Test Center guide to browser security
Chrome, Firefox, Internet Explorer, Opera, and Safari have different security advantages and shortcomings. More important than the browser you choose, however, is how you maintain and use it.Follow @rogeragrimes
Browser security tests. How did the browser fare against popularly available browser security test suites? In this review, all of the products passed the most well-known browser security tests located on the Internet, so each item was further exposed to dozens of real-life malicious Web sites. Often the outcome was not pretty. I experienced frequent browser lockups, objectionable content, and sometimes complete system reboots.
Enterprise manageability features. InfoWorld caters to administrators and technicians who need to accomplish tasks across an entire enterprise. It is generally easy to secure a favorite individual browser for personal use, but doing so for an entire business requires special tools. If the browser were selected for enterprise use, how easy is it to install, set, and manage secure configurations for every user?
These are the general categories that were considered when reviewing each Internet browser.
How I tested
I downloaded the latest publicly available version of each browser (including beta products) and installed it on fully patched 32-bit versions of Windows Vista Enterprise SP1 and Windows XP Pro SP3. I reviewed all security settings and options and checked the vendor documentation for clarification. I then subjected each browser to numerous tests, including dozens of pre-defined tests made in the lab, Internet-based test suites, and exposing the browsers to known-malicious Web sites.
I surfed to dozens of Web sites known to contain live malware from several public and private malware site lists, including ShadowServer. I also visited dozens of known phishing Web sites, courtesy of PhishTank and similar referral sites. I used Process Explorer to monitor local processes and resources during install and ongoing operations. And I sniffed the browsers' network traffic using Microsoft Network Monitor or Wireshark and examined the results for information leaks.