|
|
|
Who Is Running the Most Secure Browser?
By: Larry Seltzer
2008-07-03
Article Rating:  / 17
There are 17 user comments on this Network Security & Hardware story.
Who Is Running the Most Secure Browser? (
Page 1 of 2 ) Many users are undoubtedly not updating their browsers as quickly as they should, but you can't conclude any specifics about that from the recent study of Google logs.The researchers who published a large
study of Web browser security this week had a great idea and excellent data
to work with. Too bad they overreached with their conclusions. A lot more is
being made of this paper than is warranted.
The researchers, from ETH Zurich,
Google and IBM, looked at log data provided
by Google from their global user base for Web search and applications for the
period between January 2007 and June 2008. This data was based on the browser
user-agent string, which is also the reason the data is not as telling as the
authors argue.
What did the study conclude? First, lots of users are not running the most
up-to-date and secure versions of their Web browsers. Second, this is primarily
a phenomenon of Internet Explorer users; Firefox users, on the other hand,
overwhelmingly update their browsers quickly. These and other results led the
authors to suggest that browsers get expiration dates, much like milk and
pharmaceuticals.
It's fair to assume that the test sample is a highly representative one, as
Google is both dominant in the search business and used worldwide. I could
argue that users of Microsoft's search engine are more likely to use Internet
Explorer than are Google users, but this is a small, marginal difference. The
problem is not in the users, but in the user-agent string.
The user agent is a string that a browser, or "user agent" (the
more general programming term for Web clients), presents to a Web server as
part of a request. Click here to
see your own browser's user agent. Click
here to see a database of different user agents for different browsers and
other "user agents." Servers log this data and often use it to
determine which content to send to the client.
I always run both Firefox and IE7. Currently my Firefox user agent is:
Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9) Gecko/2008052906
Firefox/3.0
and my ie7 user agent is:
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1;
.NET CLR 2.0.50727; Media
Center PC 5.0; .NET CLR
3.0.04506; InfoPath.2; MS-RTC
LM 8)
You can see pretty easily that the Firefox one is Firefox
3.0, that it's running on Vista set for U.S. English.
1.9 is the version of the Gecko engine and "2008052906" is the build
data for that engine. In the IE7 string, we can also see that it's Vista.
The "SLCC1" is not clear but may refer to security
licensing components. You get versions for .NET
CLR and Media Center.
I don't know what "MS-RTC LM 8"
is. [Update: Thanks to a reader at Microsoft for pointing out that "MS-RTC LM 8" refers to Live Meeting 2007.]
But note that the build data and Gecko version on Firefox give you a lot
more version information about Firefox than you get about Internet Explorer.
For IE, all you get is major version information, i.e. IE5, IE6, IE7, IE8. The
study authors note this themselves:
The USER-AGENT header fields for Firefox, Safari, and
Opera contain both major and minor version information, whereas Internet
Explorer only contains the major version. Therefore, it was not possible to
enumerate the patch level of Microsoft Internet Explorer using this method
beyond its major release numbers.
The authors supplemented their study with data from Secunia's Software Inspector,
a tool that tracks applications on PCs and whether they are up to date with
latest versions.
| | Reader Comments: Who Is Running The Most Secure Browser? | | >>> Post your comment now!
| | it does askI always use most current versions and yes FF checks if there is a new version available but it ALWAYS asks if i want to update now or later or not... Posted At: 10-08-09
By: Whizzy | | | | | | All browsers do thatThat name in the user agent goes back to the early Netscape versions, and most if not all browsers include it for compatibility reasons Posted At: 07-15-08
By: Larry Seltzer | | | | | | IE7 uses mozilla engine?Your string for IE7 starts with : Mozilla 4.0.
hope that's a typo or maybe MS is using the mozilla engine ;) Posted At: 07-15-08
By: EagleEye | | | | | | another siteI also found this site which returns correct user agent strings, even from behind my corporate... Posted At: 07-14-08
By: Stratocaster | | | | | | don't know any windows users?Give me a break emes. You're obviously an apple fanboy.
You don't know any of the billion users of windows?
You need to test on ie7, because it... Posted At: 07-11-08
By: Aaron | | | | | | NopeI work from home Posted At: 07-10-08
By: Larry Seltzer | | | | | | user agent stringsUm, yeah. The useragentstring.com website does not return consistent results. I tried it with IE6 (our corporate standard), and it correctly... Posted At: 07-10-08
By: Stratocaster | | | | | | >>> Post your comment now! | | | | | |
|
 |
|
|
�������xr80�VӮc�]mT!rYӶT婎PP$$M�z%Ο�� 7](vUϖ˖�0Ld&�D��?;;~$rɅklJv9�;�D;;?.ԇP|oQP�o�2t}R �
�tӌ5v��:!�M�����>�;|�9|@vD��%�j'aCkc�FcW�2ű5m2�f
�E1;'
}=B �~5;�6m��(GJ��{8�K��E!@�C�շ(>rP
/T|�0tTǖþ�=a��y5E�hDԤ#|xB�g�xd�#B�E=x:Q/M+l�m�ڮ�U�X'�[vR�䅰Q(0F.Č��/t#I%�߽qؓ&thluD`YRi 3�LmfC1+kT9R>l[G�ݑ�[#XsIzVH��aS�/*!)lpi#j%yi�Ol+�;)|�y[�YV5�]q;ݙc�oE-2'l"R� ?q7`BaC�J&5\_�-"���ˁ,ftg0�e���ʆ}{ʾVWR\W{}rL>-g`TzEÝ5�_+UU�ew9*��C[wn�uP\ti\v?
�9N��
|'�L
V)��UjT:( Ԙ8r��`�rM7Jq߹p~y)ڡVR]F[V@a`%�pfQUe�>e}}uI}|vti"|g9̠j�PEf�+%�2h\uܜ<_st.O7=rڽ&'Ov�Y; �i
Og�fɷV�\x��SQ?�&�:aZ+}I-Gf{|&�xt9&�IoJDz|?!:_��C��j�ݖe�B_*X_��KŗG)LY4C�� ! ,#2ɔS�Hu��t:��9AcI>oU:_&T7oh�2��4 �g]p��a4F�ALt�&�h�)5?�&Țb.L2<|)=mZW/��(AK/�
ڊ�5z>�]Q4{3B�ɝ`g@ɋ �BD4?CzC���0!pl/ݜ�~���L.�Qwڢ9Q[�k�\M흙ǘ�\z댛Vu.~hz�mxD18�,0]ev|`\�77�Zu?1�k_@r�/*r{�h ��2ud8��1nґ>â�x�gt�A`�:)ѧ!>RӚM�CqRO#Gs�>H2胎6mb8�-�"�
,70}HOqI�4�X�(}Zc�Og6�/|�\a��֔�^탉�i$�i��-D�@wM0I�e+�f!S uG �νdrg�oMA�(oInP��X^0 vji�q�Hp�yY?���»g��{`� ���閭�-�L<�ħ̠>x�x?ɜK)
�Dt|JIIL"D%� R
h��4�A�G�EBEN�m�b$H�XVph�T6ݞ�H:w@T�*esRأXB�Y�X/E_R�23#Cdɬa���X�91{M�f�T`"[ụLKa�k`F\jI$M#A�ӐIqL�Zۯ(�C�eE�gO�l;��S�8#_�\gF8,?Aw�Gx�lj?DŽ��{8ǷG#˰`�x�h�yNu!��B3A�~6;:�-��Ȧ��5��}j�0{b6c��A3u�OP#'4���;3Wu9Z{[N/=�\҇14f�ܯ7�M)j�`>T*�7v�rg�NH/x|WY� �3EDVhdF!Z!= \P(,�T�w^EY䞅Ꞧ_5YX��X`~w�Rd0q�6i
SXh�8G/C�4꾶'iV[J��ͪRue�I�T*{ۅakk)�R���d7�Bj^¼ye<4�@V`9H^>��OH)
z�7HpBa e�-֓BS몶dg`m1Jx>x#�d\4�6L XbOF�=F��K~z/,�i{qMٕ.[R\�|zn�N �Y�у=:}4̄�+ud4 T�,q�?7:Hy5՝�_φՊRRՄiڏ9&�_G5�k�^��˧6Wȵm>2躢G�ű<��bj\X,��~�)©5r1|��jj�0!B,V�ũ��(j^;��V�4:E�80�GeCf+[ꯦ��T+�pzۻ(�Sg&�;Ql�˘@/-�#���1$6/Pk�
.a@C��%)& S^a\FB�k��
ZCbP&ܔwц.�[�XR]oXL��+*�9G�qϟ��
sFWyQFf[a0K�ykR^K'VUJj5x�]��*(Si��� �7Sc`9g?7��`3�|x+ߙ#[Wae�Ƙ]H�`�c+0\ �+RU�0p5K�2)N<:�a��r]TՑn
OQ��GA.C{a&:pB���T�nЬ
0ԴgKZ/��N#�1hh
05�-�tpCUjʾ_ٳIW�c7g!h�"QkF&:�FdHCtΈ+6RNT:) G�8՟o�F*�ϛ=G$1�*@7Z)��
E�4
"+bI�V`]j�X�|8.SoR~��Qjy6UG�3>�Ⱦ� N-(BR#7cu[w "qSՆ�)ϋh{
~:ꪦUR3Ld��T~�#\�3fb|g]a+*9�Se6e'ß~}R�Sc\o U�<@�n<_�"w�>sԳйtNkl s�ƻ~rn�Af �ƫ�|��8)F�/.K6,Wf�14D|�\D"p-n�ōYap�zGdD"=zJ*~1R\7aO�n[JEVK`uցDZ%y�9HǞ1�]�]2�Yޘzֱ4�>�ʀkG�2cdY��hV�z\ �e.N3)a(&6}j;_&*|)2S�G)kEXqk\U�C=,N
=X畔Z=4¢lz�
z�|�Ic#&�a\kxk�_(uO(Ke嵤:i1RʵRM()BoE�D\vOJZbmM�
��lJqZAK�τkx~�E�6-2j=kR/ԕK��Oe%3Eq1�8@X=x}�d6
ѣ�5Cv53up0͎�3�-4َu�6f$}���a}`MٸU
V|�eZ]J֟E'�vu(�|�cK
�uṚ{{+7�÷ �G;L)߭q*�9�WI�P5�]�Uj; s��4�G\�0BR��1|ʢ'r ]N7�.�_VZi�va�*�s>PV�9�k۷BlpH75
��SXp|
ޠ{PH�e, ,"z��⨵J3)=2��a7ZTe�W�3�111u?|{qqwo�zՕݷ�K(
-��$P��) WA�h�x/nL00:�qZ�,JQ?v~�HIcԧ˾tں>A&̫{;At;�:L̇p֏3��%<��87sy���XD\>hC�ltj2�e'A)��pdQL�>jnW۫ItaFۧ(F@q�iDW~Bh]\/~�wϻ�!9\t�xx\NC{�RG!hUHv::��b�3hmƛ&%��c/�kC2�xidD��V �J*Xĥ{}Ҿ̂!sQל4�"z�\N3bn,q�W�9²V�XȬy`&|C7$��T0�r(�`�$X�)��XBe:ӻ:o}�sgu�n/r�m D78%�C*Q�W<2�Eh�i�A&-�xz|-r/H諒�ſ�E}-��:,#?]/8�ʊ��=�?EU.��N:|"=Br�^'18�;=h)��I�"2c�.A-6Ծ�N9 �4�sJd"�:�A%;�?m[ħ{�,�/䎑�D=:dSN�3U(�iQE�-e9r�tJ9S"\F 6H PV,OҼe=lI1 iK"ih$bbVFRo�wպܜ6<5ަmƙBŇƗH���Ζ�(�̗4.נ�y4��V�#�"|�G�-&5��+y-EY-VVy�ғ�;�AGtH1��fiפu�j�a~%XD2o�BwOH4b5zÿ뢧G� �r;k_=�g䢅q+ћ^P{20t[x_?I+Fy�c(!Oh�Si٘NB�ERTUuklko(�b�YpJeOV
;hd�,�E#�,n���P2Q^;pG %c�cmf�}ݸ�w[f�1vi�fw�ݷP%(>I.=]awQ;�ޝ{͞6vYiEe�K\�-"PnǸZ|>O%0)7۴�
r�UCaC_�*(0i0pD�a�$\j��wl[�#Ɠtǟ-:XQ|;�L8s{C�4�j�p*_s
w^�����P�?D?\=3q� ��FЗqi+"@wыK\-1�-X]�Mg�ֈe[Q32OrYfCS*_�X_Ǥ}[bO/\NAa
nj�;Dx@x8nn�oE8UU*ϣ\�#ݹc�y|&m'\~�o1?�aӐm`ȉ�.ݡӎ]�p"`5J@QE;\B>kxhf,\Q'WzhL�3]�|HN.ܝd v��-Lq)�+�]6�;)? ���<��L�x�c9Ȝ�9pb�s`yڨ�0 i��o;� wQ�%�LZ
<*,˰�3^껋-$vG^�ښ&.0�/�s�ope����@X�v�Gl+-5vT;�ʒQ:�Sݥv0˵dk\�HS%W�ޮ8Ƒ�W�ʪ0R'H0Uy*ZIR8^$ӊm�]M8E��Q9i'{d{VYB�XΓ<�C(�ȺMp`���=g$Q,U&<�45%�z�\���3^��"r&+P�j3b��(!c)�ܠ6o4*zId�xAf@]��D#Y=�\ɦ!27M1�u$TpXK�>HtDC]$n9{R;@��HJISUY�]~��D%�.)����Dft� �&�\^F+{ȘTD���`]�|2,joӇrxS{)di-QxE/̨�K�xS*u{0��G0R�?Z�$!n�\$2
�|1rD�5g+MٔJ/V�0"\B�D�ȧm O).�B۔`6TzJ(�/=�pue
8Aூ^Js�$4�|Y~qL[|t���O3�� \3�G/uRm^+yp�� �0T�4�uگA_\\\4�kK!$uH7Tj3=t 9&ĩĝZ�t
Lu�ӦT&��b3�f�h&�U0�(|_RHotߒ�m�s=V]EӉۿJ,5*&>�z}_͵��\2b)�� `��ٔTB4▼TyO�ʂI��"m��cp��?rP:n,�H54\$VԲ6DŽ"[ZeYG�0:&�.��w5�
$��~M�&�ܦKN,9kgee-�D"5߽߽߽߽{zy'vdi
��RǤT1W筻k�7���1m@.� ~o~*>��ϋ9rq-#�la)̑Ğt�ٺ�!sCǩV��d�Z_1��gvǖ0��1DcKl��x:D�4gC*���-m?J=0ОùU#b�;�WMM`E ��; � �+���mjo�/5+Q3F�ĸoAz��8�:X�p#,g {^!W2[!�x5J7��w%F�vR��赖9�+�%үV(���dz tnt%LZY5Gm
m@�.( ^�vB�K%\A/Cِ+_̩؎HRj5H7,.&h}Rg�x�Բ|t�R�frPtmv JRgH:a�.IG3x��DLt-W"�w|^͗!]%�Z8ɣ�y�@hF/Fi�f�t92e�?=<�����ju�h~�AɍçĒoIN^=2)�?ǵ�)+z}T�Dq�̆XG�oesjڙYH�n&Ȟ6nKWnP@qZ5A�w�$!aN�j ߎ�iV
o|k�Iq�F�$ȕN���y;MD/z���?��'8
amzt�U=LX! \=*a�*x,~�FǮʷv�xZ=P^ֵ��;�Ճ�@x;F���E�o7=F{S\>d�WJ� wt!EۼRrOjp,1lju��{c�~BP2o2@44+I/NX�&8�Ǧp-ь�SqDgT/U��Xx�"UI"���)z�rKפ{s|:ՄϠ)8weQ�|ׂm̋^_F�TҾ%I d^�m'�I�,b�?j."b1D�b���@/j�ΐ]i=�L,
T70ߴl}�` �f�A�'rp�";vcO{
es�^B7>k_A'-gmĬjgϡ6
�%��3-yM13bmC��y�m�+=�}ka�hk];Xifyj+n-浻3xb(ͪNT`h2y
1ym��n�:R��$\��LЭ�J�0'7ZXT2Xt�,_ňVSR>dDk9m�FA&1h?`1@>�W'��n�yVmIz .�kx�>a(�R>hueaj+;Yא5���U@ě8AnK�e4o6
ߍ|D`Dv>�8E�:ᛒWZ-��F��d�>��QhTJӑu
`�|$wz̥7b?= =θ�8��Qǃ""a=X 2>n�de�H��4O]Y�Uc
`�x=J$!�feB�~huew=
d#?3�2�UGv?=HG����;5&�g�r�`(L1;�#x7tXdC>1&.Eк�lŧtS)F|1[GB(�9$#M}E[Ѿ+%�cDRw.sO0�ឩ�SH$VdL4"&(qTiK$<��~1&IJE<
,iM�� ��YC) �\���6"))ĴF#1C�LD:5,ǰglFLN[�%w��K�{Ss�%9�zH�"V|8snj|J"�rWz��@
H"`T4�]N*�@���`g*���
s�n
\Ԕ�u7S�I8��l<ɋ\<�},2E<�ezX<>��we~�t:&�\��Z!45Kf�ltQQ({b8M�u?3�,ȏWHmݜ�(�8���zy�P��h$`x=9~ierta~X{��dO (��
�@Ka1c�~Po֔J$2
>�(%>g�ٕa)걪VR�ؕo?�(^�;Ue͈s=M镬B*9^���Ȉq�/w�#�&a@}lFLxe�S#?5iv>�;WN�ϻ7xz Zҷhlԭs=|ܽ|ڹl_]w.橅G1 l\_d
_T
Q�9l]28SΘksYx�9%�y�:w�8l�\w�D~Rf�}Y�Q��J_-G_�)o\{=-ZI
W'>;uIc:�jS#�[}'(j��0CP܄q�P��b>^�Ȥo�u[9B9Ao9P~�)By7�9�hp)?@�|PquY<.�r_'\C;9Wh)�W���x�T\��9_�<@ߋ�^�}.rs�_�yß��92z'(S~�g9_@EN9e^\%euݜwAtsO�K7G\�\�5u��^�=�AV�_S^9)�O@O9rߛ�orڿ�\'I9�ru�S)�Jy/*苼k Oy射<)߇�}VU<_`k�W9t
_�r
̭L:WݓBX\jvr+�^e4�vkYA�m���{}�y�s/-#yio29.���AQFgG6�+.ȭ-'Hl]=�g%%x�=0?Mu{.�1پWߕ\*ܼ�}:qOXE�9s8�WɴVی �S��]b>7q�>+sp�o�{,�"~udgͶ�
cT��F\�gȌQ)x�&�9��:\.5(l$=�=�A�Sh<�ϛ5��yXa%�9wv=L뱽�$(\d�~\e;+vUNh��"�lE�a'�B ����X戄=$y1|w,G巧g��S9�>�%�^Πo'b/;K{Ko;�@�(&�]�a1W%$}
HRbR'��K;"%=oPm��<%���*`>�.�X2"�>m�<'6}Fu;Hx����|0�j;;�1�Te]XQYɶ��y
S��~j]�O(#o݂�k\�+<>a�iЄ.ap멎ml�U|��J��A1Y7q$�Lx��r:��Y W�96����}���0uMĦrp�ئL�Sw(\*],5Ał�<�rv69�9
3/�&e@DqLgHvx566s֨Na^�ۺKAўY�m0o6`��/#]Ǟ':K$~Al=bu�-W�^)�:�OOg�sZ����H�ʶ�!�D�,�{��QIb�V]9N]]Tlãō5,Wd--<�P8��_A~:?c9VIٶ�7G,cհ�Qa[:�6
V�n
ۊ
U�y˷DM\7'me�#�BP1])v$ѿ�9V0�|>,�l�p/>:G[
0rcz,�ƫ
�ɴ{)̅Fda�ܐ$Z.2?g'R\�F$�0(�y�
lc+���m5G0X&1+ (���RGTf7}Oa�N*)As�a#�El���[ApN7�\2�9Lg�#K5E~1㡺_ŋV~\ʙkcPKҽk�x��ؚտHS#z�fi!A�CiXq�k @{k�6�=��)j1Bi6eٍ1�}0�-X�+0VW`�k��A�k�Le�U��tCJYEL`2;`+ N*t&vж?g8*a�cL
1L\9,�.�7ҷv!{�ZyƋ�|�_E>�ODN<<�Sf}')VSL_X1�_<|:L+O ��+R�Sq�|>o/܍S�,{ٗN[��<|;�X��Yt�0y�'g*FRq�OR||8�,)>w�3u㖗�pxy"E�mGӽ>igA0�,}Us!]����~s Wha<�[Wy�&F�{˳̆UZ*$էr09gv�?,,MM.4a-d
|
Network Security & Hardware 
