Sophos Cloud Optix
We spend a lot of time with our web browsers, visiting the websites we use for some very important things like our banking, our email, and for our jobs.
And we also use them for some not so important things – or maybe just more personal things – like watching videos, web searches, social media, message boards, and more.
In that sense, the web browser could be considered one of the most important pieces of software most of us use on a daily basis, which is why a relationship of trust comes into play – we rely on our browser to secure our communications, data and privacy.
Last year, we asked you which web browser you trust the most, and we received a lot of interesting feedback from our readers. (You can see who won here.)
But it’s been nearly 12 months, and we’re wondering if your views have changed.
Our single-question poll, “Which browser do you trust the most?” is different from which browser is faster, cooler, more secure, or even which one you’re currently using (you might use more than one).
So tell us what you think – who do you trust?
And if you want to let us know why, please leave a comment at the bottom of the article.
Image of vote letters courtesy of Shutterstock.
I don’t trust any of them, I use throw away virtual machines quite often.
Good thinking paul!
I think i’s more a question of which browser do you trust least as none is totally secure. Even on Tor, Firefox was hijacked though not due to a fault in the browser. This question is far easier to answer. IE is the least secure browser for 2 reasons. 1. It has a larger attack surface in a native install due to the embedding of Active X. All can be extended increasing their attack surface through plugins of course. 2. More seriously, it is embedded in the operating system meaning a compromise of the browser is a potential compromise of the operating system.
Actually, in this year’s PWN2OWN competition, the “special prize” (referred to as the Unicorn) of $150,000 for using IE as a stepping stone to a full Windows 8 OS compromise was not even attempted, let alone claimed.
In truth, any browser compromise that allows remote code execution is a *potential* compromise of the OS. (Whether you escape from Chrome or IE, if you end up with the privilege of the local user, which is likely, then you are an the same position. Combine either escape with a second elevation of privilege vulnerability and the end result is the same, too.)
Assuming that IE is the least secure browser “because it comes from Microsoft and is shipped with the OS” is a risky assumption, not least because it leads you into the dangerous corollary that you must therefore be safer using any other browser because it doesn’t ship with the OS.
But it is as at least as reasonable to assume (lacking any other evidence) that non-native browsers must be the least secure because they rely on cross-platform code libraries (OpenSSL, anyone :-), and that represents a potential security compromise on account of trying to be all things to all platforms.
In short: be careful of security assumptions that X is worse than Y (or that Y is better than X) because “it’s obvious.”
The poll-link does not ask about the browser, ut whether or not we would recomend Naked Security to a friend.
Looks like you linked to the wrong poll.
That should come below the poll. It’s standard at the bottom of every page. Can you check again to see if you can see the poll now?
No – it ISN’T there. But firefox – no contest.
Can’t find the new poll either. But it’s Firefox because there is a good choice of privacy add-ons and they don’t try to trick me into logging-into Google to capture my browser extensions and settings. Just will never trust Google.
I trust Chrome… to take my personal info, merge it with the rest of GoOgle’s vast data mine, and sell it to several of the highest bidders. But I don’t think that’s the kind of trust you were talking about, were you, John?
I’m truly dismayed to see such a high vote for Chrome amongst supposed security professionals.
I guess Firefox is most trusted for security (availability of privacy addins and absence of ActiveX)
I would put Opera as must trusted for Stability. New versions of Firefox (which happen frequently) often mean a period of instability as addin developers (and Firefox developers?) catch up. Might they follow the style of many linux releases and designate a particular release as LTS (Long Term Support)?
Firefox does have a “long term support” version. It’s called Firefox ESR, for Extended Support Release.
For example, see:
http://nakedsecurity.sophos.com/2014/04/30/firefox-29-is-out-its-more-secure-but-does-it-look-better-too/
Note that Opera is not really Opera any more. Some time last year they switched to using Chromium as their codebase (Chromium is the open source codebase from which Chrome is built).
oh great… 😐
“New versions of Firefox (which happen frequently) often mean a period of instability as addin developers (and Firefox developers?) catch up.”
Not sure where you are getting that. The only time I have issues with addon incompatibility is when some really big update comes out (like the Australis update), even then it is solvable like 9/10 times by brute-force compatibility.
Actually, FF has been breaking addons on updates since 3.1, you probably were lucky and don’t use one that was affected.
“Bartab” is an example. They broke it with 3.16, and the developer was forced to leave some crucial features out of the new product.
I wasn’t going for it… I deleted 3.16 & downloaded 3.1 with a DELL sandbox and ran that for 3 years so I could use the original version of Bartab.
Hm. I must’ve been quite lucky, then. I just don’t hear about addons breaking that often when reading people’s stories about their experience with Firefox.
I expect a ton of addons to break once we get e10s in Firefox, though.
I’m a little suspicious the voters have actually responded in terms of which browser they prefer to use rather than which they trust (as it’s not necessarily the same browser).
Firstly, the percentages (when I looked, at least) don’t seem to imply that, because the results don’t match browser market share figures. Secondly, perhaps most people voting _do_ tend to use the browser they trust the most, and prefer it for the same reason. Thirdly, the text right above the poll does make it abundantly clear what the question is about 🙂
I’ve not checked the figures this year but last year the browser usage figures for the page with the poll and the preferences expressed in the poll were very different indeed.
I voted for Opera after using it for better than 15 years, and that was after finally dropping it last year due to their going off the rails with the new versions.
I use Comodo Icedragon and it keeps you reasonably safe however after use it’s always a good idea to delete the browsing history and do a virus check with something like Sophos virus removal tool. which I must admit is excellent.
I have used Comodo internet security but found that it leaked all over the place and allowed intrusions from the NSA.
Chrome over Safari?!
Chrome is far more transparent than Safari.
More or less all of Chrome is open source – even the RLZ library that gets people frothing at the mouth because it adds tracking parameters to search URLs is open source. If you, personally, want to find out *exactly* how the RLZ library, or any other part of Chrome, works then you can.
Only the rendering engine of Safari is open source and the rest of it is a black box in the hands of Apple.
In terms of trust – Firefox
Epic Privacy Browser would be my choice.
Firefox, but only with NoScript and Adblock running.
And Never. Ever. Chrome.
Had a discussion with a government security professional recently and we surprised ourselves by coming to the conclusion we probably trust Microsoft now more than any of the other big players.
Firefox: with NoScript, Adblock Plus,Safe Preview and KeePass for password management rather than the browser.
LYNX is about the only one that I would consider even remotely secure… but usability isn’t exactly high on the list.
You’ll like this then 🙂
http://nakedsecurity.sophos.com/2014/07/19/its-all-about-trust-60-sec-security-video/
Towards the end (it’s only about a minute long).
LOL.
I voted for Firefox, But I do not use it anymorefor other reasons. I felt comfortable and at ease with Firefox.
I don’t see how anyone could be comfortable with Firefox. The last bug-free stable version was 3.1.
From then they were changing it “just to be changing it”.
If you went to the Mozilla website to look at the bug reports they exceeded 200 on every successive version.
Even worse, they would still have unresolved bugs when they came up with each update, which brought it’s own 200 bugs.
The one thing that was guaranteed: Broken addons and more bugs with each new version. I kept up with it for years just out of curiosity.
FF’s worse offense? They persisted in “deciding what the best browser experience was the best for you”.
They forced you to use your browser “their way”. It was infuriating…
You forgot to include “None of the above.” (I’m with the first two guys.)
That’s what “Other” is for. You can choose Other and put in “None.”
Firefox, obviously!
It my main browser and the one I trust.
google is just rancid… *always* wear rubber gloves.
the problem there isn’t what they can or can’t do, it’s the way they think and their non-existent ethics. no change to code can fix that so it will be forever broken. also, they sling ads… what did you expect?!?
Preference is Opera (Presto) on Linux. Secondary is SeaMonkey.
Safari–with Safari Cookies, AdBlock, ClickToFlash, Disconnect, and DuckDuckGo. I use Firefox primarily for its plugin up-to-date check, and Chrome for watching live sports and ESPN replays.
I see no formal poll to vote in, so…
Most trusted? Firefox: available add-ons make it very secure. Least trusted? Tie between IE because of the huge target on its back, and Chrome as they seem to do a great job of letting users circumvent enterprise level controls for software installation and web proxy enforcement.
I trust IE because I trust Microsoft. In my opinion, Microsoft has set the gold standard for security. Now, IE gets lots of patches, but I think that’s a good thing. It means Microsoft is doing their job, and not hiding from problems it might have caused (with the bugs).
To me, trust is earned by patching holes quickly and completely. In that respect, nobody else comes close.
Very respected comment, Jim.
Fact of the day. Moral security is better than internet security.
And If it’s not even convenient to deal with freak it. 🙂 The main objective is to easily be safe from sin and from the fire. Just some good food and cool water for thought. 🙂
Enjoy the truth..