What browser is the safest from spyware?

For many of us a web browser is the most necessary program. Every day we need it at work and at leisure to read news or find required information. Of course, nobody wants that the most used software would be the most vulnerable. A browser is our window to the Internet – huge, but extremly dangerous world, so you need to make a well-consider choice. Let’s compare popular browsers and pick the safest one.

There are lots of different programs, but only few really good browsers exist. Windows users can choose between four products: Microsoft Internet Explorer, Mozilla Firefox, Opera and Netscape. Others are either shells (MyIE2, Avant Browser, NeoPlanet) or derivatives (Mozilla Suite, K-Meleon).

ActiveX and VBScript

It is not a secret that most spyware and other parasites infect the system using malicious ActiveX and VBS scripts that are able not only to affect the browser, but also to severely damage the entire system. Allowing these scripts to run may result in really catastrophic consequences. Internet Explorer is the only one that offers native support for ActiveX and VBScript. The both Firefox and Opera do not support them at all, and Netscape 8 runs code of trusted sites only. Naturally, script support can be manually disabled. However, the design of Firefox and Opera is a way more secure. Netscape 8 potentially may be affected. Internet Explorer is most vulnerable.

Design and security model

The browser design and technological solutions depend on supported platforms and integration with the operating system. Internet Explorer is an integral part of Microsoft Windows, Netscape uses IE engine and is almost the same. Multi-platform Firefox has independent open source architecture, its interface is based on the XUL user interface markup language. This means that parasites designed to infect IE have more chances to alter the Windows registry and affect the entire system than pests programmed exactly for Firefox or Opera. Compared by design and security model Firefox and Opera share the first place, Netscape 8 is second, Internet Explorer is last.

Cookies

Cookies do not possess any threat by themselves. However, certain their types like tracking cookies are able to monitor user activity in the Internet, collect information about his browsing habits and even steal confidential information. Browser doesn’t know what cookies are malicious, but its privacy policy can be configured. All popular products have effective cookie managing functions.

Pop-ups

Pop-ups, also as cookies, aren’t very dangerous. However, good modern browser should be able to fight undesirable pop-ups, which are often used by various adware programs and unsafe sites. Pop-up blocking is included into all browsers we compare. Different products use different pop-up blocking techniques, but all are effective enough.

Security flaws

Comparison based on the statistics of security vulnerabilities is the most reliable rating method. According our own information, Internet Explorer 6 is the most vulnerable browser. It has more than 60 security flaws, about 40% of them are extremely dangerous. Firefox is affected by almost 20 vulnerabilities, only few can be dangerous. Netscape 8 has only one, but critical bug. Opera has several security holes, none of them can be used for destructive attacks. (Note that Netscape 8 and Opera 8 are completely new products appeared in 2005).

Another important fact is a time period between the vulnerability has been discovered and successfully fixed. A browser with many flaws still can be considered safe if a vendor releases the necessary patch quickly enough. Apparently Microsoft doesn’t really care about fixing security holes: about a third of IE flaws still can be exploited. However, even the open source project Firefox faces serious problems: more than 30% of vulnerabilities didn’t get a patch yet. All current Opera and Netscape 8 bugs have been fixed.

Following links lead to official security advisories published by browser vendor:
Mozilla Firefox: http://www.mozilla.org/projects/security/known-vulnerabilities.html
Opera: http://www.opera.com/support/service/security/

We also recommend you to take a look on the statistics published by Secunia, the leading provider of IT-security services. This information is not absolutely precise, because one advisory may cover multiple vulnerabilities. Nevertheless, these statistics may help you to get the full picture.
Microsoft Internet Explorer 6.x: http://secunia.com/product/11/
Mozilla Firefox 1.x: http://secunia.com/product/4227/
Opera 8.x: http://secunia.com/product/4932/
Netscape 8.x: http://secunia.com/product/5134/

Conclusion

Compared by five criterions Firefox and Opera are safest from spyware. Netscape 8 is secure only when Firefox engine is used, otherwise its security level is not higher than IE’s one. Unfortunately, the most popular web browser Internet Explorer is extremly vulnerable to remote attacks, spyware and other parasites. We do not recommend you to use it for every day web surfing.
Consider switching to Firefox or Opera.