You might be forgiven for thinking Internet Explorer is the only web browser available. After all, that browser, supplied by Microsoft Corp., has 55% of the worldwide browser market, according to figures from browser-monitoring firm GlobalStatscounter. But Explorer’s market share is falling, thanks to competition from other browsers.
Firefox, the open-source community effort from the Mozilla Project, and Safari, from Apple Inc. , are the main contenders here. But there are many others.
Opera is a browser for desktop computers that has made considerable headway in the mobile-phone sector, for example. Flock is a browser that is based on the same engine as Firefox but has been engineered for use with Web 2.0 services, such as photo-sharing sites and the infamous Facebook, which, with its 350 million users, seems to be everywhere you turn.
And let’s not forget Chrome, brow-ser software produced by Google Inc. and released in September 2008, which the company engineered from the ground up with security in mind. How can you choose among these systems, and what should you be looking for?
For financial advisors, security is one of the most pressing concerns when choosing a browser, because these applications are commonly used as infection points to compromise a computer via a malicious website.
It’s unfortunate for Microsoft that the German and French governments had, at the time of writing, advised their citizens not to use Internet Explorer. This came after Google and other companies found their networks under attack as part of Operation Aurora, a concerted effort to compromise their computers and gain access to intellectual property. The attacks pivoted on what is known as a “zero-day exploit” — a flaw in the application exploited before the vendor is able to patch it. Microsoft has said that only Explorer version 6 is open to attack. But versions 7 and 8 theoretically could be exploited, too.
Chrome, which also has been subject to security flaws, nevertheless has been built to be more secure. Unlike other browsers, it is designed to “sandbox” software processes in the browser — meaning that the bad guys do not get access to your computer’s physical resources, such as the hard drive and file system. That makes it harder for malicious websites to force your browser into doing things to your computer that you don’t want it to.
With admitted exceptions, such as the Explorer security problem, most security issues experienced by browser users are related to “plug-ins.” These are extra pieces of computer code, downloaded and designed to interact with the browser. They typically are used to enable different media types, such as PDFs, Flash animations and Quicktime movies, for example. Adobe Systems Inc. ’s Acrobat Reader and Flash Player, and Apple’s Quicktime, are plug-ins that have suffered from critical security flaws that left their users open to attack from hackers. Unfortunately, plug-in security problems are something that even Chrome can’t prevent. If you install a plug-in that is insecure or deliberately malicious, you should prepare for the worst. So, be very careful about which add-ons and extensions you install.
Security features such as those found on Chrome are important, but so is safety. Most browsers come with a selection of safety features designed to protect users against being fooled into online scams or having malware installed on their computers. One example of this is the “anti-phishing” technology built into the most popular browsers, such as Explorer, Firefox, Safari and Opera. These browsers constantly check to ensure that the websites you are visiting are not scam sites designed to steal your log-in credentials and pilfer your online accounts.
Most of these browsers also now include support for extended validation digital certificates. EV certs are designed to prove that the operator of a website really is who it says it is. These certificates have existed before, in the form of SSL certificates, but the application process for a certificate was not as stringent; Joe could use his certificate to prove that he was Joe, but that didn’t mean that you knew whether Joe was a criminal.
Organizations applying for EV cert now have to go through more due diligence to get one. When a website sends an EV cert to a supporting browser, it will often use the information in the certificate to reassure the user that the site being visited is legitimate. Typically, EV certs display a green color in the website address bar as visual reassurance. IE
Range of browsers threaten Explorer’s dominance
Mozilla Firefox and Google Chrome are among products that offer various features for security and convenience
- By: Danny Bradbury
- February 8, 2010 February 8, 2010
- 11:44