Sign in with
Sign up | Sign in

Google-funded Study Found Chrome to be Safest Browser

By - Source: Accuvant | B 44 comments

Accuvant, a security services and software firm based in Denver, has published an exhaustive study funded by Google that compares the security features in the three most popular browsers.

Other than previous studies by the firm, which often focused on quantitative comparisons such as the number of vulnerabilities affecting a browser, Accuvant took a different approach and investigated the "anti-exploitation" features included in a browser. The result? Chrome is the most secure browser, followed by IE and then Firefox. Also noteworthy is the conclusion that frequently praised URL blacklisting isn't working effectively.

According to the study, which stretches itself over more than 100 pages, with 25 pages of explanation why traditional methods of security evaluations of browser may not be useful, Chrome wins because of its most comprehensive support of address space layout randomization (ASLR), data execution prevention (DEP), stack cookies, sandboxing, and JIT hardening. Chrome largely wins the comparison because of its sandboxing features, which are only partially in IE and Firefox. IE has the best implementation of JIT hardening, followed closely by Chrome. Firefox lacked all tested JIT hardening features.

While Accuvant did not compare the browsers' security based on the number of vulnerabilities, the researchers said that, during the timeframe of the study, Mozilla patched 449 vulnerabilities, Google 321 and Microsoft 168. Microsoft requires, on average, 214 days to patch a vulnerability, Mozilla 158 and Google 53. Accuvant stated that it would be speculation to draw any security conclusions from those numbers.

However, the company spent quite some time on evaluating URL blacklisting services, which is called Smartscreen Filter in IE, Safe Browsing List in Chrome. Between July 23, 2011 through July 30, 2011, Accuvant tested the browsers against an average of 5960 URLs containing malware per day and concluded, "no URL blacklisting service is fully comprehensive, and that any antipattern-based defensive measure is, by definition, imperfect." As a result, the firm advices that "blacklisting services should be considered a part of the overall browser defense model, rather than the only perimeter an attacker must traverse."

This result contradicts a previous survey by NSS Labs, which found that IE's Smartscreen Filter helps to capture nearly all socially engineered malware attacks. Accuvant found that "neither Google’s Safe Browsing service nor Microsoft’s URS appears to provide a fully comprehensive snapshot of all malware in the wild at any given point in time."

Display 44 Comments.
This thread is closed for comments
Top Comments
  • 22 Hide
    DroKing , December 12, 2011 9:03 PM
    I smell paid off people.
  • 21 Hide
    runswindows95 , December 12, 2011 9:04 PM
    Title says it all. Of course a Google-funded study will find Chrome to be the safest. It's like having HP fund a study about printers, and the results say HP makes the best printers.
  • 21 Hide
    arael , December 12, 2011 9:36 PM
    Microsoft funds a study that finds IE to be the safest browser.
    Google funds a study that finds Chrome to be the safest browser.

    I fund a study that finds out that I'm having chicken pad thai for lunch, also that I am the safest browser.
Other Comments
  • -4 Hide
    Anonymous , December 12, 2011 9:02 PM
    no opera or safari? joke.
  • 22 Hide
    DroKing , December 12, 2011 9:03 PM
    I smell paid off people.
  • 7 Hide
    wintermint , December 12, 2011 9:04 PM
    laupoijasdfno opera or safari? joke.


    They said most popular. It's usually between chrome and firefox but you can't leave internet explorer out o.o
  • 21 Hide
    runswindows95 , December 12, 2011 9:04 PM
    Title says it all. Of course a Google-funded study will find Chrome to be the safest. It's like having HP fund a study about printers, and the results say HP makes the best printers.
  • 1 Hide
    cmartin011 , December 12, 2011 9:06 PM
    oh this does not surprise me...
  • 1 Hide
    cmartin011 , December 12, 2011 9:07 PM
    paid off? want to keep your job? lol
  • 18 Hide
    N.Broekhuijsen , December 12, 2011 9:25 PM
    Read title = read article



    OOh but it works!
  • 1 Hide
    A Bad Day , December 12, 2011 9:26 PM
    Obviously there's little chance that the researchers were encouraged to treat Chrome more friendly! It's not like Google's money had any influence over them!

    /sarcasm
  • 21 Hide
    arael , December 12, 2011 9:36 PM
    Microsoft funds a study that finds IE to be the safest browser.
    Google funds a study that finds Chrome to be the safest browser.

    I fund a study that finds out that I'm having chicken pad thai for lunch, also that I am the safest browser.
  • 1 Hide
    genjuro_x00 , December 12, 2011 9:39 PM
    Of course the study found chrome safer. It was done by Google! Bias much?! Do you really think that Google would come out and say "Well, as compared to other browsers, our was less secure and glitchy."
  • 2 Hide
    genjuro_x00 , December 12, 2011 9:41 PM
    genjuro_x00Of course the study found chrome safer. It was done by Google! Bias much?! Do you really think that Google would come out and say "Well, as compared to other browsers, our was less secure and glitchy."


    I'm sorry, I retract my statement. It was "Funded" by Google. As if that makes a difference.
  • 1 Hide
    Anonymous , December 12, 2011 9:48 PM
    Someone expected to see another browser on top? lol. Not because Chrome is something exceptional but it's a google test... so chrome will be on top whatever fanboys say.

    Honestly I think that if Microsoft focuses a little more on the browser, Chrome would be beaten easily. Saying this because IE9 was released and was very good, then the others cought up with it and microsoft didn't care sort of.

    I don't like seeing 4 different browser versions per year like Chrome and Firefox right now but I don't like seeing an update once a year or less like IE either. If there is balance all of the companies behind them would profit from it.
  • 4 Hide
    stm1185 , December 12, 2011 9:50 PM
    Google funds Firefox too, so therefore Mozilla is making Firefox suck on purpose to get more people to use Chrome!
  • 8 Hide
    tykel , December 12, 2011 10:13 PM
    stm1185Google funds Firefox too, so therefore Mozilla is making Firefox suck on purpose to get more people to use Chrome!

    Troll science 101
  • 3 Hide
    danwat1234 , December 12, 2011 10:38 PM
    JIT hardening LOOLLL! Just In Time hardening hahaha
  • 0 Hide
    nurgletheunclean , December 12, 2011 10:39 PM
    I was a bit skeptical when I read "google funded". But honestly it seemed like it was fairly unbiased. They clearly gave google's safe browsing list a failing grade. They also gave Microsoft the JIT hardening win.
  • 1 Hide
    spentshells , December 12, 2011 10:39 PM
    Wait now they used the word safest which is already patented by Apple.
  • 15 Hide
    ta152h , December 12, 2011 10:43 PM
    Yesterday, when I was using Opera, I banged my knee once, and then fell off the chair when the back gave way, and scraped my arm.

    If I only knew then, what I know now, it could have been avoided.

    I'm switching to Chrome before I burn my house down. Or hurt a dog.
  • -5 Hide
    alidan , December 12, 2011 11:21 PM
    runswindows95Title says it all. Of course a Google-funded study will find Chrome to be the safest. It's like having HP fund a study about printers, and the results say HP makes the best printers.


    i trust google enough that they would have the results either burried, or modify the browser to the point that its the best and re test... not just bold face lie about this.

    they have more to lose than microsoft that bundle ie with the os
  • 5 Hide
    AznCracker , December 12, 2011 11:29 PM
    Thats like saying "Research funded by tobacco company discovered that cigarettes are not so dangerous after all"
Display more comments