Google Chrome least secure!

Discussion in 'other security issues & news' started by vasa1, Nov 15, 2010.

Thread Status:
Not open for further replies.
  1. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
  2. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    The No. 2 spot is held by Apple's Safari browser at 60 reported vulnerabilities while Microsoft Office was No. 3 with 57.

    4. Adobe Acrobat -- 54

    5. Mozilla Firefox -- 51

    6. Sun JDK -- 36

    7. Adobe Shockwave Player -- 35

    8. Microsoft Internet Explorer -- 32

    9. RealNetworks RealPlayer -- 14

    10. Apple Webkit -- 9

    11. Adobe Flash Player -- 8

    12. Apple Quicktime and the Opera Web browser (tied) -- 6
     
  3. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    Not surprised that firefox is above IE again this year, now that it's becoming a popular browser people realize how truly insecure it is. I'm pretty sure most of it's "security" was through obscurity, a.k.a., it's previous unpopularity. Does anyone use firefox today without bundling it with extensions like NoScript just to feel secure?

    Also I'm sure the reason Chrome has so many is partly contibuted by the fact it's new and immature compared to IE8 which has gone through extensive patching to become as safe as it is today. I bet Chrome's vulnerability list will drop in time like IE8.

    New hardware/software usually has teething problems.
     
  4. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Well, I can assure you that, with me, Chromium (Not Google Chrome) is the most secure browser I've been running; no malware can get in, and I'm not running it sandboxed using stuff like Sandboxie.

    Anyways, I guess that those same users, that in the past, moved to Firefox, will be moving back to IE again. lol
     
  5. katio

    katio Guest

    Are you serious?

    This numbers don't rank how secure an application is!
    Extreme example: What's better, a single highly critical vulnerability in the wild unpatched for some months or 10 minor vulns all privately reported and promptly fixed by the vendor?

    You should really go by real world exploits in the wild. Unsurprisingly IE 6 got the top rank there, top as in most attacked. Firefox and newer IE7/8 follow while Chrome hasn't seen any exploit in the wild afaik, certainly none that circumvented the Sandbox. Some of course target cross browser plugins like flash and java.

    Full disclosure: NoScript user ;)
     
  6. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    I'm fairly confident he was being sarcastic. :D I don't think anyone in the right mind would consider IE under version 8. I would never consider IE under version 9... Not because IE8 is an insecure browser like IE6, but because IE8 is simply a terrible (to use) browser when compared to IE9/Chrome.
     
  7. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    That is correct!

    Actually, I'm still using Chrome because I believe that most, if not all, of the vulnerabilities were patched by Google's team or their paid white hackers before they were exploited in the wild.

    The OP was to get people's comments :oops: and learn something more.
     
  8. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    ie6.gif

    Yeah good old, but not out IE6 :p
     
  9. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    It could be worse.
    IE5.gif
     
  10. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    I'm liking your minimalistic IE6 :D
     
  11. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    It reminds me a bit of K-Meleon's 'Klassic' skin.
     
  12. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    So, the article says: Google Chrome is the most vulnerable because it has the most security flaws discovered. That's just bollocks the size of Jupiter. And I absolutely despise any article that equates security to the number of vulnerabilities. Utter garbage.

    In that regard:

    Argetinian army, navy and air force had more troops than UK in Falklands War. They were supposed to win! Right? Did they? Nope. The French had ten times more troops than British at Agincourt. And who won there? How about you Google Henry V speech, eh?

    What if all of Google vulnerabilities were local? How do 100 local vulnerabilities scale to one remote one? They don't. But apparently everyone is a journalist, even if everyone is not a scientist or even a skilled Excel operator.

    What about the severity, known and unknown exploits, time to patch, and a million other factors? Ah, too difficult to think when all you do is fear mongering.

    The only thing the number of vulnerabilities tell is: the number of entries in a database.

    Bollocks the size of Jupiter. No other term.

    Cheers,
    Mrk
     
  13. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    LOL :thumb:


    In Dublin's fair city,
    where the girls are so pretty,
    I first set my eyes on sweet Molly Malware,
    As she wheeled her wheel-barrow,
    Through streets broad and narrow,
    Crying, "Entries of Exploits, alive, alive, rare!"
    "Alive, alive, rare,
    Alive, alive, rare",
    Crying "Entries of Exploits, alive, alive, rare".
    She was a fearmonger,
    But sure 'twas no wonder,
    For so were her father and mother before,
    And they each wheeled their barrow,
    Through streets broad and narrow,
    Crying, "Entries of Exploits, alive, alive, rare!"
    (chorus)
    She died of posting fever,
    And no one could save her,
    And that was the end of sweet Molly Malware.
    Now her ghost wheels her barrow,
    Through streets broad and narrow,
    Crying, "Entries of Exploits, alive, alive,rare "
     
  14. Pandorian

    Pandorian Registered Member

    Joined:
    Sep 25, 2009
    Posts:
    11
  15. trismegistos

    trismegistos Registered Member

    Joined:
    Jan 29, 2009
    Posts:
    365
    I am not a Google Chrome user but to say that it is the least secure is a clear deception.
     
  16. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Mrkvonic post says it all :D
     
  17. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    What's the original one (sounds an interesting lyric)? Or, were you just inspired? :D
     
  18. Pandorian

    Pandorian Registered Member

    Joined:
    Sep 25, 2009
    Posts:
    11
  19. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,729
    Location:
    Texas
    Why Counting Flaws is Flawed
     
  20. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    Ronjor, I especially liked:

    As truer words have not been spoken.
     
  21. katio

    katio Guest

  22. tlu

    tlu Guest

  23. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    Are you blind to my response directly after his or do you have some kind of problem? Feel free to PM me.
     
  24. tlu

    tlu Guest

    No, I'm not blind, I just wasn't precise enough. What I meant: I hope that you thoughtfully read that article. I was referring to your remark in post #3 above where you complained about Firefox "... how truly insecure it is". This kind of sweeping accusation belongs exactly to that category of "analysis" critisized by Brian Krebs - and rightly so.
     
  25. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    It's not a sweeping accusation, it's a precise one that people are finally realizing. I mean seriously, how many Firefox users DON'T use NoScript or recommend it? Feel free to do the research, as I won't do it for you.

    Someone mentioned it's also about the time it takes to patch, did you know that after 10 years (first reported in 2000) Firefox still provides no way to escape javascript "trap" websites used by nearly all malware sites? You have to forcefully ctrl+alt+del. All other browsers offer a "cancel this script" button for you to navigate away.

    Next time, try being a bit more mature about calling out peoples nicknames directly on a public forum, just because your favourite browser got bashed. It motivates me in no way to have a debate with you.
     
Loading...
Thread Status:
Not open for further replies.