Microsoft launches site to promote browser security

[nsane.forums]

Microsoft has launched a web site, YourBrowsermatters.org, that is designed to alert Internet users to the dangers of using older web browsers from malware attacks and more.

Internet users usually open up their web browsers to surf their favorite web sites without a lot of thought put into it. But Microsoft is launching a new web site that is designed to alert Internet users to the dangers of web surfing, particularly on older web browser versions. The web site is Yourbrowsermatters.org which tells a visitor how secure their browser is to threats like malware and phishing attacks on a scale of 0 to 4.

According to a post on Microsoft's official Internet Explorer web site, 24.4 percent of all the PCs in the world that are connected to the Internet run an outdated version of a web browser. Microsoft says that amount comes to 340 million PCs that don't run the latest version of their web browser software. The number of PCs in the world that run Internet Explorer 6 or 7 total 15.2 percent while PCs who run Mozilla's Firefox 3.6 or older amount to 7.5 percent. PCs who run the 12th version or older of Google's Chrome browser are in 1.7 percent of all PCs. Chrome is the only one of the three web browsers that now automatically updates to the newest version, without any need for a user's approval.

Yourbrowsermatters.org goes over some of the things that people can do to be more secure while browsing the Internet. That includes downloading the latest version of your web browser, making sure your operating system is also up to date, being able to recognize phishing attacks and more.

View: Original Article

[Hottwire]

I'm sorry but Firefox getting 2 out of 4, chrome getting 2.5 out of 4 and IE getting 4 out of 4, it's very Microsoft bias, but then again it's probably meant to be!

[T0nyB]

I'm sorry but Firefox getting 2 out of 4, chrome getting 2.5 out of 4 and IE getting 4 out of 4, it's very Microsoft bias, but then again it's probably meant to be!

+1, I noticed the the exact same thing earlier today.... (It's 3 out of 4 for IE8 though, maybe 4/4 for IE9, idk, got XP...)

[fumia]

We can't give you a score for your browser.

lol i tried to open it in maxthon 3 :P

[sinox]

This is the most stupid site I've ever seen. :tooth:

How well is your browser protecting you?

We do not have any data for your browser, so we can’t give your browser a score. :beta:

[RealNeo]

I've made this video, and that's all i can say about this:

http://youtu.be/aqYKXr5vAks

Warning: Loud music (selected by youtube. sorry :D )

[johndoe]

I got 1/4 for IE8 (on XPSP3) with SmartScreen both enabled and disabled, 2/4 for FF4 and 2.5/4 for Chrome and no score for Opera

[HX1]

Well.. this test .. though it does raise awareness.. and gives a good source of data that is not a 'Scareware' site.. Still is blind to one thing.. while Fx may not have these configurations by default.. and may not have an integrated scanner ( which I thought it did )... can be made to do all of these things.. I noticed the site may need a little work as well.. :P Small issues seeing all of the data..

I think if Microsoft is going to do this.. they should do more like actual tests of some sort.. to actually assess the settings and configuration of these programs on a per system/program basis.. instead of just slopping up a number based on what your using..

As far as keeping thing updated I think it probably does great, which maybe the whole point anyway.. yet at the same time it open a 'whole new can of worms', when they start to target or discuss ratings of browser security and safety.. More has to be done if they are to address it.. IMO

[DKT27]

(don't know how I failed to notice this article:)

Mozilla bashes Microsoft's browser security test

'More notable for the things it fails to include,' says director of Firefox engineering

Mozilla has responded to Microsoft's new browser security test with jabs against Internet Explorer (IE).

Earlier this week, Microsoft launched a website that rates the security of IE, Google's Chrome and Mozilla's Firefox.

The site, yourbrowsermatters.org, uses the agent string of those browsers to call up a score between 0 and 4. IE9, Microsoft's latest browser, reaps a perfect 4, and 2009's IE8 collects a 3; month-old versions of Chrome and Firefox, however, return ratings of 2.5 and 2, respectively.

Microsoft registered the site -- the ".org" top-level domain, typically reserved for non-profits, is unusual for the company -- last July, according to WHOIS records.

Mozilla didn't think much of the test.

"Mozilla is fiercely proud of our long track record of leadership on security," Johnathan Nightingale, the company's director of Firefox engineering, said in an email. "We believe that being safe on the Web means having a robust browser that defends against malware and phishing, includes new technologies to help sites and users secure themselves, and a responsive security team that gets security updates out quickly and reliably."

Nightingale knocked the test, saying, "[it] is more notable for the things it fails to include," then cited three examples of criteria it lacks: HSTS, Do Not Track and patch response time.

HSTS (HTTP Strict Transport Security) is a still-unapproved standard that allows website servers to tell browsers they can connect only using a an encrypted link, such as HTTPS. Firefox and Google's Chrome both support HSTS; Microsoft's Internet Explorer (IE) does not.

HSTS and encrypted connections in general made news a year ago when a Seattle developer released the "Firesheep" Firefox add-on that let "pretty much anyone" scan a Wi-Fi network and hijack users' access to Facebook, Twitter and a host of other services.

"Do Not Track," the umbrella term for initiatives that let users opt out of the online tracking conducted by websites and advertisers, has also been a hot-button issue this year.

Firefox jumped on the Do Not Track bandwagon last January with an implementation that transmits special information with every HTTP page request to tell the site that the user does not want to be tracked. It added the feature to Firefox 4, which launched in March.

That same month, Microsoft added support for Mozilla's Do Not Track concept to IE9 as another approach to its own "Tracking Protection" announced in late 2010.

Nightingale's third criticism of the test -- that it doesn't account for patch response time -- was another implied criticism of IE: Mozilla updates Firefox with security patches every six weeks, while Microsoft fixes IE flaws every two months.

Google, the only other major browser that Microsoft's new site rates, has not replied to a request for comment on Chrome's score.

View: Original Article

[HX1]

You know not only that but extensions exist to sandbox various items as well as alter the security of Firefox well beyond those standards.. I think they (Microsoft) should have launched a REAL - 'How Safe Is YOUR Browser' type site instead.. :P