6

I read that Pwn2Own stopped attacking Firefox, apparently because it didn't make "serious security improvements" since the last competition.

Should I understand it as "Firefox is significantly more vulnerable than other browsers", or can I continue to use it safely? Is there currently any big difference in the security of Chrome, Firefox, Edge, Opera and Safari?

I know all the advices one must use to stay secure on the Web. I'm just not comfortable using a browser that could easily be exploited.

techraf
  • 9,159
  • 11
  • 45
  • 63
Hey
  • 1,955
  • 1
  • 18
  • 25

2 Answers2

3

I know of two examples of differences in browser security:

The SameSite cookie flag is a countermeasure against CSRF. Currently Chrome and Opera are the only browsers that support it.

For an extreme example, there is Chromodo, a customized version of Chrome that disables some important security features.

So it definitely matters which browser you are using, but it may not be possible to objectively say one browser is "more secure" than another.

Community
  • 1
Sjoerd
  • 30,589
  • 13
  • 80
  • 107
-2

Opera was the most secure and Firefox the most unsecure since many years ago. Chrome is somewhere in-between. Although Opera also switched to the standardized GUI, it is still the most secure browser.

So to answer your question, yes, there is big difference when it comes to security.

But one thing you can to for all browsers is increase the security with add-ons (plug-ins, extensions, etc - each one calls them differently, but they are the same thing: additional modules).

Browser security

Soruce for picture is National Security Database

Overmind
  • 8,899
  • 3
  • 20
  • 28
  • 7
    Proof? References? Reports? Anything to back your assertions? – schroeder Jun 23 '16 at 12:38
  • 1
    I'm sure you can search statistics for each year on like the last 10 years. Example 2009: http://www.digitaltrends.com/computing/firefox-now-the-most-vulnerable-browser/ Example 2014: http://www.extremetech.com/computing/178587-firefox-is-still-the-least-secure-web-browser-falls-to-four-zero-day-exploits-at-pwn2own – Overmind Jun 23 '16 at 12:51
  • 1
    Added source and 5 year statistics from https://nvd.nist.gov . Also, you can check related articles on lifehakcer, like this one: http://lifehacker.com/5867545/whats-the-most-secure-web-browser ; Also, check the NSS Labs results, or MSDN's yearly report (example when chrome dethroned FF in security breaches: https://blogs.msdn.microsoft.com/devschool/2011/04/21/internet-browser-security-on-april-21-2011-chrome-is-a-loser/ ) http://www.exploit-db.com and http://www.osvdb.org are also helpful. – Overmind Jun 24 '16 at 07:50