And the prize for LEAST SECURE BROWSER goes to ... Chrome!

Discussion in 'other security issues & news' started by KeyPer4Life, Mar 26, 2015.

  1. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    974

    http://www.theregister.co.uk/2015/03/26/chrome_trumps_all_in_reported_vulnerabilities/
     
  2. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,522
    Location:
    USA - Back in a real State in time for a real Pres
    Harhar....
     
  3. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Misleading as always. Try providing actual drive-by installs thees days.
     
  4. Malwar

    Malwar Registered Member

    Joined:
    May 5, 2013
    Posts:
    271
    Location:
    USA
    I would rather have a browser with the most security flaws found and patched then the least security flaws found and NOT patched(because if a lot were found that does not mean less secure it means they are probably more secure because a lot of flaws were found and if there is less found or not as many that means there are probably more security flaws like zero days not found, there will always be zero days but I mean more undetected unlike Chrome most of them are detected)..It means Google is paying attention and their tactics are working like the vulnerability rewards program and they patch all Chrome and Chrome OS security flaws in under two days.
     
  5. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Same old game, making numbers say what you want them to. There's probably dozens of ways to interpret those figures, which is exactly what you'd end up with, interpretations based on assumptions that mean nothing.
     
  6. Malwar

    Malwar Registered Member

    Joined:
    May 5, 2013
    Posts:
    271
    Location:
    USA
    Exactly!:thumb:
     
  7. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    974
    The report was put out by Secunia using their "Personal Software Inspector". One could question the method(s) used and the accuracy of the numbers.
     
  8. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    It ranks up there with AV comparisons. Depending on the sample set you choose, they can all be made to look good, or very bad.
     
  9. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    974
    I also wondered when NSS Labs was testing different browser's security. (Microsoft sponsored) Internet Explorer
    managed to come out on top for what they were testing. Don't know about their current testing though.
     
  10. tlu

    tlu Guest

    This is a good read about bug counting by Chrome developer Justin Schuh.
     
  11. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,985
    Location:
    Canada
    Not to mention only one bug exploited in Chrome at the 2015 Pwn2Own contest:

    https://threatpost.com/all-major-browsers-fall-at-pwn2own-day-2/111731

    ...and a difficult one to exploit at that:

     
  12. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,016
  13. Malwar

    Malwar Registered Member

    Joined:
    May 5, 2013
    Posts:
    271
    Location:
    USA
    Yea I agree and I was saying that I would rather have a browser with more patches then less by far Chrome is patched the fastest and the most patches.
    Thanks,
    Malwar
     
  14. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    ...and if they had made this claim about IE everyone would be agreeing with it. I don't care in any case. All browsers have issues but these threads are fun to watch. :argh:
     
  15. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,985
    Location:
    Canada
    While I don't disagree about the number of vulnerabilities found, I'd be more interested in the far more important rate of difficulty exploiting a browser, and Pwn2Own contest unquestionably gives compelling evidence that number of vulnerabilities in a browser is not a barometer of how easily it's exploited. It could be taken a big step further by testing browsers on different O/S'
     
  16. Malwar

    Malwar Registered Member

    Joined:
    May 5, 2013
    Posts:
    271
    Location:
    USA
    Yes I agree.
     
  17. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    786
    Great post, kudos to you.
     
  18. Malwar

    Malwar Registered Member

    Joined:
    May 5, 2013
    Posts:
    271
    Location:
    USA
    Thank you, I am 17 and love security and I really want to work at Google one day for their project zero team and before that maybe hack all major browsers on all major OS's including Chrome OS all full bypasses of course at compition like pwn2own and pwnium so I am learning to code and etc. and like I said that means a lot.:):thumb:
    Thanks,
    Malwar
     
  19. Alhaitham

    Alhaitham Registered Member

    Joined:
    May 18, 2013
    Posts:
    173
    Location:
    Egypt
    Firefox : the most secure browser tested

    Nice going Mozilla

    Congrats
     
  20. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,071
    Location:
    Germany
    That test was legit because it was not about sandboxing / exploit protection but rather about testing a browser's protection against tricking users with social engineering to download and execute malware on their own. SmartScreen is very good against that.
     
Loading...