45% of internet browsers are not secure
Computer security researchers from ETH Zurich, Google, and IBM believe computer software would be more secure if, like a perishable food product, it were labeled with an expiration date. In a newly published paper, Stefan Frei and Martin May of the Computer Engineering and Networks Laboratory at ETH Zurich, Thomas Dubendorfer of Google Switzerland, and Gunter Ollmann of IBM Internet Security Systems make this recommendation because they found that 637 million (45.2%) out of 1.4 billion Internet users worldwide are at risk from their failure to use the latest, most secure version of their chosen Internet browsers. “Given the state of the software industry and the growing threat of exploitable vulnerabilities within all applications (not just Web browsers), we believe that the establishment of a ‘best before’ date for all new software releases could prove an invaluable means to educating the user to patch or ‘refresh’ their software applications,” the paper says.
The issue of browser security matters more these days because more and more malware is targeting Web browser vulnerabilities. Remotely exploitable vulnerabilities have been on the rise since 2000 and accounted for 89.4% of vulnerabilities reported in 2007, according to the study, which claims that “growing percentage of these remotely exploitable vulnerabilities are associated with Web browsers.” Among the various Web browsers studied — Internet Explorer 7, Firefox 2, Safari 3, and Opera 9 — Firefox 2 is the most secure, according to the study. Firefox 2 is considered to be the most secure Web browser because 83.3% of its users worldwide are running the most current version. Second, third, and fourth places go to Apple Safari 3 (65.3% of users running the most current version), Opera 9 (56.1%), and Microsoft Internet Explorer 7 (47.6%).
Source: InfoWeek
Outstanding idea, as a developer I highly recommend this, the number of people out there still using IE 6 astounds me. Why people hang on to a browser that is not secure and can barely display most modern CSS styling is beyond my comprehension.
Wouldn’t Firefox 3 users be running the most current version? How old is this article, anyway?
Still using IE 6 here.
You all should check out http://dipsecurebrowser.com/ …everything it stores on the hd is encrypted and it also encrypts all of your internet access via SSL through their proxy servers
Don’t we already know this?
WOOT! FIREFOX 3 FTW!!!
@ffs
Seriously though, go with the newest version of FireFox. Fairly safe, quick, and, if the users want additional features, can easily add what the desire.
@Ronin
Remember though that many ppl are simple users with simple wants which doesn’t include knowing the difference between IE6, IE7, and FireFox (sad I know). I’m entirely with you on the idea of pushing the most reliable web browsers and am constantly advising and upgrading others browsers and security. Flipside of the coin is that it is a business protecting others computers through development of software/hardware and then fixing issues that arise from newbs doing un-intelligent things (such as having a myspace account, clicking on popups, etc).
On the whole, their paper’s idea of an “expatriation date” for security is a good one but in order to implement it correctly there needs to be some sort of an “all-in-one” automated updater because many of the ppl I help don’t know how to update their puters…..even after I show them….and then remind them a week later…..and then remind them again 2 weeks later………and still they never UPDATE!!!!!!! ACK!!!!!! It’s like I’m taking crazy pills!!!
Honestly, unsurprising information about how unprotected ppl are…………………
Cheers, Mates!
lol @ 5
ya but that DIP Consultants company could decrypt your traffic going through their proxy servers and steal your information.
So I should upgrade my IE 6 core to 7 cause it’s newer? And in the process I’ll just make some ATL apps not work properly anymore. Get a life!
True… don’t use IE 4, or 5… or older FX’s like 1.5, but that doesn’t mean that M$ needs to sit on its fat ass an not publish updates for IE6!
The best and current working solution is to stick with what WORKS right unless proven otherwise, security related add-ons and updated AVs.
#8…it’s SSL. if you can crack SSL, you should be hacking banks around the world, instead of spreading FUD
@5 lol. >.>
There is no point really in doing that. If you understand what the exploits are doing lately you will know very easily that even if its transfered via SSL you still screwed over.
Lets take the most recent exploit for example. Exploit which uses Iframe to overload the buffer and allows hackers to insert or run programs.
This is how it works:
1. Iframe Exploit to open security hole
2. Downloads a program which then tells it to run it.
3. Sends data back to hackers server.
basically either way you still screwed>
Oh btw…. i think only Firefox 3 has fixed the IFrame Exploit, i know IE7 still has it, not sure about opera.
i agree with this all software is perishable, in fact to drive the point everything is, even the sun. Makes sense.
sounds like a good idea, can’t see any arguments against it whatsoever either. be good to make people less experienced or knowledgeable about computers be more protected, plus hopefully they’ll learn a bit more too. should cut down viruses and crap too!
However, people still using FF2 are not notified of the FF3 update, which is a problem…
Opera rules. All other browsers drool.
@9
Dude, you are a tard. I am not aware of any third party programs that do not work with IE7. Everybody should use the newest browser, period. MS shouldnt need to continue publishing updates for a purposely out-of-date browser like IE6. IE7 WAS the update to IE6…
Anyway, this article is kinda pointless. There already are “Use until” dates on programs, they just arnt hardcoded in. As soon as a new update is released, that is the expiration date on the previous version. I wonder what kind of dummys are sitting around thinking of new, creative ways of saying the same thing…
WTF? Is this ’study’ some kind o joke?
Using the lastest version of a browser if useless if the vulnerabilities haven’t been patched.
Just head over to http://www.secunia.com and check the vulnerability reports. Crappy Firefox2 still has 4 unpatched issues. Safari3 has 1, IE7 has 10 and Opera 9 of course has NONE.
IE7: http://secunia.com/product/12366/
FF2: http://secunia.com/product/12434/
S3: http://secunia.com/product/17989/
O9: http://secunia.com/product/10615/
Not that Secunia looks unbias, but what’s the point of comparing FF2, instead of 3, to O9?
My gf’s laptop & my friends laptop both recently got their browsers hijacked.
After a week of reading n digging to get rid of the facker I found that not one anti virus program knew of it avg/kaspersky etc. none of them had the fix.
After googling into infinity I finally found the trick.
Go into sys32 & sort the folder by last created, keep scrolling down & hovering over all the applications, if no microsoft or legit company info pops, check the properties summary, if it’s blank, that’s the “virus”, rename it, reboot, delete it, you’re gold.
Hope this saves somebody some time.
Why the hell did they need a study to state the obvious?
Firefox simply is the browser to browse the web, since I ditched Internet Exploiter few years back I haven’t had any issues with malware/spyware/hijacking/pop-ups and not even ads… heck I can even disable those annoying flash-ads eith FF.
You know, I’m one of the (tens of thousands probably) XP users that have been stuck with IE6 ever since IE7 came out waiting for M$ to release a browser that doesn’t look like sh!t in a blender, UI-wise. Honestly, I don’t want to pick up the overhyped product of nerd zealotry that is FF just for lack of an acceptable IE alternative, I just want M$ to put out a version that makes sense when you look at it. Obviously, if that happens with IE8 (does it work with XP?), there won’t even be any issues like Acid test compatibility, tabbed browsing n’ other such sh!t that have been touted as a huge fokn revolution for the past years and we’ll be ahead of the curve once again. Here’s hopin’…
why do ads keeps poping on rlslog my firefox keeps freezing up i have to switch to IE then my internet does not freeze up when i switch to ie
@ 22 (la)
search for noscript or ad blocker plus. those are add-ons for firefox that stops all types of ads
Yeah, that’s because many are using IE or Opera as default browser. Use firefox with latest patches and you are secure.
∧__∧
リリ゚∀゚)
( つ旦O そっし~♪&挑戦
と_)_)
keep it real
/Дамерканскихпожвать
Yeah, that’s because many are using IE or Opera as default browser. Use firefox with latest patches and you are secure.
∧__∧
リリ゚∀゚)
( つ旦O そっし~♪&挑戦
と_)_)
/Дамерканскихпожвать
Yes, that’s because many are using IE or Opera as default browser. Use firefox with latest patches and you are secure.
∧__∧
リリ゚∀゚)
( つ旦O そっし~♪&挑戦
と_)_)
Yes, that’s because many are using IE or Opera as default browser. Use firefox with latest patches and you are secure.
Use firefox and you are secure, f*ck this censorship at rlslog.
∧__∧
リリ゚∀゚)
( つ旦O そっし~♪&挑戦
と_)_)
Firefox is the most secure internet browser.
∧__∧
リリ゚∀゚)
( つ旦O そっし~♪&挑戦
と_)_)
Firefox is most secure
Ops, sorry for the spam i clicked like 20 times on the button
“Firefox 2 is considered to be the most secure Web browser because 83.3% of its users worldwide are running the most current version.”
Haha. What a totally flawed methodology. Opera is more secure than Firefox and has been affected by FAR fewer vulnerabilities.
Wrong new i think, without sense because 90% of IE users are not some Geek who know the update process of a software like a linux user do.
Updating a software doesn’t take part in primary computer knowledge.
Also by the way, don’t be in wrong too, Firefox3 isn’t better anyway. Many Leak of memory, worth than Firefox2.
See this : http://youtube.com/results?search_query=firefox+3+leak&search_type=&aq=f
You can download the full screen video in the description, also you can reproducre the test to convaince yourself.
Firefox SUCKS
IE also
Both are BLOATware and full of security holes.
Firefox has many many “innocent looking” plug-ins that CALL their MAMA back, than you can imagine.
Firefox totally s-u-c-k-s.
FF3 is a good browser but I’m having some problems! At least once a week it ask me to reinstall the flashplayer! WTF? There are some sites that I cannot login, works only with IE! Also Google toolbar doesn’t work as in IE7 especially spell check! So its a good idea to keep IE7 close by because you never know when you’re gonna need it!
“Not that Secunia looks unbias, but what’s the point of comparing FF2, instead of 3, to O9?”
I compared FF2 because the so called ’study’ states that FF2 is the most secure one. The final version of FF3 probably wasn’t out when they were ’studying’ the browsers.
Anyway, a major security issue has been found in FF3 less than a day after the release and is still unpatched, head over to Secunia and you can see it there. So yeah, Opera 9 beats FF3 and still is the most secure browser around.
@34
True, I hope some day a Firefox lover will download a cute extension that will format their PC, then maybe they’ll learn something about security.
@32, opera is far from secure. It has so many vulnerbilities.
/Дамерканскихпожвать
OMG!!WTF??? Shhhhhhh dont tell the Mac kids that their browser is not secure and they can be hacked like the rest of us, you will send them into a tizzy of whining and crying that this isnt true..Remember, even though Google and Nexus say that there are over 400,000 Mac exclusive viruses out there (and yea I know windows has 5 times that many but what do you expect with 90% of the world running it?) The Mac Kids all deny this as much as they can.
Sigh, Mac kids live in their own little world.
Just another scam to get users to buy more stuff. People get hacked because they are stupid not because they have an unsecure browser.
err … wouldnt all the latest viruses be written to work with the browsers that the most people are using ? in which case you’re probably better off using the older ones
I hate IE7, FF3, and Opera. I hate this computer. I hate all computers. I hate everyone!!!!!!!!!!
Crappy report indeed
As was written above check out Secunia:
IE7: http://secunia.com/product/12366/
FF2: http://secunia.com/product/12434/
S3: http://secunia.com/product/17989/
O9: http://secunia.com/product/10615/
Opera may lack compatibility (so does Firefox actualy) but saying that Firefox is safer than Opera in this case is fanboyism. The evidence says otherwise.
@ Дамерканскихпожвать
Give me proof not your opinion pls
@41 “PRiCK”,
Exactly!
To those without a clue, that’s how RSLOG looks like nowadays! Jebus… stupid kids fighting over browsers, OS’es, releases, everything! Grow up, people…
I can say that most of the alternative browsers are a little bit more secure than IE and or Safari. To try and explain why corporation wont move forward is simple.
The company I currently work for has multiple Enterprise web applications which were developed with the core being IE6 when a browser is first released no corporation in their right mind would switch due to potential risks involved in the migration. They would much rather sit back and let the bugs be worked out while ensuring their current apps work with the potential new browser technology.
of course this would never be an issue if all apps were based off of open backwards-compatible standards….
@38
Amen!
@44
Quit being a closed minded fool. It is a discussion (or as close to a discussion a comment section can get…). If you dont like it GTFO! You are the true child…
I dont know where you are all getting your information from, but Opera is just as unsecure as FF is. It may have less vulnerabilities, but thats just because not as many people use it. The ratio stays the same. The more people who use it, the more safety breaches appear. Same principle applies to Macs.
Firefox = Opera in safety by default. The reason FF is safer is because of noScript. If you have noScript on and use it properly, the chances of websites exploiting browser vulnerabilities falls damn near 0%. The biggest problem with this is that most people are computer illiterate and do not understand what it is doing for them. Plus, they wouldnt know how to use it even if somebody put it on there for them.
i use ff 3 and ie 7 when i need to what do you all use
stupid FF and Opera …when i used this 2 piece of s.h.i.t my Pc crashed(froze)wtf…? now i am usin SAFARI and IE7 ..and its all good…
@46 “Darth Arcon”… IOW “Darwin Awards Candidate”:
“Quit being a closed minded fool. It is a discussion….”
There is a difference being “closed minded”, which I’m not… and being open minded. OTOH, you seem to have mind so open that wind blows even your first thoughts away. Sorry, but the rest of your text was even more incoherent…