Shared publicly  - 
 
Microsoft gives Internet Explorer a perfect score (4 points!) for security, and they say Chrome only deserves 2.5 points. I'm not sure it's worth doing a full debunk of this. It's the same "Look, we have more checkboxes filled in" type of marketing that was more common in the boxed software era. The checkboxes are pretty arbitrary or omit important points, e.g. MSFT says that Chrome doesn't block insecure content on HTTPS, but Chrome users have had that option since June: http://googleonlinesecurity.blogspot.com/2011/06/trying-to-end-mixed-scripting.html

If I were designing a benchmark, I'd probably choose something like "the odds that a typical user of browser X will be infected by malware" and try to minimize those odds. My guess is that's what the Chrome team tries to do.
211
73
Thom Thomas's profile photoRafael Teixeira's profile photogeorge oloo's profile photoZack Young's profile photo
120 comments
 
You're leaving out that IE just plain blows.
 
Chrome is becoming more and more of a resource hog with each release.
 
Kind of like the speed wars with fixed results
 
A lot of these checkboxes where Chrome gets 0 look completely wrong to me.
 
>I'm not sure it's worth doing a full debunk of this

How much do you enjoy telling crazy people they're crazy?
 
How sore is your tongue after biting it for two paragraphs?
 
Is there anybody still using IE these days? :P
 
What counts is a smooth surf experience for 99% of the people. The 1% of paranoiacs are quantite negligeable.
 
I love that "checkbox marketing" that lets the company set the agenda for comparison without looking at reality. Chrome is doing great things.
 
Not to say that IE hasn't come a long way in security. IE9 is actually pretty damned secure, but this onupsmanship in today's marketplace is pretty lame, since these features get matched and surpassed by these major vendors within weeks of each other.
 
Hmm...how does IE 9 get 4 out of 4 when not every item in that list is checked for it?
 
Oh and related news Chevrolet says Chryslers are junk
 
Eric, I don't mind the oneupsmanship--competition in browsers makes everybody safer. I just would rather see metrics like "Per 1000 pages surfed, the average malware infection rate for browsers X, Y, and Z is x%, y%, and z%." Then every company can work on driving those numbers down as best they see fit.
 
Why would I care about IE when I run Linux and Chrome? After Vista I swore of MS forever. At least IE can at least handle HTML 5 properly (i hope).....
 
I love how it doesn't know anything about Chrome 15 on Mac. Scam.
 
+Matt Cutts it would be awesome if Google came out with such comparison metrics and create competition! Ultimately users will be safer!
 
Scare tactics my M$ trying to re-gain some ground??
 
Didn't I read somewhere this summer that there was a contest to see which browsers could be hacked, with Chrome deemed safer at that time than IE, FF, or Safari? I wish I could recall the details. It was like a hacking competition.
 
In my honest opinion these results do not reflect the real security of the browsers. Throughout my experience i have only gotten viruses when using internet explorer... as there is many more exploitation's in the software... I would certainly say chrome is the most secure, and if you are an idiot to download software with risk of infecting your PC then it is your fault not the browsers.
 
Microsoft is trying shake the image that its browser is insecure. And they're doing it by producing a benchmark that stacks the deck in favor of the latest version of IE. This should surprise no one; Microsoft has been pulling stuff like this for decades. They're trying to get people to upgrade to the latest IE (good) and, while they're at it, they're trying to get Firefox and Chrome users to convert back to IE by painting their competition as less secure, even if the title isn't really deserved (bad).
 
Funniest point on it's chart, stating Chrome and Firefox aren't a part of the OS as if it's NOT A MAJOR SECURITY FLAW OF IE.

Good work MS, showing us that after years and years of people writing worms that take advantage of the fact that IE is tied to the OS, you still don't get it.
 
while this is full of typical "microsoft market research" hooey, lately m$ does have a toe in the door for better browser security. the rest of us have been fairly asleep at the wheel. we're not in bad shape, but we do need to wake up and start fixing bugs instead of making them. last several months have been rather full of browser bugs on security lists.
 
You mean that Microsoft thinks Microsoft's products are the best? Shocking. All of the other browsers were not as thorough in implementing the measures that Microsoft thinks are most important.
 
Microsoft can suck it. Chrome is better in my opinion and less prone to hijacks because I've never had a hijack YET on Chrome and I had tons of them on the latest IE.
 
Now if only they could use metrics that weren't based in fantasy. Isn't there usually something about lying about your competition?
 
Microsoft calling out another company for security holes? Oh the irony.
 
I bet Windows gets a 4 star security rating too. 
irish d
+
2
3
2
 
to this user, they've lost their credibility a long time ago.
 
These comparisons don't accomplish anything, do they? I suppose they employee a web designer. :D
 
+Matt Cuts, to be fair, would you rate a competitors product higher than your own?
 
That test can't even handle Opera users. Clearly at the bleeding edge of blinder tests.
 
That's more laughable than a viral video.
 
A big fake...
using firefox with user agent switcher extension give other great results... why ? .........
 
The only issue I have with Firefox is launch time... so slow :(
 
It's not doing any actual tests on your browser.... it simply looks up your browser in a DB of "results" they have...
 
Here's my list of important issues when picking a browser:

* Is developed by a convicted monopolists: IE -1

* Is vulnerable to the attacks that affect only the most popular browser: IE -1

* Uses a minimal amount of blue in it's icon (blue is know to cause eye strain): Chrome +1

* Was used by the September 11th terrorists: IE -1

* Name rymes with loam: Chrome +1

* Abbreviated name is the same abbreviation as "Intestinal Exhaust": IE -1

According to my scientific study IE gets a score of -4 where Chrome comes in at +2. So Chrome wins by 6 points! Anyone who uses IE over Chrome hates science.
 
Rating maters. :) I love all of those browsers.
 
Win7 isn't bad... OSX is SO overrated... I would rather use Ubuntu than OSX any day.
 
Anybody realize that website is owned by Microsoft and clearly it's their own tool. Microsoft – The Ultimate Lying Marketing Machine.
 
We know Google is good in preventing malware. Thats what Gmail attachment works fine with all of us. Thanks to Google.
 
Makes me think of the Scientologists running the anti-cult Websites - Foxes guarding the henhouse..
 
It's ZDNet. That is all the rebuttal anybody needs.
 
Probably the most secure computer: The Chromebook. Guess who makes that, Microsoft.
 
If it were even remotely funny, it could be a joke.

Damn, microsoft will never stop being evil, it seems. Or is it ridiculous?
 
aaah , end of the day microsot and security in the same line is an oxymoron , chill
 
"Matt Cutts, to be fair, would you rate a competitors product higher than your own?"

Manny, that was the point of the second half of my post: I proposed a neutral metric that directly corresponds to a good user experience. I genuinely don't know which browser would score best on that metric. I do believe that Chrome would do very well, and I know Chrome has done a ton of things to protect my security. I feel very safe with it as my primary browser, especially when surfing on Linux/Ubuntu or a Chromebook.
 
I like how my Chromium on Ubuntu benefits from two out of three Windows Operating System features. :)
 
Chrome is hard to hack.Google uses three types of security measure in Chrome that make it very difficult to exploit.Consisting of Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), most commonly know as sandbox.
 
now thats an "independant review"
 
It is Microsoft or is it Goebels resurrected and hold a press conference?
.........
-Please will you give me a book "IE is more secured than Chrome or Mozilla" - Man asked in library
-"You must go upstairs. Fairytales are on the second floor"-answered librarian
 
IE hogs resource, that is the reason why I made the switch to Firefox. And then firefox start sucking up resources, and I switched to Chrome. Now Chrome is getting more demanding in terms of resources. What now?
 
"We can't give your browser a score..." I'm using Chrome dev channel on Win7. :-/
 
I am impressed with that blue counter... and even more with that flipcounter.js...
 
At least they fix their bugs and security issues within a couple of months now, instead of after six months or more of trying to ignore them...
 
"Microsoft gives Internet Explorer a perfect score (4 points!) for security, and they say Chrome only deserves 2.5 points."

I think insane asylum is the only play where they can fix that type of delusion :-)
 
+Seth Moon, what version of Firefox are you on? If it's slow to start, something you have installed might be causing it, and we'd love to help you figure it out. 
 
+Matt Cutts If you measured the average infection rate by browsers, you'd see IE is higher simply because IE users are less computer savvy (to put it nicely).
So you'd really need to get a random sampling of users and assign browsers to them to accurately get your metric.

If you did that, though, I think it's obvious that you would have the most empirical evidence to back up the 'safest' browser claim.
 
Philip N, good point about the savviness of the browser audience. I guess a counterpoint is that if a browser's audience is less tech-savvy, they wouldn't object as much if you enacted stronger security defaults.
 
A fair number of average users out there are oblivious to the fact that Chrome even exists. Google would do well to spend a little in advertising in prime time TV to "educate" Joe and Josephine public. I've encountered many people who are too set in their ways (my brother.. sadly!) to switch too. That's going to be a harder nut to crack but lead the masses and the stragglers will follow eventually I reckon.
 
From the methodology document (http://yourbrowsermatters.org/docs/methodology.pdf):

*Why doesn’t the score give importance to vulnerabilities, for example by taking
into account the number of vulnerabilities known for a browser?*

Overall the score was designed with one consideration in mind – make it easy for everyone to determine how many security features their browser has. Features that help mitigate the impact of vulnerabilities are given prominence. An entire category, “Attacks Against the Browser” is dedicated to such features.

Counting individual vulnerabilities would be complex because in many cases the vulnerabilities differ from browser to browser, and comparison across browsers would not be fair for vulnerabilities that are specific to one browser. Furthermore, using individual vulnerabilities would be contrary to the purpose and intention of the browser score.
 
+Kenny Brunton tell your brother to use Chrome because it has a better looking icon. That might work. And import his faves for him. Peeps like that can't be swayed by technical details.
 
I the analysis by +Evan Farrer carries just as much weight as that done by Microsoft, except Evan at least came to the correct conclusion... Hehehehe... 
JE Roop
 
I'm not a big fan of any browser that takes 30 seconds to load the homepage.
 
I used for years Firefox and changed now to IE9 (resource hog), not sure why all this hate about Microsoft, sad to see Google turning into a religion with all those apostles... ;-)
 
I've just switched to Mac, isn't it ironic?
 
So long as every thing moves to the cloud, slowly but surely, PC based access (where much of the security issues originate) will get replaced with mobile access over time. In that world, I think Microsoft has bigger issues to worry about than check boxes. Them being pre occupied with PC era issues is a bit of a shame; but understandable from their view. Make chrome the best mobile browser while chrome still has speed and simplicity advantages!
 
This feature that IE gives itself points for is more of an annoyance than anything:

"Does your browser provide a distinct warning when you download an application that is of higher risk but not yet confirmed as malware?"
 
+Manny Brum No i would not. But I would not rate my own product in the first place, this is just not sincere.
 
as sad as this sound, listening to microsoft is almost as bad as listening to Iran talk about (fill in the blank) ... you know it's just propaganda, so why waste your time?
 
Microsoft can many things, Because of my work I use Internet pretty much, and my experience is that after using quality browsers as Chrome, Firefox and Opera IE is a pain in the neck, constantly asking the same stupid questions, like "you are about to download a gif, beware this can be dangerous"
Have to agree something with MS, anything you download with that browser can become a problem.
The Browser is dead. Long live the Browser!
 
So is this the last of this last of their monthly ritual? http://www.us-cert.gov/cas/techalerts/TA11-284A.html

For years and years, they have been trying to secure Windows/IE/Office/Silverlight/etc. Yet, month after month, they push out fixes for flaws that allows "a remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system."

It's sad to see that they spend the energy to mislead people instead of improving security.
 
Perhaps some independent analysis has been published?
 
It seems that the IE DOM is still different than other browsers, but I am sure Microsoft is working on it. They have been doing the browser for sometime now. I have been using Chrome more and more in the past year. I think most of the major issues for some people would be the difference when designing a website. Of course there are all the fixes that go along with the hacks in CSS for browsers and of course the famous if statement for IE and IE only in our wonderful world of hummle. Anyway it would be nice if the W3C could just force all of these companies developing web browsers to follow the same parameters and direct object models, it sure would make everyone's surfing experience much better no matter what browser being used.
 
The other day my girlfriend mentioned to me that her anti virus program found a virus on her machine and could I take a look. I was amused to find that Microsoft's Security Essentials program flagged Chrome as malware.

Got a good chuckle from it.
 
There is a Russian proverb, one bitten up is worth two not bitten up. English resume-grade word for that is "experience".

I have to admit, Microsoft has a lot of experience with crappy insecure web browsers.
 
I wonder what Microsoft reason is? Because Microsoft Security Essentials said so? LOL.
 
Internet Explorer - What's that? Sadly - I have to use it at work as the other browsers are blocked...
 
Yeah Internet Explorer is so secure because it gets manhandled at Pwn2own every year.
 
Why don't we just count the number of exploits on each...??
Exploit-db has 7 pages of sploits for IE.
http://goo.gl/fXoTM
Whereas, Firefox has about 4, and chrome has 2.
Plus, chrome automatically updates, and doesn't allow millions of tool bars to install themselves.
IE is a security nightmare, it's ridiculous that they are claiming to be more secure.
 
zomg im gonna switch right back to IE
to microsoft, this is sarcasm and yes i am serious that it it sarcasm
 
Of course Microsoft is going to give a good rating to IE, they make IE! It is like the CEO of Subway saying that subway is the healthiest fast food restaurant, but that won't make it necessarily true.
 
Very good ! Now i can securely donwload chrome !
 
Some honest security metrics would be great. Talking about "Windows security" is sort of like talking about patent medicine effectiveness, the experts are all frauds with an interest in selling snake oil. I'd love to see some numbers from Google about rates of infection by OS, crash rates and so on. Windows itself is a disaster no matter what browser people use, that's something Google may be in a position to observe and publish. Just start looking for spam hitting gmail, botnet signatures in people's web traffic and call the result, Google Security Essentials.
 
IE must be unbelievable secure. IE is mainly used by people who doesn't know what a browser is at all ...
 
Even the first, second line in that report is false. I don't have any security problems until now with chrome... but in IE.. Toolbars, malwares, everything get installed easily! And I'm a programmer and not a regular Joe who tricked to use the browser which came with OS :-P
 
Chrome is always and will be one of the best browsers in the world. I speak from using all of them.
 
Next up, oil industry says they outscore Greenpeace on environmental protection.
 
I can only shake my head when MS tries to bend the truth about their sofware.
 
IE is the most vulnerable browser ever, It pisses me off to read such a comparison
 
What did you expect? To KO their own browser? LOL
 
The heat of your CPU and GPU will irradiate anything alive within several meters while IE runs -- does this mean it functions as a good antibacterial agent?
 
IE is the BEST browser... to download other browsers :)
then just remove the icons/shortcuts!
 
Hell no...Chrome is fast, but its security ill agree on that part. Firefox is THE BEST BROWSER AVAILABLE AND ALWAYS WILL BE.
 
i dont change firefox and chrome for any other browser!
 
I wouldn't change Chrome for any other browser :) Firefox now grew fat and sluggish.
 
There is a little security flaw i don't like with Chrome.
It's because sometimes i leave my computer on during breaks in my school.. Then people can just open Chrome: Options>Personal stuff>Managed saved passwords>click on a password (the dots)>show..I'm thinking about using Firefox instead, just because of this problem..
 
+Stefan Veis Pennerup, this is not a security flaw in Chrome, it is your own carelessness. Never save passwords on a public machine, this includes linking Chrome to your Google account...
 
"If I were designing a benchmark" ... Of course MS isn't trying to design a benchmark, rather the marketing department is trying to sell a product. When is the last time a sales person told the truth?
 
Chrome NEVER crashes on me...firefox and Internet Explorer can be very buggy. They are "secure" because they are so slow hackers get impatient and close the browser.
Add a comment...