Welcome to WebmasterWorld Guest from 54.211.101.8

Forum Moderators: open

Microsoft calls out Firefox and Chrome for security weaknesses

   
4:05 am on Oct 14, 2011 (gmt 0)

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Microsoft calls out Firefox and Chrome for security weaknesses [zdnet.com]

In a move that’s sure to raise hackles in Silicon Valley, Microsoft today debuted a new web site designed to raise awareness of security issues in web browsers.

When you visit the site, called Your Browser Matters [yourbrowsermatters.org], it allows you to see a score for the browser you’re using. Well, if you’re using IE, Chrome, or Firefox—other browsers are excluded. Not surprisingly, Microsoft’s latest release, Internet Explorer 9, gets a perfect 4 out of 4:

Part of the goal of the site is to prod users of outdated IE versions to switch. So IE6 gets a solid zero on this page, and IE7 gets a 1 out of 4.

If you visit the site with the most recent public releases of Firefox or Google Chrome, however, the results are less than perfect.


Funny, it doesn't work with Opera or Safari at all...
6:15 am on Oct 15, 2011 (gmt 0)

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



Got a chuckle... site would not work at all under FF 7x with noscript... had to tell noscript to allow the page.:)

For fun, checked with IE 8 (64, running xp64 pro) and it came in at 3 on their four point scale... but the pictures were prettier.

Don't use chrome, safari, or opera so no commentary on those.

The particular tests this site uses seem to indicate, more than anything, the inability of the OLDER browsers to operate in today's web... hence that "kill IE 6" anthem.

This is what it checks:

Dangerous Downloads

Does the browser help protect you from websites that are known to distribute socially engineered malware?
Does your browser provide a distinct warning when you download an application that is of higher risk but not yet confirmed as malware?

Phishing Websites

Does the browser have a feature that can help protect you from phishing sites?
Does your browser help you identify the domain you're on by distinguishing it within the URL?

Attacks on your browser
Securing Extensions

Does the browser have the ability to restrict an extension or a plugin on a per site basis?
Does the browser have a system for auto updating browser extensions?

Effective Sandbox

Does the browser process utilize Windows Protected Mode or implement a similar mechanism such that browser processes cannot modify parts of the system that it doesnt have access to?
Does the browser extend the sandbox such that it cannot read data from parts of the system that it doesnt have access to?
Does the browser benefit from Windows Operating System features that protect against arbitrary data execution?
Does the browser benefit from Windows Operating System features that randomize the memory layout to make it harder for attackers to find their target?
Does the browser benefit from Windows Operating System features that protect against structured exception handling overwrite attacks?
10:44 am on Nov 23, 2011 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



I tried it also with FF 8. The score box reads
"We can't give you a score for your browser."
Maybe it's outside the 0-4 range.
10:58 am on Nov 23, 2011 (gmt 0)

WebmasterWorld Senior Member sem4u is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I got the same result for FF8.

On IE8 I got 3/10, but I can't upgrade to IE9 as I am on Windows XP.
 

Featured Threads

My Threads

Hot Threads This Week

Hot Threads This Month