Tuesday, December 13, 2011

The safest web browser? Part III

Accuvant Labs has a new study out on browser security. The report (commissioned by Google) says Chrome is the most secure browser, because it has a well-implemented sandbox. Well, maybe.
But the report also contains data on browser vulnerability statistics, along with some very sensible caveats on using these to make any claims about security:
Given all this information, we can conclude that the browsers are different. Development methodologies, corporate structure and patch release infrastructure all play a role in making dissimilar graphs. However, none of these pieces of information can be used to draw a security related conclusion.
 They seem to be saying, "please don't use our vulnerability graphs to imply that one browser is more secure than another".

Unfortunately, actually reading the report seemed to be too much trouble for ZDNet.
[A]ccording to the report Mozilla’s Firefox has the highest vulnerability count compared to Google’s Chrome and Microsoft’s Internet Explorer.  Would you switch browsers over the results from a comparative review such as this one commissioned by Google?
 Either they didn't read the report, or they couldn't resist a bit of sensational journalism. Either way, they are doing a gross disservice to their readers.

As usual, the partisans pick up the FUD and start spreading it around:
Firefox fails miserably.
Avast! forum.

I don't know which is more depressing: that a news source can so casually misrepresent a report they are writing a story about, or that there are so many gullible idiots around that will lap up the misrepresentation.

No comments:

Post a Comment