Browser Security: IE vs. Safari vs. Firefox: Page 2

(Page 2 of 2)

Security add-ons:

As I said above, the first thing to take control of in securing a browser is active content. None of the three browsers is great at that out of the box. Firefox and Safari are downright horrible at it. So, I generally turn to security add-ons for this sort of thing. My favorite such add-on is NoScript, a free plug-in for the Mozilla family of browsers, including Firefox.

Once installed, it defaults to blocking all Javascript and other active content from running in your browser. One by one, you can enable Javascript to run on the sites where you want it to—for example, the sites you want to do business with. It thus slowly builds a whitelist of sites you allow.

Its biggest complaint among users is that it’s ponderous to build that whitelist one site at a time. I say: Get over it. Over in Safari, there’s a plug-in I’ve recently started looking at called “Pith Helmet.” It too can block types of content from various places, but learning how to use it is not trivial. IE, as I said above, uses its zones for blocking content. Although I have no doubt something similar to NoScript must exist for IE, I’ve not yet found it.

Qualitative score: Firefox gets a B, Safari a D, and IE a D.

Integration with operating system:

Okay, this category is not directly security-related, but it is nevertheless important in selecting a browser. Although Safari has been losing pretty pathetically in my other categories here, its integration with OS X is a work of genius. (Not so much for the Windows version of Safari…)

For example, it fully integrates with OS X’s keychains, proxy settings, as well as other operating system features. Thus, if you use X.509 certificates for email authentication, you only need to maintain one repository of them. Similarly, if your network uses a corporate proxy for connecting users to the Internet, it’s all configured in one location.

Firefox, by comparison, chose to do all of that internally and ignore the underlying operating system’s APIs—presumably done in the name of ease of porting to numerous operating systems. This added complexity simply must have long-term functional as well as security ramifications, and remains my biggest complaint about using Firefox on OS X.

Qualitative score: Firefox gets a D, Safari an A, and IE an A.

This list of topics is, I believe, extremely important to the overall security of a browsing environment. I should also say that keeping your browser and its plug-ins up to date is absolutely vital. Most browsers are pretty darned good with that these days, even if they don’t use the operating system’s own software updating mechanism.

Overall, I feel safest using Firefox paired with NoScript, but I keep Safari and Pith Helmet around for some sites that either won’t run on Firefox, or for those times when I absolutely need the browser to use an operating system’s functionality directly. I also even occasionally will run IE inside a Parallels virtual machine, but when I do that, I immediately revert the virtual machine back to a pre-browse snapshot of itself, but that’s another topic for another time and column.

I firmly believe that Firefox gives you the most secure browser for the least effort.


Page 2 of 2

Previous Page
1 2
 



Tags: Firefox, Microsoft, Internet Explorer, Safari, Mozilla


0 Comments (click to add your comment)
Comment and Contribute

 


(Maximum characters: 1200). You have characters left.