14 DAY TRIAL // In a new study issued by Accuvant, Google Chrome was deemed to be the most secure browser, based on the technologies and measures it implements to ensure that rogue code does at little damage as possible.
Internet Explorer was found to be close and comparable to Google Chrome, while Firefox was found to be lacking in some aspects.
The study was requested and paid for by Google, but there is little doubt over its integrity. It's certainly nothing like Microsoft's 'feature checkmark' security 'test'.
It's hard to overstress the importance of browser security. With browsers and the web becoming more complex and more powerful, security technologies have to keep up.
The study assumed that attackers would find bugs which can be exploited, no software this complex is perfect.
Thus, it focused on what browsers did to mitigate the danger of a vulnerability, how they limited what attackers could do after they found an exploit.
The researchers analyzed the sandboxing technologies in the browsers, or the lack thereof on the case of Firefox, the security levels and technologies for extensions, add-ons and plugins, and Just-in-Time (JIT) hardening.
Most JavaScript engines in modern browsers use JIT compiling, which turns JavaScript into native, executable code. This code, however, doesn't adhere to the security measures imposed on code from native application, so browser makers have to deploy their own measures to ensure that memory space used by this code is harder to exploit.
The report is 120 pages long and, while fairly technical, is a good read for anyone wanting to know more about what security measures and technologies each of the three browsers employ. It also serves to add some perspective to the conclusion.
Overall though, the researchers found Google Chrome to be the most secure browser. Its sandboxing technology was the tightest, while IE's allowed some local files to be read. Firefox doesn't employ a sandbox.
When it comes to JIT hardening, Chrome and Internet Explorer have implemented some measures, though not always the same, while Firefox has none of the methods the researchers focused on.
When it comes to extension, add-on and plugin security, the three browsers are more closely ranked, with Chrome having a slight lead over IE which in turn has a slight lead over Firefox.
