the Internet has become more and more dangerous place and at a later time, not in small part due to the inherent security risks posed by viruses and espionage. In addition, applications that access the Internet as part of normal operations may have errors in their code that allows hackers to launch attacks against the computer on which those applications are running. Security and safety of digital assets is also at risk because of rapid growth for the cybercrooks threat that the development and implementation of large-scale frauds such as fraud and identity theft.
in light of all this, it is clear that users need to be secure and reliable Web browser between them and the Internet, which will be free of these problems and will not let harmful content invade the computer.
the Web browser industry is still under the control of Windows - bundled Internet Explorer, with a 85% market share, but in recent years a new breed of free, and more flexible and functional browsers have emerged - the most popular being Mozilla / Firefox and Opera. All have received serious security upgrades to help protect against recent scares and protect Internet users.
internet Explorer version 6.0, essentially the same products that were included with Windows AX. BV in 2001. Eighteen months ago, the release of Windows AX. My service pack 2 any significant increase safety; However, it does not eliminate the many loopholes exploited by hostile program code. At present, Firefox is in Release 1.5, but very different development history (see next section) means that this could be considered at a similar level of maturity as Internet Explorer.
currently, Microsoft is preparing the next generation of Internet Explorer 7.0, which plans to introduce sometime during the first half of 2006. The company has stated that it intends to make the browser stronger and more secure to help protect users against many of the problems tireless programmes over the years.
we, along with Internet users everywhere, await the final results with interest. In the meantime, we decided to do our evaluation of any 7 (beta) and the nearest rival, Firefox 1.5.
history and overview
internet Explorer is the property graphical Web browser developed by Microsoft. In in 1995, the company licensed commercial version of Internet Explorer 3.0 from the telescope mosaic integrated programme and Windows 95 in its osr1 edition. Later, as they included ie4 default browser in Windows 98 - a move still raises many questions for antitrust.
firefox is open source browser developed by the Mozilla Foundation; who mastered a sufficiently can collaborate in writing and improve its code. Mozilla is known for rigorous approach to security, apart from the bounty of several thousand dollars to find any major weaknesses in the product.
security incidents and threat response
while no browser is perfect, major security gaps somewhat happened with often no more than with Firefox. To be fair, Firefox has less than 10% of the market share, and thus somewhat less attractive than any goal; that is probably also why security researchers focus much of their attention on weaknesses in the Microsoft browser, not Firefox. Some people, if the stock market reversed, and bugs in the Firefox will start appearing on a more frequent basis, as has recently been the case with Internet Explorer.
the Firefox open source architecture contributes to the overall safety of the browser; community of skilled programmers can SPOT problems more quickly and corrected before the new version is available for public use. It was said that the threat in response to Firefox averages once a week, while it may take months for Microsoft engineers critical to correct defects reported by the Security Analysts - an unacceptable situation for users who are still vulnerable to undue the exploits (Hacker attacks), and during that time .
> threat by the response, and it is clear that Firefox winner.
security Features
phishing protection
new protection against financial fraud and identity theft, has been anything new. The so-called phishing filter " & quot; now appears on the Internet Options menu, which is intended to protect users against without knowing disclosure of the information to third parties without permission. Here& 39;s how it works:
if user visiting the site spoofed looks exactly like a real one - usually the result of clicking on a link in the email fraudulent - the browser senses a phishing attempt and compares the site against a list of known phishing sites. If the candidate site is found guilty phishing, which blocks access to the site and informs the user of the danger of leaving personal funds to such sites. A database of known phishing sites is updated regularly, and users have the option to report suspected phishing moment to Microsoft for evaluation.
we & 39; re pleased to report that even in the pilot phase, and it appears that candidate to work well, correctly identifying half of the test sites we visited as phishing sites.
in Firefox, and phishing protection is delivered through a third party, such as extensions Photos Safe Browsing (currently in a pilot phase for us on the basis of users only (see http://www.google.com/tools/firefox/safebrowsing/index.html); This can be plugged browser extension list.
as additional protection against accidental phishing, the authors stated that any plan to make the products introduced each site visited the site. with Internet Explorer 6, and this capability was not available and many pop-ups appear without appearing in speech in the former non-existent in the address bar. Unfortunately, the browser was able to achieve more than fifty per cent proportion demonstration site; We are confident that this percentage will increase as the release. approach 7 and Mozilla continues to work to improve job performance in this area.
restriction subject to the implementation of web content
in current version of any suspect sites were virtually free to install any software they want visitors to the machines. while XP SP2, and have dramatically reduced this possibility, many unnecessary additions and toolbars that still list can be easily installed by inexperienced users .. 7 should provide more protection for the users of naive, as it will allow to enter the protected, and therefore restricted access to the files of the host operating system and Walaaadadat make these critical elements of access to computers and malicious software.
the numbers default Firefox 1.5 is that the extensions and the installation of additions disabled; user must manually change the settings to enable adding extensions to the browser.
there will always be trade-offs between security and function, but security experts always that without hindrance rental sites launch an executable code within the browser creates unlimited possibilities for exploitation .. 7 will provide greater flexibility in the composition of external code will allow them to run within the browser and the impact it will have on the operating system.
activex restrictions
aside some graphics enhancement of Web pages, in most cases, deadly VX is the most damaging both beneficial. many of the sites that serve up espionage and declarations emanating writing deadly VX use of technology, and deadly VX in Windows programming environment can be allowed to operate unhindered with the Administrator privileges (root). Firefox 1.5 does not support Microsoft deadly VX property technology and even browser Firefox is more solid espionage against infection.
in ie6, even with SP2), deadly VX is allowed to run by default, which automatically makes users less protected against the threat of espionage. Coming in any 7, is not yet known whether Microsoft will continue this approach, but early indications suggest that this is the case and that would be unfortunate, since the current approach is a clear security vulnerability.
of course, users can manually disable any deadly VX writing to a specific site and let deadly VX started automatically on all other sites visited. Or, vice versa, it can disrupt deadly VX writing most of the sites visited and permit it to appear on a given site. All this can be configured under the Security tab in any & 39; s list of options. However, it is difficult unrealistic to expect the Internet novices, who need more protection, and to do this.
java, JavaScript and visual basic components
java and JavaScript can be enabled and disabled by both browsers. Firefox allows users to determine the permissions for these actions of the manuscripts. Internet Explorer 6 allows users to create a group of trusted sites to the global restrictions on the scripts will not apply. In any 7, and will be more flexible and added that this would lead users more customized presentation of Web pages belonging to a particular location; seems Firefox also plans to introduce more flexible criteria.
internal download manager
ie 7 download manager will be renovated, and feature an option to pause and resume loading - a feature not available with the current version. Specific actions will be determined after the completion of the installation, and users can verify the file uploaded recently - with countermeasures for the virus before operating. This approach already exists with Firefox, so it seems that Microsoft playing catch-up here.
encryption data on protected sites
when send sensitive information, such as details of the deal for the bank or financial institution, it travels in the form of secure encrypted through complex text transmission protocol (shttp) connection. Information is encrypted by the browser code comes on the receiving end. The new version of a stronger encryption algorithms will be used to reliably transfer your data without the risk of being intercepted and deciphered by someone in transit. A lock icon indicating that the user is on a secure site will be developed in more than one place clear now, and more detailed information will be provided to help visitors verify the authenticity of these sites.
firefox currently the best - regulating the supply of security certificates to users, and Microsoft clearly has room for improvement.
updating
both browsers are updated automatically when new code has become ready. Firefox has this update mechanism already exists, and any 7, and is expected to be completed and submitted through the Windows update technology.
privacy reinforcements
ie 7 will have the ability for users to flexibly total data will be saved and can be applied to different sites; users will be able easily remove browsing history and other details such as passwords, cookies, and provided details on the web forms, download history, and temporary files. In Internet Explorer 6, these files were stored all over the place and users have complained that there is no clear way to delete this information. Firefox 1.5 already provides for such a capability.
conclusion
ie 7 promises a lot of attention to security and privacy enhancements that will help users stay more secure. With the final release users will receive a good, solid browser that, if Microsoft promises are fulfilled, and that will help to compete well on the security front. As we have seen, Firefox 1.5 model already, and it would interesting to see what lies ahead for this talented defiant. claretha micah
Bookmark it:
No comments:
Post a Comment