Did Google Target Mozilla Through a Paid Security Report?
Should Mozilla be upset over recent findings by a Google-funded browser security analysis and the fact that Chrome is the most secure browser available right now?
According to NSS, Google has taken unreasonable influence on the methodology of browser security testing, favored Google features over features in other browsers, did not showcase diligence in testing, and withheld important information in its blacklisting feed to discredit Firefox' ability to block malware.
NSS Labs criticizes the nature of this sponsored report, even if it was accused itself not too long ago to have taken funding from Microsoft for its reports, which usually present IE in a much better light than any other browser and typically focus on social malware exploits. Funded and commissioned studies always carry the inherent danger that a report could be skewed in on direction, which is, in fact, a reasonable assumption. Such studies are frequently funded to not only provide research data, but become marketing material.
Google engaged in a behavior that is common in the industry and some could claim that a focus on testing methodology may simply be a question of philosophy which features may be important and which not. In individual cases, this may be largely irrelevant. Even if you use the most secure browser, irresponsible behavior on the Internet can open doors to successful malicious attacks. However, if Google asked Accuvant to deliberately disable security features in Firefox (and other browsers), there is a clear problem and NSS has every right to spotlight Google's ugly strategy.
NSS noted that it analyzed Accuvant's study on request of some of its customers. I will leave it up to you to speculate which customers may have asked for that (unpaid?) favor.