CARLSBAD, CA--(Marketwire - August 13, 2009) - NSS Labs, a world leader in independent
product analysis and certification, today published its second round of
live browser security tests. Two separate tests measured protection against
phishing and socially engineered malware across 5 browsers: Apple Safari 4,
Google Chrome 2, Mozilla Firefox 3, Opera 10 Beta and Windows Internet
Explorer 8.
Socially engineered malware is the most common and impactful threat on the
Internet today, with browser protection averaging between 1% and 81%.
Internet Explorer 8 caught 81% of the socially engineered malware sites
over time, leading other browsers by a 54% margin. Safari 4 and Firefox 3
caught 21% and 27% respectively, while Chrome 2 blocked 7% and Opera 10
Beta blocked 1%.
Phishing protection over time varied greatly between 2% and 83% among the
browsers. Statistically, Internet Explorer 8 at 83% and Firefox 3 at 80%
had a two-way tie for first, given the margin of error of 3.6%. Opera 10
Beta, exhibited more extreme variances during testing and averaged 54%
protection. Chrome 2 consistently blocked 26% of phishing sites, and Safari
4 offered just 2% overall protection. Firefox 3.5 crashing issues prevented
it from being tested reliably.
The URLs sample set used in the test was representative of the phishing and
socially engineered malware threats Internet users face every day. "In
addition of comparing browsers among themselves, the test also benchmarked
the browsers against cybercriminals," said Rick Moy, President, NSS Labs.
"While the other browsers maintained or decreased protection between the
two tests, Internet Explorer continued to improve its protection against
cybercriminals."
The full text and analysis of these and other reports on browser security
can be found at
http://nsslabs.com/browser-security.
NSS Labs live testing methodology represents an accurate, real-world
testing that can be performed on information security products.
-- Newly discovered malicious phishing and malware sites were added to
the test, which repeated every four hours 24x7 for a minimum of 12 days
-- All five browsers tested URLs simultaneously
-- All sites were validated before, during and after via multiple methods
NSS Labs' transparent, scientifically repeatable process ensures the
highest levels of independence, diligence and integrity. This test was
initially performed for Microsoft engineering teams as an internal
benchmark, and was subsequently released to the public.
About NSS Labs
NSS Labs was founded in 1991, and is a global leader in independent
security and performance testing and certification. NSS Labs performs the
most comprehensive, high-performance security validation in the industry.
Proven methodologies reflect real-world traffic and usage conditions, and
help information security professionals understand how products will work
in their environments. NSS is a participating organization in the PCI
Security Standards Council and a member of AMTSO. For more information,
visit:
www.nsslabs.com.
Contact Information: Contact:
Rick Moy
rmoy@nsslabs.com
760-412-4626