Given that almost all malware is delivered in one way or another via the internet, ergo the browser… it begs the question, are the average users’ browsing security measures generally adequate? Considering the experience I have gained through dealing with my clientele and others, I’d say the answer would be a firm no.
First up, let’s take a look at some test results. Now these statistics have not been derived from any half-baked, backyard approach; the tests were conducted by NSS Labs over a period spanning 6 months, involving millions of samples and with testing repeated every 6 hours… now that’s pretty exhaustive! Four browsers were included in the tests and, I’m sure you’ll agree, the results are pretty surprising:
Part one concentrated on general malware blocking abilities, the browsers came in as follows:
Part two concentrated specifically on click fraud; again Internet Explorer came well out on top with catch rates far in excess of its competitors:
NSS Labs opens its test result report with the following telling statement… “The ineffectiveness of Web browser security is one of the most common reasons for malware infection.” Pretty scary stuff, eh. And I couldn’t agree more. The full reports can be downloaded in PDF format from here: Is your browser putting you at risk?
So why isn’t everyone, yes every single PC user, utilizing better security techniques to help enhance their browser security? Today we’re going to take a look at two options for improving this all important area:
Ian (Gizmo) Richards first began lauding the advantages of sandboxing, and in particular a freeware called ‘Sandboxie’, almost a decade ago. Yet even today, so many users still insist on browsing the net while leaving their systems exposed. Virtualization software such as Sandboxie works by collecting all data generated during a particular activity into an isolated area/folder known as a ‘Sandbox’. This ‘Sandbox’ is maintained entirely separate from the system so anything malicious, such as malware, cannot possibly infect or affect the host machine.
Any program, executable or file can be opened or run in a sandbox, although Sandboxie is primarily utilized for: a) testing software – install and run the software in a Sandbox, perform all your tests, and then simply delete the contents of the Sandbox… and voilà, no sign that the software ever existed. b) browsing the net – simply start you browser inside Sandboxie and browse away till your hearts content. All data collected during the session, including any malware, will be isolated in the sandbox. If you wish to keep any files downloaded during the session, Sandboxie will present options to “Restore” those files to a folder outside the sandbox, otherwise just choose to “Delete contents” and everything will be expunged, as in gone!
And the best part is, Sandboxie provides the ultimate browsing protection while being extremely light on resources and very easy to use. Download is a mere 2.4MB, you can check out Sandboxie and download here: http://www.sandboxie.com/
I openly admit I don’t utilize Sandboxie’s additional security as much as I probably should myself, but then again I’m mostly browsing around Daves Computer Tips, or collecting clips and images for articles. I tell you though, it sure comes in handy when I am checking out those ‘high risk’ sites so I can report to you guys, or when checking out relatively unknown software for testing and review.
In those cases where I am busy collecting clips and images for writing purposes and can’t be bothered with ‘restoring’ all the data I fall back to the second tier of protection:
2) Site Advisory Services
These services provide users with safety ratings for sites based on a particular criteria, usually from Green (safe – low risk), to Amber (caution – medium risk), and ultimately to Red (danger – high risk). Ratings will usually be proffered for sites you are attempting to visit as well as those included in search engine results. The efficacy of these services is heavily reliant on their levels of penetration and subsequent database sizes. Generally speaking, dedicated services such as Web Of Trust (WOT) and McAfee Site Adviser (MSA) offer ratings covering far more sites than the supplementary type services often included as an extra with security products, such as anti-virus. Yes, I know McAfee is also an anti-virus but McAfee has been involved in the site ratings game for many years while most of the others are much more recent players.
WOT’s drop-down scorecard:
WOT and MSA are arguably the leaders in the field, they are very similar yet quite different… allow me to further explain that apparent contradiction: MSA is primarily concerned with malware, the service pretty much discounts other aspects such as ethics, reliability and trustworthiness. WOT, on the other hand, treats those moral issues much more seriously, taking them all into account when assessing a site’s ratings. That’s why quite a few sites you find rated negatively by WOT may actually be rated Green by MSA. A conflict of opinion? No, it’s simply the result of two differing sets of criteria being applied. Both are available as add-ons for popular browsers. Please bear in mind that these types of services can and do make mistakes, ratings should be considered as a guide rather than gospel.
I actually use LinkExtend which takes the ratings from 7 site advisory services, including WOT and MSA, and places them all at your disposal in one neat drop-down menu:
That is the ratings for Daves Computer Tips; note that only the top two, WOT and MSA, actually provide ratings for the site. All the others have yet to make an assessment. That’s what I mean about sticking with those established and dedicated services which are utilizing a much broader database. LinkExtend also provides additional information such as a separate Kids Safe rating, Ethics ratings and Page Rank. Unfortunately, LinkExtend is available as an add-on for Firefox users only.
Another along similar lines to LinkExtend is relative newcomer Webutation which utilizes a combination of feedback from its own thriving community plus ratings from Google Safe Browsing, WOT, Norton Safeweb, and Website Antivirus. Webutation is available as an add-on for Firefox and Chrome. Webutation includes a rather unique option; nothing to install, simply drag the Webutation bookmarklet (available on the home site) into your bookmark bar to gain instant access to page ratings. So, if WOT and McAfee leave you undecided on a site’s safety, simply click on the bookmarklet link to quickly see what Webutation has to say… very handy.
So there you have it; Sandboxie provides the ultimate browser security, and with the addition of one or two respectable site advisory services you should be well and truly covered.