Test Center guide to browser security
Chrome, Firefox, Internet Explorer, Opera, and Safari have different security advantages and shortcomings. More important than the browser you choose, however, is how you maintain and use it.Follow @rogeragrimes
Additionally, each browser was used over a series of several weeks (or longer) to test general use, patching intervals, and other involved functionality.
The most secure browser
Which of the browsers tested can claim to be the most secure? Here's the big shocker: None of the fully patched browsers allowed silent infections or exploitation beyond simple DoS attacks. All of the browsers stopped the latest malicious attacks available on the Internet. Occasional zero-day attacks could silently infect a particular browser during a particular period of time, but all of the browsers have this same risk, and all of the browser vendors in this review are fairly consistent in patching significant problems in a timely manner.
Hence, the overall conclusion of this review is that any fully patched browser can be used relatively safely. You can change browsers, but your risk is the same with all of them -- nearly zero -- if your browser, OS, and all add-ons and plug-ins are fully patched.
However, if I pretended to be an end-user tricked into running a malicious executable (such as a fake anti-virus program), each browser allowed the system to be infected and compromised. End-users running on Windows Vista without elevated credentials would have prevented most malware infections from occurring, but even those users were readily exploited if they purposefully elevated themselves to install the rogue program.
Browser security tips
Instead of accusing one browser of being weaker than another, real-world testing has revealed that users should pick a browser that has the security features and functionality they desire, and implement the following suggestions.
* Don't log on as admin or root when running an Internet browser (or use UAC on Windows Vista, SU on Linux, etc.).
* Make sure the browser, OS, and all add-ons and plug-ins are fully patched.
* Don't be tricked into running malicious code.
* If unexpectedly prompted to install third-party software while browsing a site, open another tab and download the requested software directly from the software vendor's Web site.
* Be careful about which add-ons and plug-ins you use. Many aren't secure, many are very insecure, and some are actually malware in disguise.
As expected, each Web browser had its fair share of security advantages and disadvantages. All of the browsers reviewed here, save Google Chrome, have had years to mature in response to previous malicious attacks. All of the browsers had SSL/TLS (Secure Sockets Layer/Transport Layer Security) support, anti-phishing filters, pop-up ad blocking, cross-site script (XSS) filtering, automated updates, private session browsing, and cookie handling. The following review summaries highlight their differences. Click the links to the full reviews for more detail. See also the table, "Web browser security features," comparing security features among all of the browsers.