A recent report has found that Internet Explorer is the most energy efficient of the leading browsers on Windows 8, a fact trumpeted by Microsoft on its Exploring IE Blog.
However, a look at the figures reveals that the differences are hardly anything to write home about. And the source report contains a more alarming fact – that websites using HTML5 double the power consumption of laptops accessing them.
The report, The Impact Of Internet Browsers On Computer Energy Consumption, was commissioned by Microsoft from the Fraunhofer Center for Sustainable Energy Systems in the USA.
Its conclusion is that Internet Explorer 10 increased the power consumption by the least amount on computers running Windows 8, when compared with the most up-to-date versions of Google Chrome and Firefox.
The results showed that internet browsing activity increases computer power draw by an average of seven to 13 percent on laptops and three to five percent on desktop systems, relative to an idle baseline figure.
On laptops, IE10 showed the least power consumption at an average 15.6W, while Google Chrome showed the greatest at an average of 16.6W. This is a difference of about 6.5 percent between the best and worst cases, but enough for Microsoft to claim IE10 as "the most energy-efficient browser on Windows 8".
That IE10 is the most power efficient on Windows 8 is hardly surprising, since the browser is an integral component of Microsoft's latest platform, which was itself developed with the objective of cutting power consumption on tablets and mobile devices. Meanwhile, other browser developers have complained about not having the same level of access to Windows 8 APIs as Microsoft's own team.
Microsoft states on its blog that that if every Google Chrome and Mozilla Firefox user in the United States moved to Internet Explorer 10 on Windows 8 for a year, they would save over 120 million kWh in electricity. However, the firm does not indicate how it arrived at this figure. Spread across millions of users, this also equates to savings of just a few pence on a household's annual energy bill, although it could prove significant for large organisations.
Perhaps more worryingly, the Fraunhofer report found that both HTML5 and Flash websites appear to increase power use significantly against the list of top 10 websites it used for testing.
"Most notably, the HTML5 benchmark test condition more than doubled the notebook power draw for all computers and browsers tested, while desktop power draw increased by approximately 50 percent. Computer power draw also increased for the one Flash and HTML5 website tested, increasing by approximately 50 and 20 percent for notebooks and desktops respectively," the report stated.
How much is a browser vulnerability worth? There's certainly good money to be made if the prizes on offer for disclosing exploits at this year's Pwn2Own contest are anything to go by.
The infamous hackathon held at the CanSecWest bash in early March will offer more than $500,000 in prize money to those able to confound browser security.
The largest prizes will go to contestants that can successfully compromise Google Chrome on Windows 7 or IE 10 on Windows 8 – either of which are worth $100,000.
That Google's Chrome features so far up the prize-money stakes may be down to its return as a co-sponsor.
Last year, Google famously withdrew its sponsorship offer for Pwn2Own, complaining that the competition rules would allow entrants to demonstrate hacks that defeated a browser's sandbox security feature, without having to share the full details of the exploit. It set up its own rival hacking competition in response.
At the time, Pwn2Own organisers, the Zero Day Initiative argued that the market value for sandbox escapes far exceeded the prize money on offer.
This year, the prize money has gone up, but it appears that Google's return to the fold comes at the expense of greater openness.
“Upon successful demonstration of the exploit, the contestant will provide HP ZDI a fully functioning exploit and all the details of the vulnerability used in the attack,” wrote Brian Gorenc, a security researcher at HP DVLabs, which oversees the ZDI team, one the blog announcing this year's competition.
In another change, a further pot of prize money will be allocated to contestants that demonstrate exploits via third-party plug-ins.
But will hackers be persuaded that the prize money is enough?
Last year's stand out team - the exploit writers from French security firm Vupen, who cracked Chrome in a matter of minutes - described the changes in terms and conditions as "frustrating".
But Chauoki Bekar, chief executive of Vupen told V3 it was likely that his team would be back - although it may consider going after different targets.
"For now, we have registered for all targets and depending on how many of them we are allowed to go after and on whether the full technical details and codes are provided by ZDI to the vendor or kept private for their internal research use, we will decide if we will pwn a specific browser or plugin, pwn them all, or do not participate at all," he said.
The change in Pwn2Own entry conditions was prompted by the increasing sophistication of exploits, said DVLabs' Gorenc.
“We do not believe that a lone bug is enough to fully compromise a target, given all the advances in mitigation approaches. Because we’re asking our researchers to disclose more than we have in the past, we have increased their compensation this year," he told V3.
01 Apr 2011
Demand for Firefox 4 shows no sign of slowing down after passing the 50 million download mark just 10 days after launch.
European web users lead the way with just under 20 million downloads, and the early signs suggest that Firefox 4 could become one of the most popular browsers ever released.
V3.co.uk has road tested Firefox 4 for desktops and the new Firefox for Android app, both versions impressing in the office.
Firefox 4 also continued to give Microsoft's IE9 browser a pasting when it comes to uptake. Mozilla's browser hot footed its way to 3.5 million downloads in just four hours, whereas IE9 took 24 hours to reach 2.35 million.
Firefox 4 passed the 40 million mark on 29 March, meaning that the browser has notched up another 10 million downloads in the past four days.
However, Microsoft has hit back at the download comparisons between browsers, claiming that they are misleading.
"Every browser has a mechanism for updating their users from a previous version of a browser to the latest and greatest. For IE9, it is done through Windows Update. In the case of FF 4.0 and Chrome 10 their update mechanisms are turned on as part of their initial release to web," said Ryan Gavin, senior director of Internet Explorer business and marketing, in The Windows Blog.
"We have yet to turn on any updating for any Windows customers who have not previously downloaded the IE9 Beta or IE9 RC. So, every IE9 download is from a customer actively seeking out Internet Explorer 9 and downloading it. No automatic update or in-product prompts."
Gavin also appeared to take a swipe at Mozilla's numbers, adding that Microsoft reports "completed downloads - not attempted downloads where a user may hit a download button repeatedly but without fully downloading IE9".
Microsoft has also been quick to add that IE9 has been installed on 3.6 per cent of machines running Windows 7, trumping IE8's figures a month after it was launched.
However, with IE9 available only on the Vista and Windows 7 platforms, many will be unable to use the browser, and it is likely to lead to Firefox seeing its global share increase.
V3.co.uk readers also favour Firefox over IE9, a whopping 45 per cent saying they would use the Mozilla browser compared to just 23 per cent for Microsoft.