Quick NavigationIs Microsoft Edge Really Safer than Chrome or Firefox?The Other Security Features That MatterSandboxingHow Sandboxes Are Essential For SecurityAutomatic UpdatesPrivacy ProtectionThe Bottom LineAlternative Browsers We UseOperaEpic Privacy BrowserComodo Dragon (Chromium)Comodo Ice Dragon (Firefox)Comodo Chromium Secure (Chromium)Tor
Did you know that your Browser selections has a lot to do with you overall browsing experience and pc security?
If you are like me, typically we limit ourselves to the browsers that come on pre loaded on our PC’s assuming that it must be the best because it was included with the pc or integrated into our Operating System. Microsoft did this with the release of Windows 10 by bundling Explorer and Edge into it’s new operating system. Many of us concluded that the new os and browers must be better because they were new. were better without ever thinking twice about it.
There are 2 features we all want from our browsers: Speed and Security
Is Microsoft Edge Really Safer than Chrome or Firefox?
Microsoft is heavily pushing their Windows 10-exclusive browser, Edge. Ads built into Windows 10 are now claiming that Edge is “safer” than Chrome and Firefox. How did Microsoft determine that, and is it really true?
Microsoft’s claim is based on a report by NSS Labs, a business that sells threat intelligence and risk mitigation guidance to companies. The report tested 304 examples of Socially Engineered Malware (SEM) and phishing pages. They found that SmartScreen, a security feature in Edge, blocked 99% of the SEM samples. Chrome blocked 85.8%, and Firefox blocked 78.3%.
SmartScreen Is Just Part of the Picture
To understand what this means, you need to understand how SmartScreen works. Microsoft SmartScreen was first introduced in Internet Explorer 7 as “Phishing Filter,” and has been improved upon in each release since. Chrome and Firefox have similar warnings, but nothing quite like the bright red pages in Edge. These features check web pages and applications against lists of known good and bad items. So NSS Labs’ test essentially found that when it comes to malware and phishing pages, Microsoft has better lists
But SmartScreen is only one part of a browser’s security. While tools like SmartScreen are helpful, they should hardly be your only line of defense. You should still be using a good antivirus program in conjunction with something like MalwareBytes to protect yourself if something slips through, or if something comes from another attack vector. Those programs often come with their own blockers, too, as shown below.
So yes, Edge may “block 21% more Socially Engineered Malware,” but that doesn’t mean it’s 21% more secure, or that security is even quantifiable. There’s a lot more going on in modern web browsers to keep you safe.
The Other Security Features That Matter
With that in mind, let’s talk about some of the other security features you’ll find in modern browsers, and how Edge stacks up to Chrome and Firefox.
Sandboxing
Sandboxing is an important security technique that isolates programs, preventing malicious or malfunctioning programs from damaging or snooping on the rest of your computer. The software you use is already sandboxing much of the code you run every day.
You can also create sandboxes of your own to test or analyze software in a protected environment where it won’t be able to do any damage to the rest of your system.
How Sandboxes Are Essential For Security
A sandbox is a tightly controlled environment where programs can be run. Sandboxes restrict what a piece of code can do, giving it just as many permissions as it needs without adding additional permissions that could be abused.
For example, your web browser essentially runs web pages you visit in a sandbox. They’re restricted to running in your browser and accessing a limited set of resources — they can’t view your webcam without permission or read your computer’s local files. If websites you visit weren’t sandboxed and isolated from the rest of your system, visiting a malicious website would be as bad as installing a virus.
Other programs on your computer are also sandboxed. For example, Google Chrome and Internet Explorer both run in a sandbox themselves. These browsers are programs running on your computer, but they don’t have access to your entire computer. They run in a low-permission mode. Even if the web page found a security vulnerability and managed to take control of the browser, it would then have to escape the browser’s sandbox to do real damage. By running the web browser with fewer permissions, we gain security. Sadly, Mozilla Firefox still doesn’t run in a sandbox.
Microsoft Edge and Google Chrome have both fully implemented sandboxing tech. Sandboxes break up each component of the browser—tabs, windows, and plugins, for example—into individual processes. These processes are prohibited from interacting with each other or with outside processes, making it much more difficult for malicious code to spread across your computer.
Splitting a browser into several processes can also improve performance with modern multi-core processors, though it comes at the expense of higher RAM usage.
Firefox, on the other hand, launched in 2004, when the concept of sandboxing was very new. Right now, it only sandboxes media plugins, but Mozilla is working on Electrolysis, a project to make Firefox multi-process and sandbox the browser. Unlike Internet Explorer, though, which was able to introduce sandboxing in version 10, Firefox had to worry about maintaining compatibility with almost 13 years of extensions, which is why this transition has been so slow.
So when it comes to sandboxing, Edge definitely has an edge (pun intended) over Firefox, but it’s on pretty level ground with Chrome.
Automatic Updates
Ever wonder why your browser updates so often? Developers are constantly patching to fix security flaws. Of course, only users who install the updates are protected. Automatic updates help ensure that most people run current, protected versions of the web browser.
Google Chrome is the poster child for automatic software updates. They are installed quickly and quietly when users close the web browser. Firefox introduced a similar silent updates feature in 2012.
Microsoft Edge updates automatically as well, although those patches are delivered through Windows Update. (This is one of the big reasons you shouldn’t turn off automatic Windows updates.) There’s one downside to Edge’s approach, though: Windows updates generally come at a slower rate than Chrome or Firefox’s browser-only updates, and you must restart your computer for Edge’s updates to take effect. Microsoft has said that in the future, they will start delivering some Edge updates through the Windows Store, which will help ensure Edge users stay up to date.
Privacy Protection
All three major web browsers feature some sort of privacy mode (InPrivate on Edge, Incognito on Chrome, and Private Browsing on Firefox). When the privacy window is closed, all history, cookies, and cached data is removed, leaving nothing behind on your computer. However, this doesn’t prevent websites or advertisers from tracking you.
Firefox has a clearer advantage in this area. In 2015, Firefox introduced Tracking Protection, which removes known tracking elements from pages visited in Private Browsing.
In addition, the Tor Browser is based on Firefox’s source code, and adds new privacy and security features to help protect the anonymity of its users. Because it uses the same code base, it’s possible to port changes back from TOR to Firefox. Called the “uplift” program, the two teams started working closely together in 2016. First Party Isolation is the first anti-tracking feature brought from Tor to Firefox, with more in the pipeline.
It’s also worth noting that unlike Google and Microsoft, Firefox does not make money from tracking users or selling targeted ads. The larger companies are incentivized not to improve your privacy.
The Bottom Line
Right now, Google Chrome and Microsoft Edge have very similar security features. The claim that Edge is “safer” than Chrome merely comes from the fact that Microsoft keeps a better list of bad websites than Chrome does, though if you’re protecting yourself well with antivirus and anti-malware software, you should be pretty safe.
Mozilla Firefox is behind the other two large browsers, but is on track to catch up in 2017. It is, however, currently better at protecting your privacy, so at least it has its own advantages.
Alternative Browsers We Use
Opera
The latest version of the Opera web browser has a built-in client for SurfEasy’s VPN service, and it’s entirely free to use. SurfEasy, a Canadian company, is also behind the free Opera VPN apps, which are developed and operated separately from the browser version.
The Opera browser-based VPN isn’t a true VPN, though; it protects only the traffic going to and from the Opera browser itself. Other applications on your computer will not be protected. However, the mobile apps are the real thing and will protect all the traffic going through your phone.
We can’t argue with the price of either the desktop or mobile Opera VPN services. But the desktop-browser VPN service shouldn’t be used for truly sensitive matters, as its security is no stronger than that of an HTTPS web link. We like the Opera VPN mobile apps, but desktop users will want to consider a paid alternative, such as Private Internet Access.
Costs and What’s Covered
The Opera VPN service is entirely free, although the mobile apps are ad-supported. The desktop browser is available for Windows, Mac and Linux, while the apps are for iOS and Android. There’s no Opera VPN client for Chromebooks or routers, but there’s a SurfEasy VPN client extension for Chrome browsers.
Users of other mobile platforms, such as Windows Phone or BlackBerry, are out of luck. However, you can find ways to make the desktop service work with other browsers if you do a little Googling.
Features and Interface
Of the VPN services we’ve reviewed, Opera VPN is the easiest to get started with. But it can connect to the internet only through five countries: Canada, Germany, the Netherlands, Singapore and the United States. In contrast, the full-featured PureVPN service lets you choose from 141 countries.
A representative for the Chinese company that owns the Opera browser told us that the number of VPN servers scales with the number of users, and can be as many as 500. A representative for SurfEasy told us that the Opera VPN mobile apps have access to 586 servers.
The Opera desktop browser can block ads, as can the Opera VPN mobile apps. Both versions can also block web trackers.
The desktop interface is simply the Opera web browser, which is bright and clean-looking, and also lets you connect to Facebook Messenger and WhatsApp directly from the browser.
You can toggle the VPN function off and on by clicking a small button marked “VPN” at the left end of the address bar, which then pops up a small dialog box with a toggle switch.
When you’re connected, the VPN button in the address bar turns blue — a reassuring notification. The dialog box also lets you choose among connection counties and shows how much data you’ve used recently.
Epic Privacy Browser
Epic Privacy Browser is based on Chromium, is open-source, and is available for Windows and OS X. While there’s good, genuine skepticism about the browser—and its roots in Chromium (the open-source platform upon which Chrome is also based), overall Epic does what it promises. The browser blocks ads, tracking cookies, social boxes and widgets (until you interact with them), blocks tracking scripts and modules from loading (which results in faster-loading web pages), and sandboxes third-party processes and plugins. Epic Browser even encrypts your connection whenever possible (largely by shunting to HTTPS/SSL whenever it’s available), routes your browsing through a proxy, and protects you from widgetjacking or sidejacking when you’re browsing over Wi-Fi.Comodo Dragon
Comodo is an internet security company that’s been in the business of protecting data for decades. You may know them best for Comodo Internet Security, their desktop antivirus and antimalware product, or Comodo Firewall, their lean, lightweight software firewall. Comodo also maintains three web browsers as well, and each of them offers additional protection that you won’t find in a standard download of Chrome or Firefox.
Comodo Dragon (Chromium)
Comodo Dragon is a Chromium-based browser that was one of Comodo’s first browsers. It incorporates a number of Comodo-branded tools into the browsing experience, like the company’s own SSL validation, where every site you visit has its SSL certificate and identity validated by Comodo. You’ll get a notification if everything is on the up and up or if Comodo thinks the site you’re trying to visit is questionable. If you allow it to, Comodo will route all of your browsing through its secure, encrypted DNS, so you leave fewer traces of your movements around the web. Comodo Dragon also blocks third party tracking cookies, widgets, and other site components from loading. Of course, because it’s branded by Comodo, it’ll prompt you to use Comodo’s other security products as well to compliment it, which is a little ironic if you’re using a privacy-focused browser in order to not be sold to all the time. It’s worth noting that Comodo says that Dragon will only run on Windows 7 and below (although we had no issues with it in Windows 8.)
Comodo Ice Dragon (Firefox)
Comodo Ice Dragon is another version of Comodo Dragon that’s based on Firefox instead of Chromium. If you prefer the look, feel, or features of Firefox, this is the version you’ll want to download. It offers the same level of protection, and like Comodo Dragon, it supports third party extensions. Also like Dragon, it’ll scan pages for tracking elements and malware as soon as it loads, and warn you in advance if you’re about to download something malicious. It does suffer from the same drawback as Comodo Dragon though—in the form that its branding can be a little aggressive. It supports Windows 7 and below (although again, we had no issues with it in Windows 8.)
Comodo Chromium Secure (Chromium)
Comodo Chromium Secure is a more up-to-date version of Comodo Dragon—if you want to ditch all of the branding, keep all of the protection, and go back to basics, Chromium Secure is the browser for you (and, if you’re okay with a Chromium base, the one we recommend.) It looks and behaves like Chromium, and includes all of the best features of Comodo Dragon, including the on-site malware scanning, secure DNS, SSL and domain validation, and tracker blocking. It’s just faster, strips out the Comodo branding (although it still suggests Comodo’s additional products from time to time), and looks more like the Chrome you know and love, as opposed to a completely different and new browser.
Tor
The Tor Browser is based on Firefox, open source, and comes preconfigured to access the Tor network. The vast majority of built-in plugins and services have been disabled or stripped out, and it’s important that you leave them that way, or else data you mean to keep private can leak to the sites you’re visiting. Available for Windows, OS X, Linux, and in portable forms for all of those, it’s a great way to surf when you’re using an untrusted system, want to keep your identity close to pocket, get around content filtering or site-specific blocks, or keep your physical location a secret from the sites downstream (or anyone who may be watching along the way.) Remember though, Tor is designed for physical and digital anonymity, not security and encryption. What you do while you’re using it may give away that anonymity (sending emails, logging on to web services, etc), and while communications inside the Tor network are encrypted, as soon as you leave the network, your data is in the clear (if it’s not encrypted another way.)
Tor is going through a rough period right now, but overall, the service is still excellent if you’re looking to preserve your anonymity and privacy from the sites you visit, and from malicious tracking cookies and ads. For those unfamiliar, Tor routes your traffic across a series of relays designed to keep your real identity and computer as anomymous as possible. It’s not perfect and it certainly has its drawbacks (which we don’t have room to get into here), but if anonymity is your end goal, the Tor Browser (more specifically, the Tor Browser Bundle) is a great way to go.