vnunet.com analysis: Browser wars changing security game

A bevy of browsers is pushing the development of new security features

The re-emergence of the 'browser wars' between Internet Explorer, Firefox, Opera and Safari is changing the security landscape, say experts.

Competition and the newfound variety have created security advantages and disadvantages as attackers and malware writers adjust their attacks.

F-Secure researcher Sean Sullivan pointed out in a recent blog posting that the bevy of IE alternatives is having unexpected benefits for some would-be exploit victims.

"Many of the malware samples and scams that we currently come across are targeting browser applications," he wrote. "So enhancing browser security and an increase in competitiveness is a good thing."

Jamz Yaneza, senior threat researcher at Trend Micro, shared similar thoughts, noting that traditionally one vulnerability for one application was all a hacker needed to infect the overwhelming majority of users.

"I think this is a good thing," Yaneza told vnunet.com. "Given that Microsoft has 95 per cent of the retail desktop market, having a single browser means having a single exploit point."

But there is also a wave of innovation brought by the competition. The latest versions of Opera and Firefox employ new security tools to detect and warn users when known phishing and malware sites are visited.

The upcoming version of Microsoft's Internet Explorer is said to sport similar capabilities.

With the advantages of a more diverse browser base, however, there comes a new crop of security threats.

In order to adapt to a greater variety of browsers and operating systems, malware writers have created exploit frameworks such as NeoSploit and MPack.

The frameworks are able to identify the browser and operating system a visitor is using and then deliver a customised attack specifically targeted for that user.

The competing browsers also do not address some of the fundamental flaws in the way the web itself is built.

Dave Marcus, security research and communications manager at McAfee, told vnunet.com that some basic tricks still work.

"It depends in what side of the house you are looking at. IFrames work in Mozilla just the same as IE," said Marcus, referring to the practice of embedding iFrame tags in a compromised page which redirects the user to a malware download site.

Other malware tactics, such as social engineering with fake greeting cards or video codecs, will also remain a threat regardless of which browser is being used.

While the competition in the web browser market has brought noticeable benefits, experts ultimately see the safety of users relying less on the browser and more the person behind it.

"Though there are different browsers, there is enough money out there to be made that it doesn't matter what browser you use," said Yaneza. "But it does matter what you do with your browser."