Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Internet Explorer 9 hammers rivals in download blocking test
Tech World ^ | 15 Jul 2011 | John E Dunn

Posted on 07/18/2011 8:39:44 AM PDT by for-q-clinton

The in-house reputation system used in Internet Explorer 8 and 9 is markedly superior at blocking social-engineering attacks than the Google equivalent used by Chrome, Firefox, Apple’s Safari, an independent test by NSS Labs has found.

Rating the browsers against a sample set of European malware URLs over 19 days in April, IE 8 achieved a mean block rate of 90 percent, leaving Chrome 10, Firefox 4 and Safari 5 in the dust on 13 percent each. Opera, which uses technology from antivirus company AVG, came in last on 5 percent.

When assessing IE 9 with application filtering turned on, the results were even more dramatic, taking that version to a mean blocking rate of 100 percent.

Internet Explorer’s positive showing appears to be thanks to two embedded technologies; Smartscreen URL Filter, a cloud-based system that checks URLs against a master database. This is present in both IE 8 and 9 and seems to work more or less identically in both.

In addition, IE 9 has added a second system, SmartScreen Application Reputation which on the basis of this test offers browser users a remarkably effective level of download block protection. Chrome, Firefox and Safari all use a rival URL checking system, Google’s Safe Browser Feed, which as previous NSS Labs tests have suggested, is now falling some way behind.

“The significance of Microsoft’s new application reputation technology cannot be overstated. Application Reputation is the first attempt by any vendor to create a definitive list of every application on the Internet,” the authors conclude.

“Browsers provide a layer of protection against socially-engineered malware, in addition to endpoint protection products; as this report shows, not all are created equal. The overall lower protection offered by Firefox, Safari, and Chrome is concerning.”

An extra but important dimension also tested was the ‘average response time to block malware’, basically the time it took each browser to add a problem site to the block list once it had been fed in to the test by NSS Labs.

Again, IE 9 with Application Reputation enabled gained a perfect score, adding a site without any delay, the only browser to manage such a feat. Interestingly, however, without the Application layer, IE 8 and 9 sank down the table, taking nearly 14 and 16 hours respectively, behind Safari’s five hours, Chrome’s nearly seven hours, and Firefox’s 8 hours.

Block time is worth paying attention to because the longer protection takes to be activated, the longer the window of possible exposure.

The limitation of the report is that it is only measuring one dimension of the threat users face when using browsers, that of attacks where the user can be tricked - ‘socially-engineered’ in security parlance - into downloading malware. This compares with what are called ‘drive-by’ attacks that seek to exploit specific vulnerabilities in software and which require no user intervention.

Which is more dangerous is a matter of debate although NSS Labs references a separate study by AVG that found socially-engineered attacks to be the most likely way for malware to find its way on to a user’s PC.

A social engineering attack has the advantage that it recruits the user to agree to a download event thereby potentially bypassing Windows controls such as User Access Control (UAC) and even the warnings of antivirus software. A drive-by attack, especially one manipulating a zero-day flaw, can sneak on to the PC without any of these defences being aware but requires more engineering effort to work.

The claim that socially-engineered attacks are the more significant doesn’t entirely accord with the admittedly patchy evidence that exists on the subject.

A recent and revealing assessment by Qualys using its Browsercheck tool found that large numbers of browser users routinely run out-of-date plug-ins for interfaces such as Flash Adobe Reader and especially Java. Many of these have significant flaws that can be attacked by drive-by exploits.

It could be that both sides of this coin – social-engineering attacks and drive-by attacks – are equally perilous but in different ways.

A final qualification is that the test was conducted on Firefox 4, since supplanted by the rapid-development replacement, version 5.0, likewise Google Chrome, which has reached version 13. The URL-filtering systems used by these are, however the same as in the previous versions so would be unlikely to make a difference to their blocking performance.


TOPICS:
KEYWORDS: chrome; firefox; ie; safari
I wonder when Firefox and Chrome will catch up to IE's security to block malware?
1 posted on 07/18/2011 8:39:51 AM PDT by for-q-clinton
[ Post Reply | Private Reply | View Replies]

To: ShadowAce; Swordmaker

ShadowAce:
Tech Ping Please.

Swordmaker:
Since Safari was mentioned I thought I’d ping you as well, but not really a direct apple topic. Your call if you want to ping the apple list.


2 posted on 07/18/2011 8:41:50 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 1 | View Replies]

To: for-q-clinton

It sounds like IE is the browser for those stupid enough to click on every link and popup that presents itself on the screen.


3 posted on 07/18/2011 8:44:07 AM PDT by SaveTheChief
[ Post Reply | Private Reply | To 1 | View Replies]

To: for-q-clinton

Curious that they used the most recent version of IE against an older version of Firefox. Firefox 5.0, the current version, is reputed to have improved security features.

http://www.zdnet.co.uk/news/workspace-it/2011/06/22/firefox-5-focuses-on-security-and-privacy-40093191/


4 posted on 07/18/2011 8:48:13 AM PDT by Blennos
[ Post Reply | Private Reply | To 1 | View Replies]

To: for-q-clinton

This sounds like another Microsoft sponsored test from these people.. similar to their LAST test that said somethign similar. Just because a company calls themselves the “leading trusted independent authority” don’t make it so. These guys are shills for M$. I’m sticking to Google with Adblock and Noscript add-ons. I’ve not had a single problem for years with this combo.


5 posted on 07/18/2011 8:54:21 AM PDT by Dubya-M-Dees (Little HOPE... No CHANGE)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Blennos

Firefox 5 came out a couple of weeks ago and the article said they ran the comparison in April. You can’t compare what isn’t there yet.


6 posted on 07/18/2011 8:56:07 AM PDT by Netizen
[ Post Reply | Private Reply | To 4 | View Replies]

To: Blennos

It says at the end. FF 5 was still in beta at the time of the test.


7 posted on 07/18/2011 8:59:28 AM PDT by Psycho_Bunny (Public employee unions are the barbarian hordes of our time.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: SaveTheChief
It sounds like IE is the browser for those stupid enough to click on every link and popup that presents itself on the screen.

So, 95% of Internet users...;)

8 posted on 07/18/2011 9:01:17 AM PDT by FromTheSidelines
[ Post Reply | Private Reply | To 3 | View Replies]

To: FromTheSidelines
So, 95% of Internet users...;)

ZING!

9 posted on 07/18/2011 9:03:48 AM PDT by SaveTheChief
[ Post Reply | Private Reply | To 8 | View Replies]

To: for-q-clinton

If you can’t win in one category, find a category you can rank #1!

Done!


10 posted on 07/18/2011 9:07:30 AM PDT by aMorePerfectUnion (This message carfully checkd to misteakes by powerful softwhere)
[ Post Reply | Private Reply | To 1 | View Replies]

To: rdb3; Calvinist_Dark_Lord; GodGunsandGuts; CyberCowboy777; Salo; Bobsat; JosephW; ...

11 posted on 07/18/2011 9:09:07 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: rdb3; Calvinist_Dark_Lord; GodGunsandGuts; CyberCowboy777; Salo; Bobsat; JosephW; ...

12 posted on 07/18/2011 9:09:54 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Blennos

probably because the test was set before they could get firefox 5. Isn’t FF5 fairly new? But the article does address that and says ff5 uses the same engine for this feature.


13 posted on 07/18/2011 9:15:43 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 4 | View Replies]

To: SaveTheChief
"It sounds like IE is the browser for those stupid enough to click on every link and popup that presents itself on the screen."

I resemble that remark!!! [smile]

To echo Oddball from Kelly's Heroes ...

"Oh, man, I just ride in 'em. I don't know what makes 'em work ..."

14 posted on 07/18/2011 9:16:38 AM PDT by BlueLancer (Square Dancing - Drill and Ceremony Set To Music)
[ Post Reply | Private Reply | To 3 | View Replies]

To: aMorePerfectUnion
If you can’t win in one category, find a category you can rank #1!

They suck at brainwashing the ecosystem, so the had to find something else.

15 posted on 07/18/2011 9:18:35 AM PDT by tacticalogic
[ Post Reply | Private Reply | To 10 | View Replies]

To: Dubya-M-Dees

Got any proof or are you just saying that to make IE inferior in your mind?

But even if they are shills it still doesn’t dismiss their findings.


16 posted on 07/18/2011 9:18:56 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 5 | View Replies]

To: for-q-clinton
But even if they are shills it still doesn’t dismiss their findings.

Rule #1 of the internet is that you never, ever download an application that a web-site says you should, such as those pop-ups that say your computer has been infected with a virus.

That's social engineering. The claims here are that IE9 is the best at blocking a socially engineered application after you've clicked the "Yes" button to have such an application "scan your computer for viruses".

So, the "New and Improved" IE9 is supposed to save stupid people from themselves.

17 posted on 07/18/2011 10:15:33 AM PDT by Ol' Dan Tucker (People should not be afraid of the government. Governement should be afraid of the people)
[ Post Reply | Private Reply | To 16 | View Replies]

To: BlueLancer
I resemble that remark!!! [smile]

My two cents on this issue:

I am a firm believer that the best way to protect your computer and yourself from viruses, malware, phishing scams and other general internet nastiness, is to think twice before clicking on ANY unknown link.

This even includes email from trusted friends and family, especially the sort of email that has a chain of addresses a mile long (I never click on anything in these messages). This general rule also applies to any email from a bank, any website where you might have an account (Hotmail, Google, Yahoo, etc.), your favorite web store, or ANYTHING else that informs you that you need to update your information by clicking on a link from the email.

By being sensible and careful, along with using a good anti-virus/internet security software package, you have a much better chance to avoid these problems.

18 posted on 07/18/2011 10:29:13 AM PDT by SaveTheChief
[ Post Reply | Private Reply | To 14 | View Replies]

To: for-q-clinton

I wonder whether they were actually blocked, or if they just hadn’t opened by the time the test concluded. 19 days isn’t a lot of time for ie to open many pages.


19 posted on 07/18/2011 11:08:13 AM PDT by Darth Reardon (No offense to drunken sailors)
[ Post Reply | Private Reply | To 1 | View Replies]

To: for-q-clinton
Got any proof or are you just saying that to make IE inferior in your mind? But even if they are shills it still doesn’t dismiss their findings.

IE isn't inferior in my mind, it is inferior in fact. Anyone can cherry pick results to make a report say anything they want, especially with the testing is sponsored by the guy who you determine is the best. Ask any serious web programmer and you'll find it fairly consistent that IE does not

1 - comply with standards

2 - is highly inefficient with rendering Javascript

3 - tries to set their own standards in order to make others comply with them.

Here's a related article which is a little less biased than the press release.

Is Internet Explorer 9 King of Malware Fighters?

20 posted on 07/18/2011 11:18:26 AM PDT by Dubya-M-Dees (Little HOPE... No CHANGE)
[ Post Reply | Private Reply | To 16 | View Replies]

To: Ol' Dan Tucker

Correct. That’s the tough thing MS has to fix. They can’t hide behind low number of users to keep from being socially engineered. Max OSX had the luxury of hiding for years, but now they are more popular so they too are getting attacked. The dumb user is the biggest problem, but the dumb user only hears Mac is secure that virus won’t run on a Mac. So they buy a mac and they have the same issue.

To protect their market Microsoft HAS to protect the dumb user from themselves. Me I never had an issue with IE and Windows, but then again I’m not a dumb user. But I’ve had many dumb users ask me to fix their stuff.


21 posted on 07/18/2011 11:24:05 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 17 | View Replies]

To: Dubya-M-Dees

IE9 is considered more HTML5 compliant than Chrome or Firefox (last I heard). I know there is some dispute over these findings, but http://www.readwriteweb.com/archives/ie9_outperforms_other_browsers_for_html5_complianc.php but still you can’t deny IE9 isn’t taking HTML5 seriously.


22 posted on 07/18/2011 11:30:37 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 20 | View Replies]

To: for-q-clinton

IE9 also blocks all of my legitimate downloads, my banking site and most PDF downloads.


23 posted on 07/18/2011 12:18:51 PM PDT by Bon mots ("When seconds count, the police are just minutes away...")
[ Post Reply | Private Reply | To 1 | View Replies]

To: for-q-clinton

Browsers leapfrog for compatibility, stability, security, speed and malware detection. IE 9 is definitely better than the past versions of IE.

Still not enough to have me switch back.


24 posted on 07/18/2011 12:56:49 PM PDT by antiRepublicrat
[ Post Reply | Private Reply | To 1 | View Replies]

To: Bon mots

Really? It hasn’t blocked any of mine. And I go to several banking sites, BA, Chase, Citi, USAA, Wells Fargo, etc...


25 posted on 07/18/2011 4:03:31 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 23 | View Replies]

To: for-q-clinton
Really? It hasn’t blocked any of mine. And I go to several banking sites, BA, Chase, Citi, USAA, Wells Fargo, etc...

Yes, ING Bank.
Frustrating. It doesn't work on my iPad (Safari) either.
I have to go to FF to make a transfer. [Safari classic on my iPad also crashes Google Adsense reports.]

There have been a few other transactional or interactive sites where IE has failed me but I cannot recall any of the URIs at the moment.

26 posted on 07/19/2011 1:20:59 AM PDT by Bon mots ("When seconds count, the police are just minutes away...")
[ Post Reply | Private Reply | To 25 | View Replies]

To: for-q-clinton
Really? It hasn’t blocked any of mine. And I go to several banking sites, BA, Chase, Citi, USAA, Wells Fargo, etc...

Also Standard Bank doesn't work for me with IE9 either.

27 posted on 07/19/2011 1:22:41 AM PDT by Bon mots ("When seconds count, the police are just minutes away...")
[ Post Reply | Private Reply | To 25 | View Replies]

To: Bon mots

I just did the standard bank one...and it *appeared* to work for me. I did have to put it in compatibility mode though. CLick the little broken page at the right of the address bar by the refresh symbol.


28 posted on 07/19/2011 6:20:41 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 27 | View Replies]

To: for-q-clinton

Thanks!
I’ll try that tomorrow when I’m back on my own PC.

:)


29 posted on 07/20/2011 11:42:08 AM PDT by Bon mots ("When seconds count, the police are just minutes away...")
[ Post Reply | Private Reply | To 28 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson