Google-Funded Study Says Firefox Less Secure than Internet Explorer

[Josh]

Remember when you downloaded Firefox circa 2004 because Internet Explorer was inundating Windows XP with viruses? Those days have long since passed, and according to a Google-funded study carried out by Accuvant, Firefox is now among the least secure web browsers. Naturally, Chrome is the best.

Obviously this has to be approached with a fair amount of skepticism, Forbes points to Accuvant's industry cred for objective reports on security. his particular report calls out Firefox's inability to sandbox code in the browser, thus preventing hackers and malicious code from gaining access to the rest of someone's operating system.

Source @Gizmodo

[Stoic Joker]

Also curious about this report: where's Safari?

That was my first question too. While I've been a long time IE user I have zero faith in Chrome.

[zridling]

I'll take the risk! 

[mahesh2k]

So a company which got penalized for hosting pharama ads and now under scrutiny for search monopoly in EU says FF is risky ? Hail google.

[f0dder]

You can say what you want, but MS has been putting a lot of effort into securing IE in later versions - sandboxing, running in reduced privilege mode (unless you're stupid enough to be running with UAC disabled), ASLR, fuzzing the hell out of their code, et cetera.

What security measures does firefox have?

[JavaJones]

Security is in an Extension. Duh!

Seriously though, they do have plugins running in separate containers now, and I think per-tab protected memory or something. Both things that I do believe Chrome has had for ages, not sure about IE. But I'm pretty confident both IE and Chrome do have more built-in security measures. Most people responding to this report cite NoScript or other extensions as being FF's security ace in the hole, but it's pretty stupid to say that an extension makes FF secure so it's ok that the base browser isn't.

- Oshyan