When browsing the net, I’m safest when I’m using Mozilla’s Firefox 3.0 browser—at least after I’ve tweaked it just a bit. Yup, I have absolutely no doubt about it. I’ve looked at others, and I’m sticking with Firefox.
But instead of just taking my word for it, let’s take a closer look at why I believe this to be true. First, let me describe the contestants.
As I’m principally a Mac user (Leopard 10.5.4), I’m mainly concerned with Firefox and Apple’s own Safari browser, but I’ll also compare them against Microsoft’s Internet Explorer (IE). I should also note there are significant other options available, not the least of which is the highly-regarded Opera browser. For now, though, I’m going to stick with the top 3 in my comparison: Firefox, Safari, and IE.
As with the comparisons I’ve done here of Windows vs. Linux vs. OS X security, I’m going to explore various user-level differences between the browsers. I do believe, after all, that the determined tech-savvy user would be able to use any of these three browsers quite securely.
In their own ways, all three of these browsers are delivered in an overly trusting configuration. If you’re serious about being secure in your Web browsing habits, it’s clear you’ll need to spend some time fine-tuning each of these products. Despite their claims of providing security features (see below), when you install these products, they make some serious mistakes.
Qualitative Score: Firefox gets a D, Safari an F, and IE a D.
Beyond that, IE’s security zones are actually a pretty powerful mechanism for controlling Web content and how it interacts in the browser. Unfortunately, to really get the power from the security zones requires a learning curve that few users will be willing or able to overcome. Firefox’s “safe browsing” feature works in conjunction with an external site (run by Google) to blacklist various Internet sites that are thought to be harboring phishing attacks and other nasties. This is turned on by default, and most users needn’t even be aware it’s there.
Unfortunately, it’s fundamentally a negative validation model that is doomed to eventual failure—think anti-virus signature updates. So this category is a tough call, since all three products are pretty awful.
Qualitative Score: Firefox gets a C, Safari a F and IE a D.