The InfoWorld expert guide to Web browser security

Today's Web browsers have different security pros and cons, and none offers a magic bullet against threats. Here's how to keep your Web surfing secure

Which Web browser is guaranteed to make your Internet browsing experience perfectly safe? The answer is none, of course. If you have the need for high security on a computer you manage, then you shouldn't allow it to surf on the public Web. It's that simple. But if your need for security is not extreme, there are a number of things you can do to make your Web browser more secure and your Web surfing safer. Let this Deep Dive be your guide.

Internet browsers are highly complex pieces of software that interact with highly complex programming code, much of it not so friendly. There is no "super secure" browser. The number of known exploits against a particular browser exactly tracks to its popularity. No surprise there. Even secure alternatives to Internet Explorer, which all new browsers seem to claim to be, generally have been targeted by dozens of exploits. (Even the newest of these, Google Chrome, already has a dozen.)

Today, a significant portion of computer attacks comes from legitimate websites that have been maliciously modified. In short, limiting your surfing to only well-known, legitimate websites does not ensure a safe Internet browsing experience. And the problem will only get worse, not better, for the near-term future.

Browser security wars
About a year ago, I spent several months running the five most popular browsers -- Internet Explorer, Firefox, Google Chrome, Safari, and Opera -- through a battery of security tests. Much to my surprise, none of the browsers allowed malware to silently install on my test systems. In other words, if a fully patched browser is running on a fully patched Windows system (Windows XP Professional SP3, in my tests), then malware's best chance of success is fooling the user into willingly executing it. This is why socially engineered Trojan horses -- fake browser plug-ins, fake antivirus programs, etc. -- are so common. Beware.

To continue reading this article register now