When a massive spam attack posted violent and pornographic images across the news feeds of many Facebook users last year, many wondered how hackers had launched the attack. Turns out, it was by exploiting a vulnerability in users’ web browsers.
The event shed light on an often-overlooked issue of online security, your web browser. There are many browsers available, such as Mozilla Firefox, Google Chrome, and Microsoft’s Internet Explorer. But the real question is: which browser offers the most protection from malware, adware, viruses, and hackers?
Many browsers are fighting for market share, and therefore paying more attention to their security, but popularity and security are not always equal.
A recent Accuvant study revealed that Chrome (the second most popular browser) ranks as the most secure web browser when compared to Internet Explorer (the most popular) and Firefox. Interestingly, this month the German government named Chrome the most secure browser, perhaps lending weight to the study. However, critics have pointed out that the study was commissioned by Google (creator of Chrome), and the findings may therefore be skewed.
Still, according to the study, Chrome ranks the highest in creating and putting into use new safety measures to boost its security, with Internet Explorer only slightly behind Chrome. Firefox was deemed the least secure in the study.
Despite these recent findings, the browser wars remain a hot-button issue, with various entities dubbing some browsers more secure than others. During the 2011 hacker conference, Pwn2Own, hackers attacked four popular browsers: Internet Explorer, Apple Safari, Mozilla Firefox, and Google Chrome. The hackers were able to quickly compromise Internet Explorer and Safari. In fact, these hackers were able to hack the browsers so thoroughly that they managed to write files on the hard drive of the computer they were attacking. Interestingly (and contrary to the Accuvant study findings), Chrome and Firefox both resisted hacking attacks during the exercise.
Regardless of the browser, manufacturers are always working to ensure users can enjoy surfing the web safely and securely—and that’s the good news. The bad news, as the Pwn2Own conference revealed, is that cybercriminals worldwide are also working hard to figure out new ways to hack your browser.
This means that it’s important for users to educate themselves about this threat and take the steps necessary to lessen their chances of falling victim to a browser security breach. What should you do? Keep the following tips in mind.
- If you plan to download a new or different browser, make sure you are downloading a legitimate version. Go directly to the manufacturer’s site, and ignore ads or popups (which may be tricks to get you to install a corrupt version).
- Set your online preferences to allow for software updates. Some browsers, such as Internet Explorer and Safari, will automatically update with your operating system. But others, including Firefox, automatically update themselves to deploy security patches and provide enhanced security features.
- Set your browser’s security settings to the highest possible to prevent others from exploiting your browser.
- Disable popups in your browsers or install security software that prevents popup windows. Deploying infected popups is a popular way that hackers trick users into downloading malware.
No matter which browser you use, always follow safe practices and be alert to any unusual or suspicious functioning when you log onto the web.
None are safe…
I use 3. Chrome. Firefox, and Opera. Each one has a different use. One for Facebook ( limited games ). Email and such. And browsing. I run a Maleware detector (2) often as well a Antivirus. Yet I never feel absolutely safe
Running linux happens to be even safer however… If you know how. Much less running linux and chrome.
there’s a backdoor in linux…..
LOL Really, maybe you can tell me where it is or how to break into it. I’ve been using Linux for 10+ years, practically everyday, with no AV and have never had any issues at all. No on uses Av on Linux, you don’t have to.
When I wanted to download LINUX, they said that weren’t a web browser.
I assume a lot of people do not use an antivirus on Linux (and many probably do not on UNIX and Mac as well). If someone never runs an anti-virus on their Linux box (or UNIX or Mac OS X), how can they know if they get a virus on their computer? Someone could have one on their Linux workstation and never know it.
lol if you have never used linux than you would not have a clue to how it operates. Linux requires a root password on every major system move you make. there is no way for a virus to get through password protected systems as such. the systems main folders are locked with password and can not be over written with out logging in as root. there is always ways to fix any issue that may occur, and btw Digibyte, how do you know when a microsoft box has a virus or spyware let along a trojan? your operating system starts to act up and drag right? usually thats the case. and with linux this just never seems to be an issue. so yes that is how we would know.. try linux you might just shock yourself for once.
A virus does not have to get through a password protected account by itself. Usually the user is the one who ends up infecting his computer with the virus from the stuff he installs and catching from browsing the Internet.
There is no real sure way to know if you have a virus on a Windows, Linux, Unix, Mac OS X, etc. computer. An anti-virus just gives you the potential to know if you have a virus on your computer. Not all vioruses will make your computer run slowly. A virus could just e-mail off user account data, and you may never even know it happened.
I have used Linux off and on for over 7 years.
I assume a lot of people do not use an anti-virus on Linux (and many probably do not on UNIX and Mac as well). If someone never runs an anti-virus on their Linux box (or UNIX or Mac OS X), how can they know if they get a virus on their computer? Someone could have one on their Linux or UNIX workstation and never know it.
There is a possibility of a virus gaining access to “root” in Linux via a security hole in the operating system (when the account is “non-root” and cannot “sudo” to “root”. Even a virus in Windows running under a limited account still has the potential to gaining Administrator privileges.
Opera is pretty safe if you know how.
Yes, I agree. I have been using Opera for years and no problem so far.
I have 3 browsers – Opera is #1, Chrome #2, and I have IE only because there are some websites that won’t work right with any other browser. Opera is the fastest of the 3, has the best features & I’ve never had any kind of “malware” problem using it. Chrome’s pretty good, IE is terribly slow in comparison & is the biggest target for hackers.
IE terribly slow ?
I think you need to take your computer to repair.
Im currently using ie10 on windows 8 and its a pretty sleek browser, only thing it lacks is a good plugin gallery.
It’s speed and security has been much improved now.
Hear, hear… It is a good thing that this piece also draws attention to the user. After all, it is the user action that causes a reaction. So where do you click, which websites do you visit, what email attachments do you open, what “look at this!” nice software to do download. Furthermore, you can ask yourself if browser safety and marketing are similar. Finally, it is remarkable that Zone Alarm issues this message, where their actions and forums show a clear preference (and compatibility of their software) with a certain browser…
Browser safety and marketing are not similar…
Only with Windows. Linux isn’t sensitive with websites because it deliberate actions to install programs.
Once you start talking about taking special precautions with websites, you are in trouble. You are falling for the Microsoft propaganda that somehow YOU are RESPONSIBLE for the Operating System getting infected with malware or rootkits or botnets or viruses or spyware. No, No, No, you are not responsible, Microsoft is, and in their gigantic scheme to cover up their source code and OS security difficulties, they take no responsibility.
If you have any doubts about this, get a second computer and load the “free” Linuxmint 12 from linuxmint.com. And to prove the point, don’t restrict your browsing and Don’t install any AV and see if you can get infected……….you can’t because the source code is secure and you don’t need external protection.
+1
Try Linux Mint 12 and see it yourself. Infact try without installing.
Big difference is that unlike windows, Linux takes care of apps / software and check about compatibility. Windows leave it and blame it on 3rd party software devs.
There is an interaction between OD dev and app dev and even an end user, through forums / community. This is unique. The spirit of brotherhood cannot be experienced in windows. Come and join Linux Mint or Bodhi Linux or even Ubuntu community. You will get response from advanced users, you can chat with them in IRC (like yahoo messenger) and even take part in giving feedback (and devs try to read as much as possible), unlike microsoft. More than AV issue, I really like the community of Linux Mint and other distros like Boshi Linux, Saline OS and even Ubuntu.
I feel a part of whole system. This can only be experienced.
Cheers
I have both the one I use (Firefox) and the one my wife uses (Chrome) set in the secure mode and play absolutely no games through Facebook on them. If you run Facebook in anything other than secure mode you are taking a big chance and the games are just a way for your computer to be hacked by someone because they take you out of secure mode. Also, if you don’t run secure mode in Facebook it is easy for someone to hijack your password. What will happen is you can be sent to an unsecured site and it will say that you need to reenter your password and username. Unsuspecting people enter it thinking it just had a glitch, and bang! You’ve been hacked. I’ve got my wife trained to never play games or use any apps in Facebook and it seems to work well for us. We use Zone Alarm and I have Ad-aware set up so we’re in pretty good shape most of the time.
I agree that no web browsers are more secure. As a user of Google Chrome I have found that the more Google improves Chrome the more unreliable it becomes just like Windows explorer. Chrome crashes just as much as the Explorer and eats up more and more of the processor memory. In fact I have found that the more extensions you add to Chrome the more it dominates all of the processor memory to the point of shutting it down. I discovered this by clicking on Task Manager then going to processes and have seen multiple Chromes using gigantic amounts of the processor. This is true even if you are not running the extensions. I had to get rid of lots of extensions especially game extensions that I did not want running all the time, just to keep my computer functioning.
There seems to be an axiom that the more a browser is improved the more dysfunctional it becomes and the more it crashes. Windows explorer and Google Chrome have proved this point. Also the less likely that Adobe Flash player will run smoothly on with that browser. I have observed this from personal experience.
Chrome is not the problem.
Try re-installing your video driver. Most crashes are due to conflicts in the memory mapping with the video driver. [A computer specific problem]
Check to see if there are new driver versions, if not, you can re-install the same version.
It’s not a repeatable problem with other users. I use Linux and it is constantly being updated through the Linux software manager and I only have 2GB RAM and never have memory issues (64 bit Linux and 64-bit Chrome)
http://forums.techarena.in/tips-tweaks/484644.htm
Good luck.
I was reading an article at PcPitstop.coms monthly newsletter. about the same subject,
‘which browser is more secure” that many test were run on all browsers, and that we were going to be surprised at who the winner is. As the article went on they found that Internet Explorer 9 turns out to be the safest and secure, that not even epolorer 8 was , or Chrome, or Firefox was as secure as the new Internet Explorer 9. I was surprised too as I always chose Firefox over Internet Explorer. It would be real interesting to find out who actually is the most secure browser winner
I am a Zonealarm user … and yes there is at least one safe browser “Browser in the Box” by Stirrix AG a german company which uses two different OS working at the same time …
However…some are ore safe than others…make it your decision to find the Best One for your Ability and usefulness
I Prefer…
The least popular and unheard browser would be the most secure. Because such browsers will escape the attention of hackers. Hackers only target famous browsers
None are 100% safe as all of them still have risks however some are alot safer than others.
Really dude???
“None are 100% safe” No! Isn’t that true of all software???
“all of them still have risks” Really? Restating the above.
“some are alot safer than others.” That implies they all have different bugs – like any software written by different authors.
Browser security is in context with the OS used.
Generally articles like this blame the browser instead of the OS. Since no mention is made of using the same browser on another OS and not having problems, it is not an accurate picture.
Windows is insecure and Microsoft does not care about making it’s source code secure. It relies on Anti-Virus protection and Critical Updates and zero-day watchdog groups to supply information about security holes. It’s not practical to ask Chrome or Firefox to try and take care of Windows security holes – an application is not meant to fix a defective OS like Windows. People have been deceived into believing that the applications are somehow faulty, but in reality, the same versions work absolutely fine in Linux, even when Linux never even uses AV.
I’ve used Linux for over 10 years without AV and never had ANY security problems or virus issues. I’ve used Firefox, Chrome, Chromium, Lynx, and Opera without problems. Linux uses open source code for the kernel and the OS that has constantly been available to everyone for free since it’s beginning in 1991. This source code is a complete blueprint of the operation of the kernel and OS. Microsoft, using closed (secret) source code relies on the ambiguity of the compiled binary file to keep secret – and it doesn’t work.
Again hackers want easy prey and a large audience. Citing a browser or OS with a low usage doesn’t make it safe. It might mean no one was interested as there was little to gain. Also open source does not make it safer either. Most likely there again is little to gain. If linux had the consumer market share that Microsoft or Apple have then it would be the same focus for their attention.
The only way to be safe is to be smart. Really now you wouldn’t leave your door unlocked if you weren’t home. And you aren’t likely to invite someone in you don’t trust. Same can be said for electronic visitors to your home or business. The scary part about hackers is you can’t seem them. But you don’t see a burglar either.
I agree. Here is another analogy. If you live in a small rural town, you may leave your doors unlocked. However, if you live in New York City, you probably have two locks, a dead-bolt and a chain. Linux is the small town, and Windows is NYC.
Security has nothing to do with market share. This has been proven for a very long time.
People write malware for Linux but it does not work. Android is Linux and uses the same kernel as the desktop Linux. Microsoft has 1.4% of the Market share, the rest is Apple and Android. Neither use AV and don’t have intrinsic problems with security.
Don’t get fooled. There are discussions about Malware on Android, but they have nothing to do with Android. People install applications that have built-n trojans. When they authorize installation of the application they want, they also get the unwanted Trojan program(s).
Any OS has the same problem and it has nothing to do with the security of the OS. There is no protection except installing programs from a trusted source.
“Security is a network of trust”,
— Linux Torvalds, founder of Linux
Having millions of bad locks doesn’t make them more insecure. Having fewer doesn’t make them more secure.
This is probably true if you’re thinking in terms of hackers in general. There was indeed a time when you could leave your doors unlocked and be safe doing so.
But these days you never know if someone is targeting you personally (for whatever reason), so you are just as vulnerable in your rural hamlet as in NYC – you should apply the same behavior to both situations (lock your doors and windows, maintain a burglar alarm system with power supply backup, and be constantly vigilant – today’s price for freedom).
You choice to use Linux and declare it safe is done in ignorance, The only reason you have been safe is numbers. Windows is the most used and therefor the most profitable for attacks. When put to a test Windows is the hardest to to hack and Apple is the Easiest. As the market share for Apple grows the interest that hackers show for it grows. I don’t see the market share growing for Linux. I have taken classes in in all the OS’s and they all have their advantages and disadvantages.
You assessment of Microsoft is far from the real world of what drives hackers, pure monetary gain and Microsoft is the World leader and will stay that way for the foreseeable future.
Your assessment about security because of numbers is incorrect based on Android (Linux). Android uses don’t use AV either. Linux runs without (external) protection because the OS provides the proper protection through design (open source for kernel and OS since 1991). How can I use Linux for 10+ years without any infections with numerous browsers, all without any AV. You never used Linux, right? Microsoft doesn’t want to spend time or money on design. They would rater get free, after the fact security input from AV companies (ex. Stuxnet) and Zero Day watch groups. How about TDL-4? Do you think I spent any energy worrying about it, or anything else.? Linuxmint.com website explains you don’t need anti-spyware or anti-virus. I would never go back to Microsoft.
http://www.linuxmint.com/about.php
“Based on Debian and Ubuntu, it provides about 30,000 packages and one of the best software managers.
It’s safe and reliable.”
“Thanks to a conservative approach to software updates, a unique Update Manager and the robustness of its Linux architecture, Linux Mint requires very little maintenance (no regressions, no antivirus, no anti-spyware…etc).”
My Acer One netbook was set up for dual boot with Mint when I first purchased it about a year ago.The Windows 7 home premium was used for installing the AV and Updates. When I recently started Windows I was greeted with pop ups from the AV informing me Windows was infected. It turned out to be 5 infections including Alureon.DX rootkit. When I removed the infections, the browsers would not work because they couldn’t find the “proxy” server. The Alureon configured Firefox and IE to use a proxy server in Russia. This is for a new Acer One with Windows Home Premium 64 bit that was used to install Avira AV and do critical updates. It’s not the hardware, it’s the design of Windows which uses totally insecure source code.
Linux, never had issues and never had AV installed either. There’s just no comparison.
The truth in OS security is this, the easier it is to use and interface with other nodes, whether you are talking internet or not, is the easier to hack. Linux is locked down from install and these usage windows must be opened, Windows is opened to these windows on install and to secure the OS, you must close these windows. This is the only difference as OS security goes.
If something is easy to use as a access point, whether ingoing or outgoing, it is insecure. This is the nature of access.
I don’t know how much research you have done one the Alureon.DX rootkit, but this specific virus actually embeds itself into the MBR (Master Boot Record) of the hard drive and downloads other viruses that it then inserts into the Windows OS (the FakeAV you saw). Sadly, this virus cannot be removed with any antivirus as of yet. In fact, an article straight from Microsoft stated that the only way to rid yourself of the virus is to wipe the hard drive and start over. All of that said, this only applies to you if you are running Windows (which I know you are not).
An interesting idea I came up with is this: What if you were to scan the machine for viruses from your linux partition? WHOA. Virus programmers didn’t see that one coming!
http://www.avast.com/linux-home-edition
This antivirus isn’t really for protecting your linux partition (haha) but it is instead geared towards finding and removing Windows related viruses from the machine.
Actually, I didn’t see any “Fake” AV messages, and Avast is the main AV running on on Only Windows.
The TDSSKiller actually is a separate utility to remove or quarantine the Auleron code. No further action was required, however, in some cases the hard drive has to be redone.
I run dual boot Windows 7 64-bit and Linux Mint 64-bit. Nothing has ever happened to Linux in over 10 years of continuous operation. Windows can’t even run its updates without get sloshed.
I get bored with these long winded linux is better posts… Linux is not user friendly. I have worked with macintosh and windows. I played with linux because I am just wierd like that. Linux sucks and is unpopular, that has a good bit with the lack of hacking attempts. I have used windows for 20 plus years and I hate anti-virus software. I NEVER run it. I set my browser security, which by the way is what I use to access the internet so I believe they ARE responsible for stopping hacking attempts through the browser. Anyway, I have caught a few viruses but then I deserved them
I also cleaned my system easily using information of the anti viurs makers websites.
Your average daily user doesn’t understand the difference between downloading and installing. I think you are too hard on windows.
As for the article. I use firefox and I never saw one pornographic picture I didn’t intend too. Chrome may be “secure” but the price you pay is that Google has your permission to do everything I am trying to prevent. I tell everyone I know NOT to use Chrome.
/rant
Have you tried it recently, though? In the past few years, there have been a lot of developments on the front end; it is now just as easy to learn and use as Windows, and you never have to use a command line. (it’s still there because it’s a lot easier to say “copy this block of text and paste it into your terminal window” than it is to explain how to do something in a graphical interface, and because some people just plain like it more.)
Linux is not an OS, it’s kernel.
Try LinuxMint 12 (linuxmint.com) There’s no learning curve for a Windows user.
It’s true that in strict sense Linux is just a kernel, but in talks Linux is used to mean a distro and you’ll talk about the kernel separately.
No OS is bullet proof. Linux by design is more secure because of following reasons:
1) Open source. In open source software, you can view, modify, do bug testing, as source code is available. This is good for developers. Most popular Linux distros have their own software repos. distro developer generally takes care when adding anything under repos. No developer want ot make his/her distro unstable and full of virus / trojan.
2). Open source community: Advanced users take active part in bug testing of alpha / beta / RC builds and submit bug report and / or patches. So incase bugs are found, they are fixed fast.
3) Use of Different file system:
Linux uses EXT 3 / EXT4 filesystem. Unlike NTFS, it does not slow down with time as data is stored as near to each other as possible. So no need to defragment. This is the reason they 70 %servers are Linux based. Even companied like Google, Yahoo, Amazon use Linux servers. They work with same efficiency even if server is not shut down for years.
4) No registry and no GUI integration in kernel
Linux by design does not have a registry. So if any program crashes, no need to reboot Linux. Each program / app is stored in separate file.
Unlike windows, GUI – Graphical User Interface is not integrated into kernel. So, unlike windows, if GUI crashes, Linux does not crash. Just restart GUI called as DE (Desktop environment) or login / log out.
5) CLI: If anything happens to GUI, still you can work with CLI to fix the problem.
6) no login by root / admin: Linux by default does not login as root. So you cannot delete anything that makes system unstable without signing as root, by opening terminal (CLI) and entering as root)
7) secure by design: If I am not wrong, Linux by default blocks anonymous inbound connections. If you want to install any app, you have to manually enter password. So nothing gets installed automatically.
8) Integrated updates from Update Manager: Along with security updates, updats of software takes place centrally e.g. updating of FF, Opera, Chromium, LibreOffice or any other app. This is done by adding PPA in software sources. These sources are safe to use and so no need to go to software website and download manually. This helps reduce any malicious code that may trigger by clicking on hacked links.
Regarding browser exploitation, if FF or chromium is hacked, then it will be hacked in both Windows and Linux. But most viruses are designed to affect windows, so even if a virus manages to enter via browser or flash or pdf, still it wont affect any native linux programs.
e.g. Ubuntu Linux Mint / Debian uses .DEB file format , Fedora users RPM file format and window uses .EXE. So any virus affecting .exe file will not harm .deb / .rmp files.
Thanks, I appreciate the time you spent.
Bottom Line, Linux Ubuntu and Mint has internal security measures and are locked down so the OS can’t arbitrarily be accessed without use knowledge or user action.
These people, denying Linux security are the same ones using Anti-Virus and reading articles about how “secure” different browsers are. Linux users don’t use AV, it’s just fact.
Thank you Joe for replying and giving useful info.
The thing is, Linux is not Difficult. It’s different. Most people resist change. They want everything to work in 1st shot.
Even if people are using AV, they are using for the safety of their windows partition (in case of dual booting – I dont use it) or for windows users whom they are going to email or transfer data in anyway. AV linux does not work the way they work in windows. They only scan if we want AV to scan like Clem AV. There is no real time protection or some advance features of popular (windows) AV.
While fanatism is not good, it cannot be denied about the proven fact that Linux users do not use AV as Linux does not need it, mostly due to the facts I mentioned in first comment)
I feel, one should dual boot Linux distro, feel it for 6-8 months and then give an opinion.
If I remember, there are about 200 virues, out of which 80 are for testing purposes. dont know that actual fact.
Off-Topic:
Many things are copied from opensource models like floating toolbars in office 2007, were robbed from OpenOffice (now LibreOffice). win 8 has robbed Ubuntu Unity Lens concept. MS is more popular, so many things / features / concepts that are already present in Linux FOSS world are openly adapted by proprietary software devs (and sometimes they try to get patents).
Another point to consider is many devs are working voluntarily, part time as a hobby in FOSS spirit. They do have to earn bread-n-butter for living. Lucky ones get donation / sponsorship, others don’t
Joe, there are two main inaccuracies in your arguments, (1) Android (Linux) users do and should use AV (just search for AV on Android/Google Market and you will see) and (2) What about Mac OS, you don’t need to use AV on it either (I know, you’ll say it is based off of UNIX/Linux anyway
).
Be careful Joe; you’re giving all our non-secrets away. I am a Fedora user and I wonder what all this talk about viruses, malware, etc. is all about??? hahaha Threat of impending doom could not force me to load another OS. I like my life the way it is…….EASY!!! Thanks for posting.
Thanks,
You just have to live with it. I guess I should say Linux should offer free samples, that might help. But it already is free, people have to just try it as a dual boot or on a second computer. My family has used it for 10 years, My daughter went through high school and college with Linux Mint and OpenOffice/LibreOffice on her notebook. No service/infections calls for me at all.
True for hackers, maybe, not true for vulnerability. StuxNet targeted Iranian centrifuges via Windows and a programmable logical controller. I’m pretty certain they were confident they were totally immune to anything but a bunker busting bomb.
An analogy might be bank robbers who target the manager in his/her home the night before they intend to rob the bank. The bank’s secure, but the manager’s wide open.
Ugh. IE doesn’t handle editing on this site well. That’s “logic” not “logical”…
I’ve sed Windows for as long as it has been around and it is no less secure than the next OS. I you want secure then you work at it. I’ve been secure over that time watching my Ps & Qs, installing patches, using and updating av software and making good use of firewall softwae and hardware.
Don’t delude yourself – OSs can all be insecure especially if yu neglect them.
Linux, UNIX, and Mac OS X are not better secured than Windows (more people target Windows and a lot of people do not use Windows wisely when it comes to running as Administrator, but that has nothing to do with the OS security itself).
Linux has security problems too.
http://scalibq.wordpress.com/2012/01/24/another-root-exploit-for-linux/
http://scalibq.wordpress.com/2011/09/02/the-kernel-org-hack/
What about Safari operating on Macs?
Safari uses webkit, which is what Chrome uses. Understanding that a problem is the fault of the OS rather than the browser or application is an important first step in realizing that the browser should not be “held responsible” for a core problem in the OS.
If you use Linux with Chrome or Firefox, you are not even going to be thinking about any of this. It just does not happen. For my family, I’ve been using Firefox and Chrome since even before they were released and have never had any problems with Linux and that’s without using AV the entire time.
I’m running Firefox 10.0.2 on Windows XP. I’ve NEVER used Internet Explorer, yet every single time I reboot and run my security software there is a large number of problems showing up in Internet Explorer. For that reason alone I’ll never use it – if it collects problems when it’s not used, what will happen when it is used?
What security software and what problems? Are they the same ones? Are you having the software fix them? Your statement makes no sense. Unless YOU have set something to run or allowed a program to use it, it will not make any connections by itself. EVER, without you telling it to.
Microsoft Windows gets infected without using it. The time it takes to do this changes. Most recently, the time is under 5 minutes.
You connect your computer to the internet without doing anything and it gets infected.
i.e. You don’t have to use IE to get your Windows infected. The term is drive-by’s.
I think you are referring to Microsoft pop-ups describing missing update information or possibly trying to get you to install an Internet Explorer with a newer version. Microsoft updates sometimes don’t run completely and the messages stack up.
Internet explorer is a bad choice because it still supports Active-X controls. These controls allow programmers access to remotely access and control your computer. Firefox, Chrome and Linux do not support Active-X controls and never did.. When I recommend I Windows user stop using IE and go to either Firefox or Chrome, it’s because this Active-X issues has caused tons of security problem for Microsoft over the years (that’s indisputable)
“Internet Explorer has been subjected to many security vulnerabilities and concerns: Much of the spyware, adware, and computer viruses across the Internet are made possible by exploitable bugs and flaws in the security architecture of Internet Explorer, sometimes requiring nothing more than viewing of a malicious web page in order to install themselves. This is known as a “drive-by install”. There are also attempts to trick the user into installing malicious software by misrepresenting the software’s true purpose in the description section of an ActiveX security alert.
A number of security flaws affecting IE originated not in the browser itself, but ActiveX-based add-ons used by it. Because the add-ons have the same privilege as IE, the flaws can be as critical as browser flaws. This has led to the ActiveX-based architecture being criticized for being fault-prone. By 2005, some experts maintained that the dangers of ActiveX have been overstated and there were safeguards in place.[71] In 2006, new techniques using automated testing found more than a hundred vulnerabilities in standard Microsoft ActiveX components.[72] Security features introduced in then recently released Internet Explorer 7 mitigated some of these vulnerabilities.”
http://en.wikipedia.org/wiki/Internet_Explorer
I worked mostly on Mac10.6 and use chrome with no problems. And I played with Linux Ubuntu. I feel that the Linux browser is the fastest from start up to rendering compare to Mac and Microsoft. (Tested on the same connection and same browser). I worked for mostly 4years on the Mac pal on the internet and never had a problem with a virus or a hacker.. I know if they target me they will surely find a way to come in my computer.
Just wondering where Opera fits in this survey on browser security?
Opera is based on Firefox so I would imagine close to its’ ranking.
Opera is not based on firefox. it is not based on any “popular” browser. Actually Opera is much older than firefox. first version of opera released in 1995.
Vindicator is right, Opera is a 100% indepent browser, Firefox is a “new” release of Mozilla, and Mozilla was born when Netscape decided to make public the Netscape’s navigator source code, and then, Mozilla was born and some time later Firefox (Mozilla Firefox to named it with the real name). Opera sadly is not opensource but is one of the pioneers in user’s tools, many of the “new” things that IE, Firefox and Chrome have, are in Opera from years ago.
I wonder why in the tests don’t test Opera too, if it’s a good browser.
Well, I use opera and haven’t had a problem yet! going on a year now.
Yeah, I wonder also why Opera isn’t mentioned at all. At least some years ago it was one of the safest browsers with 0 known security issues. I’ve been using Opera ever since (and still use)
Open Source browsers generally fare better as vulnerabilities are seen sooner and fixed by a much bigger number of developers. Firefox has NoScript and RequestPolicy to completely lock down security and privacy. As regards Add-Ons Firefox is probably the safest browser as any Add-On hosted on addons.mozilla.org is strictly security reviewed and has to fully disclose and add privacy statements if it uses any data of the user.
If everybody would just go back to Netscape Navigator, all the problems would be solved..
Firefox _is_ factually Netscape Navigator. Just a very modern version of it.
Yep, Firefox is basically the latest morph of Netscape.
The Microsoft dirty little secret is to blame applications and browsers for being insecure and causing problems.
As I pointed out above, applications and browsers can act as a conduit for allowing access to existing security holes in a particular OS. Unfortunately, to be competitive in the market, Firefox and Chrome have taken it upon themselves to try and remedy this situation hole by hole, problem by problem — it’s wrong and is not their job to try and (externally) fix Windows.
Believe it or not, Linux is secure and does not require AV protection and concurrently sister versions of Firefox, Chrome, Opera, Chromium and Lynx running on Linux do not have issues (for me for 10+ years of family use).
Articles blaming Firefox and Chrome for security problems don’t communicate that the issues are fixed by Microsoft Critical updates (to the OS) months later. Too late for anyone to connect these faults to the original articles condemning the applications and therefore serving Microsofts’ propaganda interests to regenerate Internet Explorer use for their data gathering and online advertising ambitions.
I am starting to think you need to find a microsoft haters support group. Deal with it man. The browsers DO work to provide security. I have no problems using Firefox on XP or windows 7. Without Anti-virus. I don’t get viruses because I know how to avoid them, which is also why you are successful at avoiding them on Linux.
False.
You are saying they are equal, and they are not. I don’t do anything to avoid bad sites and I have no qualms about clicking on any email attachment I find. I’ve have even clicked on email attachments I knew were bad.
When I install Linux for schools (without any AV), I don’t tell them anything or train them to avoid sites. Linux Mint works very close to Windows so I don’t even have to train them on the operation of the program.
I will say that you never used Linux and it’s not possible to discuss this unless you give it a try. My suggestion is LinuxMint 12 with Cinnamon from linuxmint.com.
Don’t even think about using AV or think about what sites you visit. I guarantee, there is no skill or trick involved when you are using a secure OS. That’s it, I can’t take any credit of it.
Major Linux website tells users AV is NOT necessary.
“It’s safe and reliable. Thanks to a conservative approach to software updates, a unique Update Manager and the robustness of its Linux architecture, Linux Mint requires very little maintenance (no regressions, no antivirus, no anti-spyware…etc).”
http://www.linuxmint.com/about.php
And what about Opera? Another good browser. Anyone know how that fared?
Opera is not exceptionally at risk compared to IE simply because as the backwater antique pedal boat there is not much to go wrong with it. No one is looking to attack it because well realistically no one wants to use it as its compatibility with newer internet protocols falls further behind.
I use several products on my computer including Opera, Ijeannie, off by one browser, IE, and Fire Fox. I had Chrome but found it to be annoying in that it tried to operate even when I was using FF instead. I removed Chrome after I began getting script warnings from the program when I was not using it.
Over all by experience…, I like Fire Fox as a great browser that is up to date current and capable of keeping up with the internet and future developments. If you want security get Zone Alarm and a great antivirus like Avast.
I was using Firefox with Zone Alarm, and ended up having to take my computer in for major overhaul. My computer guy told me he’s seen virus infection sneaking through both Zone Alarm and Norton, but NEVER through Microsoft’s security suite that comes with Windows XP. Since beginning to use that I’ve had no virus problems.
The problem with Microsoft is the design of the Windows Operating System. (even from the beginning)..
Nothing external is ever going to provide proper protection, not ZoneAlarm, Norton, Mcafee, Symantec, Microsoft security gadgets, Firefox, Opera, Chrome, IE, etc.
Think about these protections, every listed program above is trying to prevent external exploits into a preexisting opening in Windows itself, always something Microsoft didn’t notice or see. Microsoft doesn’t care or worry about these faults because customers are willing to spend time, money and effort to take it upon themselves to identify and externally fix the problems.
Think of company “M” selling a 100′ rubber garden hose. They have a lot of money to advertise all the fancy colors and sparkles on the hose and every couple of years they come out with a new model. They charge hundreds of dollars and have enough clout to bully all the garden centers to carry their model. Unfortunately, their hose has millions of tiny holes because they don’t want to spend the time and money to make a good hose. The people still buy the hose and believe they are responsible (through propaganda) to find ways to cover the holes. In fact, they staunchly defend company “M” even with all the problems created by the holes. They compare all sorts of programs to see which on is better at covering the holes, but don’t realize the holes are in the hose to begin with – and allow the unauthorized access.
Company “L” Makes a 100′ rubber hose also, but it has no holes. It can use any browser and doesn’t need AV and has a proven track record of never leaking. No holes means no unauthorized access from programs or browsers. Suddenly browser security is not an issue. The company is very serious about quality control and constantly inspects every millimeter of the hose for problems and instantly corrects any issues. They feel so good about their hose, they give it away for free. People using the brand “L” go 10 years without AV, use Chrome, Firefox, Opera and Lynx browsers without any problems or interruptions at all.
It remains a mystery that anyone using brand “M” and paying protection money for AV on a faulty system and worrying about which browser is more secure is not able to figure out that they are being exploited by a snake in the grass.
William’s remarks on Opera make no sense whatsoever. If Opera really was “the backwater antique pedal boat” then you would assume that it would be more easily hacked than another browser with more sophisticated defences. In fact as anyone who knows anything about browsers knows, Opera has always been in the forefront of technological development and has frequently been copied years later by its rivals (eg tabbed browsing)
Yes, Opera is very advanced and a lot of the features were copied to other browser.
Chrome I would trust the least because they actively track every user for Google marketing use.
I don´` t trust chrome, google is like “big brother is watching you”.
You are totally right
Chrome and Google has never been a privacy problem. If you stop using Google and Chrome, you are cutting yourself off from exceptional quality (free) products.
Chrome is my favorite browser since even before it was oficially released and I’ve been Using Gmail since 2005 and have over 70,000 saved emails. I have never had any problems with Chrome and Gmail. I even switch all my computers over to Google Public DNS because it never crashes or stalls, is much faster and phishing protection built in. http://code.google.com/speed/public-dns/
No one seems to ever have a lick of common sense when discussing Google and it’s motivations for keeping things private. Google would lose a ton of money if they had to invade your privacy verses using the automated system they have now. It’s basic logistics.
When you go into a Super Kmart and see one register open and a person at the security desk and see 150 security cameras, they can’t man all of those cameras by live people. Do you know the immensity of the data going through Google? It’s just foolish (and not feasible) to think someone is reading you mail individually.
If I’m interested in SATA 3, 2.5″ hard drives, with hybrid technology, FDB design, 7200 RPM operation and shock protection and I write about it to a colleague in an email or search for it using Chrome, and I get 4 Google Ad-Sense text ads about it, with free shipping, do you think it’s going to upset me? On the contrary, it’s a timesaver. What if I’m restoring an old 1970 Corvette and need engine parts or a new chrome bumper? I see text ads displayed restoration parts for old Corvettes. Google wins, the company wins, I win. No privacy problems there. There is no financial incentive for Google to invade your privacy. Are they going to hire 30,000,000 people to individually read your email, when each person probably has 10-30,000 emails?
If you want to worry about privacy issues, worry about Facebook. I have seen some really wild tings going on there.
Here’s where the privacy issue comes in: Google demolished the barriers between all its products so that they can share your information. You’d think that wouldn’t be too much of a problem, but it is. As long as you’re logged in to your Gmail account (as I am, all the time) if you want to write a comment on any site that has a relationship with Google, you may be required to log in using your existing account/s with any number of other sites before you can post. So no more ad hoc comments, and since some sites report on your activities when logged in, those activities get posted back into your now-logged-in account.
It’s the loss of compartmentalization that’s been the key. For example, for some CNN sites if I want to post a comment but I don’t want to log into my WordPress account in order to do so, I can’t post – the CNN site looks up my Gmail account, sees that it’s connected to WordPress and demands that I log in to WordPress first before it will allow me to post. So I can’t keep my activities separate the way I used to – they’re becoming interconnected in ways I don’t like and don’t want. The only solution – if Google won’t stop sharing my details – is to dump Google. And as they continue to acquire more companies, the pool of opportunities for keeping things separate diminishes.
Reply to Peter.
I just think it’s simpler for Google to have a uniform privacy policy for all their projects. It’s less complicated and If people are complaining their existing privacy policy is getting too immense, it would be way too difficult to manage. By having one privacy statement and one authorization, takes away the complication. Just my opinion, it makes sense, Google has introduced a tremendous amount of new products and services. Why should you have to agree with two dozen separate privacy policies?
You can turn all those features off, which even increases the speed of your browser.
Or, if you don’t want to do that by yourself, download Iron. It is a Chrome build without all the Google features in it.
That’s the reason I use MPC Kromi.
I tried an early version of Chrome and found, even when the browser was closed, my Zonealarm was reporting it trying to connect to the internet.
Since then I have been very wary of Chrome as I don’t trust any software which wants to talk to the internet “behind my back”.
Then turn that feature off. Chrome keeps itself running for it’s webapps, so that they load faster and you can still get popups for mail for instance.
I have been using Opera ever since AOHell bought Netscape and botched it up. Between using Opera browser, keeping the updates for WinXP in order, running antimalware, and running a bidirectional firewall (ZoneAlarm), I’ve avoided problems with malware, spyware, trojans, and adware on my system. IE is only used to run updates to Windows; Firefox is my backup browser, and Chrome (and Google) are not trusted much; I use Yahoo and Hotbot search before Google.
I think it would be better to just stay off the internet until they figure it all out…
Yea, and apple products don’t need protection either. Keep believing …
After looking through some of the responses. At no time did i see anyone ask. With the ease of how the hackers walked through IE and even wrote data on the harddrives! Was that tested with or without th ZA IE plugin. And if this was done without the ZA plugin. Would ZA stop this kind of attack. Im just saying.
You mentioned the 2011 Pwn2Own conference, but didn’t mention the results of the most recent Pwn2Own 2012 conference, where Chrome was the first browser to be hacked. This was hacked so that code could be executed from it, not just files written. Safari was also hacked that same day, but they do use the same toolkit.
For those asking about Opera, it was not included in the competition. It’s my personal favorite, but I still take other precautions when using any of these.
I think Chrome is the safest of the them all. I don’t think there is one that is absolutely safe but I have used all three and am happiest with Chrome, however I still protect my computer with antivirus, firewalls and anti-malware.
I use latest Mac OS X (10.7 at the moment) with three different browsers as I have three Google accounts to save three different kind of web histories. Google Chrome is for technology and news searches. Safari and Firefox are for entertainment searches (video games, movies, actors, singers). No third-party antivirus, antispyware or firewall software needed (I do have browser and OS updates and built-in firewall enabled).
Regarding privacy, I don’t care about saving my search history as I intentionally decide what to search for with each account to get faster results depending on what kind of information I’m looking for.
I have never had a credit card, so I can’t buy anything with credit cards, so it doesn’t matter what kind of advertisements I see, because it’s more difficult to buy items without a credit card. And my credit card information can’t be stolen, because I don’t have one.
Of course, I do have PayPal and I can use bank transfer, if I really want to buy something online. But I have never bought anything when I’ve seen an online advertisement on a web page, so search engines can know what I’m interested in.
I dont trust Chrome and as said it is constantly doing something behind my back! Also Google update service is running all the time and cant turn it off . Most important i only allow cookies on certain sites and Google will NOT allow you to turn them off or choose who you accept .
You can turn Google Update off – it’s a service. Try Start > Run > services.msc and select Google Update. Click on the link for Stop service. HTH
How could Firefox ever be less secure than Internet Explorer? ActiveX, anyone?
or java, or… There are a myriad of ways to get data mined, or to inadvertently allow access. I have not been on linux in years so I don’t know how it looks or works but as I remember it, it does not have the pretty flashy aspects of windows and macintosh(apple).
Interesting article and thanks to those who commented. I’ve just installed Ubuntu on a secondary computer, so I can get familiar with it and may install it on my primary computer eventually. I was inspired to do this after reading some articles about the data mining that facebook and google are doing. I am more concerned about big brother looking over my shoulder than I am viruses or malware, although I do run AV.
lumberjack, if you are truly worried about big brother then the only thing you can do is get off the internet. Internet companies are bound by a supreme court decision over a decade ago to maintain records of all activity by it’s customers. This information is available to all law enforcement.
Firefox blows everyone out of the water in speed AND security. Internet Explorer ‘reports’ everything back to Microsoft and Chrome does the same with Google. Firefox is open source and there fore no profit by it’s very nature.
Google Chrome is open source too, sort of. It’s entirety is based off of Chromium, but with added features like auto-updating, a new logo, and tracking data. Chromium doesn’t track your usage and is 100% open source.
I’m not playing favorites as I always use more than one browser including Linux (my favorite) but when Internet Explorer 9 came out it was tested heavily against the top 3 browsers and hands down was voted the most secure browser on the mainstream market. Note the word mainstream.
Linux is a browser now?
Internet Explorer 9 has a tremendous number of issues, (issues that allow intrusion into the Windows OS) but remember the browser should not be a factor if the OS itself is secure, which Windows is not.
Try Linuxmint 12 with cinnamon and discover that browsers aren’t a security issue and don’t make any difference in security because the OS itself does not allow intrusions. People here can’t seem to understand that concept.
Startpage is the best – they do not track ANYTHING. Use the most obscure browser for the most safety.
Startpage is a search engine. not a browser
Amit is right. But also:
“Startpage collects limited information each time you visit our site, so we can improve the overall quality of your online experience. We only collect browser and platform type and register the date and time you visited the Startpage.com site. Like most standard Web site servers, we use log files to collect and store this anonymous user information.”
If you want to be safe then run a virtual machine and use it for all your web surfing. To ensure safety, run Linux in the VM and use Chrome. After using the VM, restore it from a known-good snapshot.
Whichever browser I use, I always run it from inside a sandbox (using the free program Sandboxie). Anything downloaded (such as cookies etc) gets put in a safe area then automatically deleted when I close the session. Since using it I’ve had no adware or spyware and certainly no viruses. I still have Zone Alarm and Avast antivirus running.
Use Sandboxie intelligently and you don’t have to worry about which browser is most secure.
I use Stealth browser, does anyone know about that one? It doesn´t keep any data and respects privacy. It was recommended to me by an IT friend. Now I´d like to find a safe email service that respects privacy too, as I HATE big brother tracking and controlling us everywhere.
Try Hushmail.
Uhm, regardless of software. Big Brother requires internet providers to maintain information on the activities of it’s customers and that information is available to all law enforcement. Not a thing in the world you can do, the supreme court allowed this back around 2000.
“Firefox was deemed the least secure in the study”…. “Interestingly (and contrary to the Accuvant study findings), Chrome and Firefox both resisted hacking attacks during the exercise.”
So which is it – least secure or just as secure as Chrome for Firefox???
The bias seems to be based on Chrome but to put the boot into Firefox without any examples is a little unfair.
Chrome is too nosey for my liking. Don’t get me wrong – I like Google but let’s just say if Chrome was a woman I wouldn’t marry her! Not unless I wanted every aspect of my life to become public knowledge.
If an OS allows a browser to be a conduit for the purpose of infiltrating and controlling the OS, escalating privileges, and allowing personal financial information to be compromised, you should not be looking at any browser to be the salvation. It’s just so wrong on so many levels to expect a (running on the top of the OS) application to somehow be providing security for the OS. It is a really, really shabby way of looking at things and it underscores how Microsoft’s propaganda machine works. Just read these posts, these poor people are blaming a browser for security issues while totally ignoring and forgiving the real culprit, the Microsoft OS. Microsoft has proven itself as being an insecure OS for decades. Unfortunately, Microsoft users have this notion that all OS’s are insecure and work like Windows does, which is totally untrue.
Try Linuxmint 12 either as a dual boot with Windows, or on another computer without AV and just try to get yourself infected from the web. Use any of the 30,000+ free applications in the software manager and you will experience a powerful OS without any security worries.
Does zoneAlarm have a web browser? Please let me know.
Zonealrm is a primarily a firewall for Windows users, but now I’m seeing that they are also offering anti-virus security for Windows and also as security for the browser you are using with Windows. But they don’t make their own browser.
Linux doesn’t use AV and the Linux firewall is built-in. I used to use the ZoneAlarm free firewall may years ago for Windows.
I used ZoneAlarm for years and loved the feeling of security that nothing came in and nothing went out without permission (either added to a list or “ask me”)
When I switched from Symantec to Vipre Antivirus, Vipre was not compatible with Zone Alarm. I’m looking for advice on whether to abandon Vipre and go to another (recommended) AV. Would appreciate feedback.
I figure that virtualization is a big step towards making browsers more secure. This is why I am using Extreme Security. The problem is that the virtualization deployed in Extreme Security has a bug and does not work on my laptop with Windows 7. Hope this gets fixed sometimes.
Why not go with no security at all. Just use Windows by itself with nothing?
You are never going to be able to do that with Windows because Windows has the problems and will fail you in absolutely no time at all if you run it without protection.
I’ve used Linux for over 10 years without any external protection. If you (and other readers) are that concerned about security, you should at least give it a try. I’d recommend Linux 12 with Cinnamon (Cinnamon is installed from the Software manager)
It’s worth a try and it’s free. http://linuxmint.com
firefox is the best browser, the latest version doesnt even crash, old version do crash.
Firefox is the most secure one.
Interesting, BUT have you read Google’s privacy “guidelines”? Using Google Chrome is like letting the fox in the hen house.
I have 72,000 archived emails, some with attachments. I’ve had Gmail since 2005 and never experienced a privacy issue or problem. Google uses aggregate data and uses robots to scan your messages for key words. Nothing medical or any medical terms are scanned. In exchange for allowing Google to post relevant text ads on your border, they allow you to use their services for free. Google is Linux, 100%. Even if you use Windows, every time you use Google you are using Linux. That’s all they use on their 1,000,000 plus servers.
If you don’t want to use Google, fine, but don’t give it up for misinformation on things they don’t do and never have done. There are too many idiots out there posting negative things about Google. Ask them what issue they personally have and they stick their head in the sand. It’s all hear-say nonsense being repeated in the blogs and believed by uneducated people.
Actually Joe, that’s not so – Google use a technology that they bought in from a company called Applied Semantics, and it scans every word in your email, determining the correct context in order to decide whether to serve up ads and if so, which ones. I did some work for AS just as they were being acquired. It’s fascinating technology and a long story – AS’ initial click-through rate for ads was double that of everyone else, even as they were gearing up to improve it (which they did – in the following six months they doubled the rate again, and were on target to increase it considerably again – so not surprising that Google bought them up).
Context is very important and it’s where AS’ approach scores bigtime – and I’d be most surprised if Homeland Security and attendant departments monitoring traffic don’t use a similar technology. You don’t for example want to push panic buttons if an email contains the word “bomb” when the context is a theatrical production…
Hi Peter,
I’m not familiar with the actual technology, but the end result is the same. They scan your text and check the key-words “contextually” for
conformance with their advertising parameters. I would assume it’s something, like you said, is constantly being improved up and updated. New technologies like tri-gate 3D transistor would have to be added to the libraries.
The bottom line is that there is not an intrusion or privacy invasion if you agree to let them do this in exchange for free services. It’s disconcerting to see Gmail users who agree to the terms and then demand total freedom from scanning and advertising and call it an invasion of privacy. It’s just not fair to Google.
I use Google Chrome 64-bit for Linux, Google Earth for Linux, Google DNS (8.8.8.8, 8.8.4.4), Google Maps, Google Gmail, Google Search, iGoogle for RSS feeds, Google Picasa for Linux, Google Documents, Google Calendar, Google Call, etc.
I did notice that generally people finding fault with Google Privacy are really doing things on a computer that they shouldn’t be doing (things their mother should not be seeing) and have a fear that Google is spying on them. So, even though there is no threat, they are fearful of Google. LOL, like anything you do on the internet is more secure than sending a postcard.
It’s not so much checking keywords but identifying concepts based on the content of your total email, and then determining whether (a) there are ads that might be relevant and (b) whether the context is appropriate for serving up ads (so that, for example, if your email is notifying someone about a death in the family you don’t see ads that offer do-it-yourself coffins followed by other woodworking-related materials).
There are massive ontologies that contain terms relating to just about everything so any new technology that arises is immediately added to the appropriate ontologies.
Where the privacy issue arises is in the loss of compartmentalization – in object-oriented terms this would be the equivalent of exposing all interfaces and all internal variables to external access.
Down the road what this will mean is you won’t be able to post a comment into some sites without first logging in to – for example, Facebook – simply because the contact email address you want to use happens to be the same for one of Google’s affiliates. Maybe you don’t want that comment posted on your Facebook page – but the privacy change means you now have no choice. It’s already happening – I’ve experienced it myself.
Right now it means that if you want to post comments to a site, the best policy is to log out of all Google accounts before you do so. Since folks like me prefer to stay logged in 24/7 that’s an annoyance now, but it could get worse later.
Oh, and Google scan attachments too (I’m assuming they don’t bypass any password protection).
If it’s allowed, I’ll post a reference for AS below.
http://newsbreaks.infotoday.com/nbreader.asp?ArticleID=16713
Thanks for the clarification. I think of some posts from the past that said if you don’t want Google, then don’t use it. Which is something that can be done 100% effectively. I haven’t experienced the need to do it or found anything that interfered with my other websites.
However, I’m shocked at some of the things I’ve seen related to Facebook. I feel that they have really crossed the line. I don’t participate in Google +, but my Facebook account is in danger of being deleted because I don’t use it and I don’t have time for it with all the other computer work I do. Also, most of the friends are not people I contact in that manner. If I need to contact them, I would write an email rather than post on a wall or use Facebook email.
Thanks for your input on the scanning mechanisms. It’s pretty proprietary stuff that no one would normally have access too. I still don’t find it a problem or offensive, but I do use Ad-Block Plus on Chrome and Firefox and it is extremely effective, so I haven’t seen any ads in a while. I still think the logistics of what Google does precludes the main concert of most people who are complaining. They are concerned about “someone” or some individual actually reading their information. The answer is that it’s not done, first because of the manpower and labor required and second because their is no financial reason for Google to do it.
If you use ZDNet, they are bad because they are a Microsoft propaganda publication and use active filters to censor posts and replies if they support or educate about competing Microsoft products. You post and any replies will be deleted if you type “linuxmint.com” or use certain other competing Microsoft keywords or links. Google, even for supplying ads, doesn’t compare to the evil of ZDNet.
I installed LINUX MINT, today. DO you thank I should unistall it?
Personally, I’ve been using Linux and LinuxMint for over 10 years without anti-virus and without any problems.
If you have a dual boot, I would keep both, but if you do online banking or work with retirement accounts, I would always use Linux.
If you have a Microsoft program you like, you can still select Windows from the boot menu when you first start up the computer.
I downloaded Linux, but they didn’t install as my web browser.
Linux is not a web browser, it’s an operating system like Windows. It has Firefox built in along with LibreOffice, which takes the place of Microsoft Office. All for free, plus you don’t use Anti-Virus which saves money and time.
Here’s the link for the Linux Mint User Guide .PDF file. This may help understanding the installation and operation of Linux Mint.
http://www.linuxmint.com/documentation.php
“The purpose of Linux Mint is to produce a modern, elegant and comfortable operating system which is both powerful and easy to use.
Started in 2006, Linux Mint is now the 4th most widely used home operating system behind Microsoft Windows, Apple Mac OS and Canonical’s Ubuntu.
Some of the reasons for the success of Linux Mint are:
It works out of the box, with full multimedia support and is extremely easy to use.
It’s both free of cost and open source.
It’s community-driven. Users are encouraged to send feedback to the project so that their ideas can be used to improve Linux Mint.
Based on Debian and Ubuntu, it provides about 30,000 packages and one of the best software managers.
It’s safe and reliable. Thanks to a conservative approach to software updates, a unique Update Manager and the robustness of its Linux architecture, Linux Mint requires very little maintenance (no regressions, no antivirus, no anti-spyware…etc).”
Is Zone Alarm a web browser, please let me know.? I need a good browser. Would like to know of a really good one.
I think on some level the fear that a Google employee might read your email must be founded in reality – Quality and all that. To make sure the technology is doing its job, there has to be a manual intervention at times (regularly).
I spent years before I made the switch to Google’s Gmail, and only finally abandoned my pay-for-service email accounts last year (which I can’t resurrect because of financial constraints I have right now). So while it’s true to say all I have to do is NOT use Gmail, now I have to find an alternative to Gmail (and there are a few, but only a few and frankly I don’t trust ‘em) and test them as I tested Google.
Contrast and compare Double-Click: over time, the company bought up all sorts of mail order companies and began connecting the dots between snailmail data and online data, against the wishes of the subjects of that data.
I use my hosts file primarily to keep my system (not just my browser) from visiting undesirable sites. From time to time I run Ad-Aware to clean up anything that crept through (I run XP Pro SP3 because of legacy commitments; my Linux/Debian system went belly-up after Grub tried to update to V2 and failed, crippling the system and I’ve not had the time necessary to devote to try and resurrect it).
I’m not an MS fan, having seen first hand how badly the company not only writes software but also conducts its affairs. Long story. I’m a Mac fan – another long story.
The privacy issue with Google extends much farther than many realize. Why do I stick with them? Because they took the high road and I liked them for that; now they’ve dropped their standards and I want them to go back to what they used to espouse rather than leave them to reduce their commitment to “do no evil”. I have more loyalty to them than they have to me.
Google is being far more than biased here. Anonymous has many many members, and a hacker’s job is not just to take down security measures.. it’s to put them in place as well. Firefox is what we all use. There are Mozilla Corporation SPONSORED addons to protect you. Besides, if you have ZoneAlarm Extreme Security, you’re fine anyway. Happy interneting.
Expect Us.
I have used Windows since 1995 and I have Windows 7 Ultimate 64 bit. I also have used Zonealarm and Firefox for at least 15 years and have not had any viruses or hackers get in. I also use a good router. Zonealarm blocks all ports and warns you and gives you a choice before you proceed with something. I am quite happy with my system.
So what anyway if Windows and IE are the most insecure..
Ive been using Windows sence 3.1, when and if it finally does get an infection that I cant get rid of, Just means its time to format and clean anyway! I’d much rather use the easy, omni, friendly ~ Windows than any other BS, i mean OS.
Real Computers, are “Windows” everything else is trying to be.
You have it back to front: Windows is the one playing catchup, as can be seen by the progression of Windows towards *nix standards.
You really should try LInuxMint. It can run off the DVD without changing anything on your hard drive. If you go through with the default install, it will create a dual boot setup, preserving your Windows. When you start the computer, you will have the option to choose between Windows and Linux. (it will reduce the open space on your Windows partition to make room for the Linux install.)
Linux does not get infected and does need anti-virus.
When done, open the terminal window and type in:
sudo apt-get install cinnamon
Type in your password.
using Opera for few years with no problems.
plus it has some unique, useful features.
give it a try.
The biggest security hole in most systems is the user. As long as that hole remains open, minor differences between browsers ain’t significant.
In fact, comparisons like this one are counter-productive: now many readers will go and get Chrome, and become even sloppier regarding their security just because they are running the “safe” browser, so why would they worry?
The biggest security measure we can ever take is to educate users. This is ZoneAlarm’s blog, so most people reading this will probably know that you should never open unsolicited attachments, don’t trust messages that tell you to paste some javascript on your address bar (even if that no longer works on recent browsers!), and so on; but most users will still fall for those and many other basic tricks.
so much back and forth. let’s keep 2 points of in your face facts. all browsers can be made insecure due to user mismanagement of configuration settings of browser and OS. second, if all software is properly patched and users are properly trained, many security issues would never happen. bottom line is if as a user of your ie, chrome, opera, firefox, etc, if you did not click on that link, email, or go to the most popular websites everyone else uses your rates of infection go down.
I have used Linux for secure work and Windows for other work for over a decade. It’s not so much the browsers that are a problem as the Windows OS itself which is insecure by design. Of course Windows has improved but it is still possible to get programs that execute things that you would not want executed on Windows. This is great for setting up stuff easily, but security takes a hit. Linux will never allow the execution of anything that you do not yourself initiate. That is what makes Linux extra secure, apart from the fact that it is less likely to be targeted.
100% security is an illusion, that will never be met. Only after hackers have found a new way to breach security, software will be updated. So there is a hole first and only then the sand to fill it, not the other way around.
Security is also an issue of common sense and reliable anti-virus and anti-malware on your own PC. laptop, netbook, mobile application etc. Most trouble comes through users own lack of investment in security.
Simple solution as William Benton stated. Create a VM in Linux, then you clone that virtual machine so you don’t need to reinstall it. Use the clone of Virtual Machine and go online and enjoy yourself. Once you have finished delete the cloned copy of VM and recreate a new one every time you decide to go online. That will be the most secure way.
As for secure operating systems most of the mainstream OS’s are insecure, but Windows 7 has changed the way. More secure by default and unless you run everything you download and bypass the windows warnings then you deserve the problems. To the person that had ZA and Norton and got a virus and was told by his serviceman that windows is more secure, well he meant windows is more secure than Norton. Just the name alone sends shivers down my spine. Get a decent anti virus and a good firewall, if you are behind a router you can do without the firewall.
Linux doesn’t install any application that you want unless you give it specific privileges (by typing the password), that way alone makes it secure and that is the way it should be. Also if you install from the package manager you will find all those programs have been checked before they are put up on that list.
Why would you install any program on windows without any input from you, what have you just installed? Seriously it is just plain crazy to allow programs with unrestricted privileges to install themselves without input from you.
Next time you get a moment read the licence agreement from Microsoft and other big name brands like Apple and Google. you will be shocked at what they cover. about the software. It’s like what you see is what you get and bad luck if it stuffs up your system and/or files. Zilch
The gap is narrowing between Linux and Microsoft. AV is available for Linux (Clam), but it checks for Windows malware that only affects Windows computers.
If you are using Linux and are getting ready to give a lot of your files to a Windows user, you might want to scan the drive of files for Windows viruses. Otherwise you might literally wipe him/her out in one shot.
I’ve converted schools to Linux and people can immediately start working without any training. I never set up AV with Linux and I don’t get callbacks.
I just downloaded Linux. I hope it wor ks good for me.
Congratulations Deloris.
The file you downloaded is an image file called .iso. It will burn to a 4.7 GB DVD. If you existing Windows computer does not have an option for burning an .iso file to a DVD, you can download a free one for Windows. It’s called Active Iso Burner 2.5 and you can get the free download here:
http://www.ntfs.com/iso-burning.htm
I usually set the speed to 1x when burning to provide the most readable disk. Once you insert the DVD and restart the computer, you should see the desktop with the “install” icon. You can use this desktop and try things out without installing anything. It’s called a “live CD-DVD” and runs everything off the CD-DVD or the computer memory.
If Windows still comes up with the DVD inserted, you have to go into your bios settings for boot order (When the computer starts up, press F2 or Del while booting) to position your CD-DVD drive to boot before your hard drive.
Changing the boot order of the “bootable” devices on your computer like your hard drive, floppy drive, optical drive, etc. is very easy. The BIOS setup utility is where you change boot order settings.
Turn on or restart your computer and watch for a message during the POST about a particular key, usually Del or F2, that you’ll need to press to …enter SETUP. Press this key as soon as you see the message.
Note: The boot order is a BIOS setting so it’s operating system independent. In other words, it doesn’t matter if you have Windows 7, Windows Vista, Windows XP, Linux, or any other PC operating system on your hard drive or other bootable device, these boot sequence change instructions will still apply.
– http://pcsupport.about.com/od/fixtheproblem/ss/bootorderchange.htm
The default install (1st option) will reduce the size of your existing Windows partition and install the Linux partition and the Linux Swap partition in the new empty space. This “Dual Boot” arrangement will not damage or remove Windows and allow you to select either Windows or Linux every time the computer is started.
Good Luck!
I would like to say that hackers and those who have created infectious vermin on the internet biggest contribution has been is to create a giant computer health care industry making millions of dollars for those who created these companies and you have robbed the everyday computer user of processing power because more and more of the computers’ processing power is taken up running soft ware to take care of these problems. Thank you for ruining the computer experience for those of us who simply wish to travel the internet highway with out fear of highway bandits. Our computers are not all they can be because of you. Hackers of the world clean up your act and become protectors of the system by shutting down the abusers and give us our computer back.
I have only a little Linux experience and I was puzzled by the claims that Linux doesn’t need antivirus, since I felt that no operating system is immune (look at StuxNet for an example of how a virus can be written to target an industrial controller that isn’t even connected to the Internet), so I did some rummaging around and it does seem to be true that Linux is really only at risk from infection when connected to Windows systems, which are more vulnerable AND targeted more often, or when running Windows emulators such as Wine (ref: https://help.ubuntu.com/community/Antivirus).
That would translate into a different experience as far as browsers are concerned for Linux users – they don’t see the same problems.
So the criticism that discussing the effective security of a browser is meaningless without at least including the OS in the conversation is valid, IMHO.
Stuxnet exits completely if it does not find Windows.
”
The first task in export 15 is to check if the configuration data is up-to-date. The configuration data can be
stored in two locations. Stuxnet checks which is most up-to-date and proceeds with that configuration data.
Next, Stuxnet determines if it is running on a 64-bit machine or not; if the machine is 64-bit the threat exits.
At this point it also checks to see what operating system it is running on. Stuxnet will only run on the following
operating systems:
• Win2K
• WinXP
• Windows 2003
• Vista
• Windows Server 2008
• Windows 7
• Windows Server 2008 R2
If it is not running on one of these operating systems it will exit.
Next, Stuxnet checks if it has Administrator rights on the computer. Stuxnet wants to run with the highest privilege possible so that it will have permission to take whatever actions it likes on the computer. If it does not have Administrator rights, it will execute one of the two zero-day escalation of privilege attacks described below”
Refer to page 16 of the following Symantec .pdf file on Stuxnet.
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdf
What I found interesting was that StuxNet relied on a human behavior to propagate from the ‘Net to a system that wasn’t connected to it (a thumb drive belonging to a contractor that was carried to the unconnected system as I recall).
I remember the days when your system could be infected by a fresh, shrink-wrapped, empty formatted floppy that was left in a drive as the system was rebooted…
Yep. The good old days when the worst you could expect was the CD drawer opening and closing like it was haunted, or the letters falling off your screen.
I can honestly say, that if you are maintaining other computers, maybe 10-100, it is much easier with Linux. I have converted schools over to it on old Dell Optiplex GX-270′s and that was a year ago, and haven’t received any problem calls. I didn’t use Any AV and installed Linux Mint 11. The LIbre Office, even for the director, worked great.
In my case, my daughter went to Linux (exclusively) in Freshman year of HS and is a sophomore (at the dorm on campus) in college with no problem calls. All of her assignments were done in OpenOffice and LibreOffice. Overall, we’ve been 10 years with no AV and no infections.
I use Internet Explorer as it allows the Zonealarm addon 4 better security.
Bah, that’s bullshit, and you know it.
I didn’t read all of the comments here, but they should have waited a few days to post this one. In this years Pwn2Own competition, the highly touted Chrome browser was the first to fall showing that all browsers have vulnerabilities that can be exploited. Just because the (sometimes) rabid fanbase of that browser claims that it is not hackable does not make it true…
Problem was with Windows.
[i]“VUPEN co-founder and head of research Chaouki Bekrar and his team [b]used a pair of zero-day vulnerabilities to take complete control of a fully patched 64-bit Windows 7 (SP1) machine.[/b] As part of the new competition format, VUPEN will earn 32 points for the successful Chrome exploit.[/i]
Exactly what I have been seeing, wake up people, it’s not ANY browser, it’s the OS letting the intruders in. Windows is horrible.
Chrome runs without ANY problems on Linux.
No browser should be blamed or held accountable to correct poor design in the operating system it runs on.
Who are you paying money to Microsoft or Google?
I have used Firefox for several years…MUCH better than Internet Explorer …it is so slow an crashes to many times..while Firefox is fast an looks good..many items can be added that I need.
LOVE THAT FIREFOX !
Microsoft hates Google, Firefox, Linux and Apple. They have proven their intentions for years by trying to build and maintain a monopoly. If you want to see Microsoft propaganda in action, study ZDNet.com for a while. They could make an entire college semester out of the material in a propaganda course.
With all the comments about Google and privacy, who has read the
Google privacy statement – answer: no-one. If you believe x provides more privacy than y on the internet, you have fallen victim to Microsoft propaganda.
Melissa and especially Joe.Smetona,
Thanks for the informed input. More later.
DELORIS, ZoneAlarm is neither a browser nor a free-search engine. It’s a software firewall which analyzes Internet interaction and warns the user if something is suspicious.
Melissa and especially Joe.Smetona,
Thanks for the informed input. More later.
DELORIS, ZoneAlarm is neither a browser nor a free-search engine. It’s a software firewall which analyzes Internet interaction and warns the user if something is suspicious.
REXRICH, have you even TRIED Linux in any incarnation? I’ve been using UNIX since ’82 (WAY before Windows 3.x) and I fell in love with it on the spot. I come from a day before interactive computer access (’68). Command-line access was a thing of the future unless you toggled, or read via paper tape, instructions into the computer. My first language was WATFOR FORTRAN.
The power given to you by the UNIX command shell makes the MS-DOS command shell look like a two-year-old among Ph.D. students. Moreover, the (Bourne, in my day) shell talks directly to the kernel. Layers of protection are built between the shell and the kernel.
These protections were added at the behest of users of the free VERSIONS of UNIX (1 – 7). After v.7, AT&T decided to grab the OS from its developers and license it as UNIX System n. As far as I know, n has stopped at 5.
Most of the features of UNIX were added by v.7, while UNIX was free. Therefore, Linus Torvalds chose that point as his jumping-off point for creating Linux.
The original creator of UNIX was Ken Thompson of Bell Labs. He had previously worked on the MULTIX project, a DoD project to create a secure computer. Ken incorporated MULTIX concepts into UNIX. That’s why UNIX and Linux are inherently secure.
Any more questions? Send ‘em directly to da49gator-email@yahoo.com, and post ‘em here for the sake of completeness.
–de ‘Gator sends
Sorry, folks. My memory tells me that the project name was “MULTICS”, though it’s often known as “MULTIX”.
My first experience with Unix was on an Intergraph Interact 32 workstation in the 1980′s. I remember the stability and quality of it’s operation. I remember typing in all lower case commands, just like the Linux of today. I don’t notice any difference.
Why Opera was left beside ?
I use Opera for many years ans I love it.
I forced myself to keep using Opera for its cross-devices sync which however proved to be short-reaching: internal Adblock is stupid-as-fuck, you can’t sync its rules if you don’t -manually- add them, there is no Addon syncing, there are almost no Addons. All those forced me to switch to Chrome, then to Firefox cuz I need all my Addons I have.
I like Opera and I think Chrome and Firefox have copied a lot of the original features. I believe Opera was the first to develop a lot of the features we take for granted today in the other browsers.
I use Ad-Block plus on Chrome and Firefox (with Linux) and my family prefers Firefox while I use Chrome. I usually install Opera, but don’t need to use it much.
+1
I too use Opera since Opera 6 and love it. What you say is true. Opera innovates and others and others follow.
Infact Opera is more faster in Linux than in windows in every aspect from cold start to browsing to shut down. It is more stable in Linux. Only thing which Linux community talks is that it is not open sourced.
I need to know if any has heard of SANDBOXIE WEB BROWSER. If so is it good? Thanks.
I have used Opera for the past couple of years. I have tried most of the popular browsers and Opera has outperformed them in load time. I have ADSL 2+, a computer that I had built some 5-6 years ago, (slow in todays environment). Internet Explorer (apologies to Microsoft) is lame, slow to load and a pain in the proverbial. The only issue I find with Opera, occasionally a web-site will not load properly, these sites from my exploration have been a couple of pages on Microsoft. Go figure.
I have 2 browsers.
firefox – for normal browsing
opera – for secure browsing
2 blatant lies… Chrome is not the 2nd most popular web browser. Nor is it the most secure web browser unless you take into account that any browsers that has so many defects is more secure by default, ie: if it doesn’t function at all times then at some times it must be considered secure.
Statistics change over time. According to http://www.w3schools.com/browsers/browsers_stats.asp Chrome is the most popular browser to date.
If some one desires to be updated with newest technologies after that he must be pay
a visit this site and be up to date all the time.
I’ve been visiting a lot of internet cafe’s lately and they all seem to have he same problem, The chosen one Google chrome is now the Starwars version of Anakin Skywalker. GC is now becoming a money hog and becoming the next IE. There is NO fast fix for the forseeable future and yes the saying the road to hell is paved with good intentions comes to mind, especially with the auto update set up. WTH happened to chrome!
I saw this a while ago but I think it is relevant. as a safe browser check this from easybits: http://www.magicdesktop.com/
It is disinformation and complete ignorance of Software / OS issues to propagate that it is the OS not the Browser. To be a MS hater or an Apple lover is understandable, however, not to the point of boasting ignorance as to the pros and cons. All OS’s have pros and cons including vulnerabilities and productivity issues. There are hundreds of Linux vulnerabilities (check for CVE’s) and the increase in iOS vulnerabilities is escalating rapidly. All three main OS’s now have AV programs available to protect against the dangers lurking out there. Both Linux and Apple iOS are immune to Virus’ by design. (Mac OS/ iOS is based on Unix). However, they are vulnerable to Trojans and other malware. And they are also “carriers” of Virus’ and other malware.
Rather than live by the ignorance of blaming web browser issues on OS problems, everyone should do the basics of keeping their OS patched and software up to date along with learning secure browsing habits (that are getting more difficult to determine). You should also disable Java unless you absolutely need in it for certain local programs in which case you should enable only during use needed.
Each time I use SUPERantiSpyware it shoes a dozen of tracking malware. The interesting thing is that just about all of them are found on Chrome. Firefox and Comodo Dragon (A chrome based browser) do not have even one.
I use Comodo Dragon and Firefox almost all the time.
I use iStealth- fastest and most secure web browser for android available
I alternate between Firefox and Chrome, but have had to use IE for work, which I don’t like having to do.
One thing I’d really like to say is the fact that before purchasing more computer memory, consider the machine within which it could be installed. In case the machine will be running Windows XP, for instance, a memory limit is 3.25GB. Setting up over this would basically constitute any waste. Make sure one’s mother board can handle your upgrade amount, as well. Interesting blog post.
Do you have a spam issue on this site; I also am a blogger, and I was wanting to know
your situation; we have developed some nice methods and we are looking to trade solutions with others, why
not shoot me an e-mail if interested.
It is perfect time to make a few plans for the longer term and it is time to be happy.
I have read this put up and if I may just I wish to recommend you few fascinating issues or advice.
Maybe you can write subsequent articles
regarding this article. I wish to learn more issues approximately it!
Just use a virtualized IE/FF/Chrome and with local interaction allowed on false or isolation mode full
Chrome makes every computer in my house slow after about a month of running it. I think its prone to virus attacks and malware. One laptop has never had Chrome or Firefox only IE 9 and its the only reliable one. My daughter is forbidden to run Chrome or Firefox on my laptop although I really love Firefox and its features.
. I hate Chrome as my daughter has gotten 2 actual viruses while using it and she has K9 on her computer.
Is ZONEALARM A FREE SEARCH INGINE.?