Comparing the Big Five
Browsers have many security features that help the end user avoid being bitten by malware, as well as some privacy protections.
All five browsers have pop-up blockers, anti-phishing filters, and password protection. Except for Opera, they allow for private session browsing where the browser saves nothing from the session that can be used to track your online movements -- no browsing history, no cookies, no temporary Internet files, and so on.
But only two, Internet Explorer and Firefox, have the coolest browser security feature of all: configurable security zones, which let end users set up different levels of security for Web sites based on their trustworthiness.
These browser security features play an important role in keeping the end user safe. They also vary from browser to browser: some browsers have certain features, others do not. And some browsers are simply better at security than others. Here's a quick look at each of the five browsers.
Cons: Explorer's popularity makes it the primary target of hackers. Its unique support of ActiveX (another way malicious exploits get into a computer) poses an additional security threat that other browsers don't have.
Takeaway: Internet Explorer's superior security controls should be weighed against the fact that it's the most frequently attacked browser in the world.
Cons: Setting up security zones isn't easy.
Takeaway: Firefox makes a good browser choice for PC users. In terms of security granularity and choices of controls, it's second only to Internet Explorer.
Pros: Safari boasts the most accurate anti-phishing filter and always prompts users before downloading files. Safari (like Chrome) does a good job at blocking unwanted cookies.
Cons: Lacks security zones and the ability to turn off add-ons.
Takeaway: While Safari is a great looking browser, it's a mixed bag with respect to security. Still, Safari -- if fully patched and running on a fully patched system -- can be a secure environment.
Pros: Opera has extensive security controls and good protections against "denial-of-service" attacks.
Cons: Lacks security zones, the ability to turn off add-ons, and private-session browsing. Its lack of support for key Windows security features may put it at higher risk of buffer overflow attacks.
Takeaway: Opera is a great browser but hasn't been exposed to the crucible of constant attacks. Support for Windows' Data Execution Prevention and Address Layout Space Randomization features is needed before its use can be more highly recommended.
Takeaway: The security model Chrome follows is excellent, but the security choices Google has made for its browser are often abysmal. More troubling, the vulnerabilities that have been found in Chrome are simple and common ones that Google easily should have avoided.