We reported earlier on a Google-sponsored study that named the search giant’s Chrome the most secure browser available. Now, other browser makers and security researchers are firing back with their own data.
The study, conducted by security firm Accuvant, ranked Chrome as the browser most effective at blocking security threats, followed by Internet Explorer in second place and Firefox in third.
Accuvant posted its methodology and results on the company’s website to show readers it wasn’t simply paid advertising for Google’s browser.
But not everyone was convinced. For example, NSS Labs, a company that tests browser security and antivirus software, posted an analysis of Accuvant’s report, calling the testing process used “skewed toward Chrome” and wrote off the study as an attempt by Google to slam Mozilla, developer of the rival browser Firefox.
NSS researchers argued that the study chose to include security features used by Chrome in its test while ignoring significant features in Firefox — such as so-called “frame poisoning,” which blocks exploits of layout code crashes.
The analysis also points out the timing of study, which was published just after the expiration of a contract in which Mozilla agreed to make Google the default search engine in Firefox in exchange for funding.
Another response to the Accuvant study came in the form of a new website, yourbrowsermatters.org, created by Microsoft. The site runs a user’s browser through a series of tests and returns a security score.
No surprise in the results: Internet Explorer 9 returns a perfect score, while the most recent releases of Chrome and Firefox come in second and third place, respectively.
What are IT pros and users supposed to make of all these different tests and reports? The main takeaway is that there’s very little agreement on which browser is best for security.
It’s impossible to say which choice is ideal for every organization — IT’s best approach is probably to choose the software that most suits users’ needs, and make sure the browser and all its plug-ins are kept fully patched and up-to-date.