systems with a combination of local cache or database for either good or bad sites (whether malware or phishing). All tests were done with live internet connection to utilize this lookup service.

re:#1 microsoft (or any other search) was not used and played no role in the test.

RE: the other questions on the thread regarding other similar products: Yes, we've invited them to participate in future testing as well.

 

The idea of "which browser protects against socially engineered malware" is a bit problematic. Because the whole idea of social is that it is not technical. Therefore, the focus of social is on society and not technology.

Because:

If we assume the user is a moron / bot, they will only do what the browser tells them, whether it's built-in whitelists, plugins, toolbars, filters, etc.

If we assume the user thinks, then there's no meaning to any of the anti-social thingie stuff.

Someone who wants to get easy money will listen to the Nigerian warlord no matter what. The same goes for someone who wants to see a naked pic of this or that and so forth.

Using technology to replace brains is a no no. In fact, I think it's even more dangerous than no technology. When I go to a site, without thinking, I rely on filters to tell me good/bad. And that's it. What if the filter is wrong?

Remember a month ago when Google flagged every site as malicious due to a mistake? What if due to a mistake a site was un-flagged. People would trust their phishing and pharting filters and that's it.

Using social skills always takes precedence, especially against social threats. Offering someone millions of dollars and they get convinced? Or someone gets a mail from his "bank" and then goes there? What technology can possibly save these kind of people in the long run. One day, they will come across a site that no filter covers or some conman will sell them a piece of moon and what then?

The test is therefore problematic, because with the right or wrong audience you can have 100% or 0% success with any which browser.

Talking of security, did you check Firefox with Perspectives and Noscript?

Mrk