Browser Security

Dch48 · August 31, 2009, 7:35pm

For all those who don’t think IE8 is a secure browser.
I was trying to download a torrent at IsoHunt and I got the beginnings of what I’m sure was a rogue anti-malware app. It started with the usual “Your computer might be infected,scan now” come on. The installation was stopped, not by CIS, but by IE8 which shut down the browser tab for what it said were security reasons. Now that’s what a browser should do. I have no addons to IE8 other than a couple of accelerators and Web Slices. CIS gave no popups even though a scan was started by the app in question.

Would the alternative browsers have done this?

system · August 31, 2009, 8:44pm

         [i]  Would the alternative browsers have done this?[/i]

Maybe not.

system · August 31, 2009, 8:48pm

But one has always to be careful with conclusions; lots of tests and testers around.

crysisfan · August 31, 2009, 8:50pm

Hi
CIS didn’t show any pop-ups probably because it was an ordinary flash animation, nothing malicious itself.

Best regards

Dch48 · August 31, 2009, 9:23pm

You’re probably right but my point is that IE8 recognized it as a malicious attempt and shut down the page. The Smart Screen Filter built into it is pretty good. After the fake scan that would have “found” numerous “infections”, there certainly would have been an attempt to make me download the rogue app. IE never let it get even that far.

Citizen_K · August 31, 2009, 11:19pm

Basically there are two sorts of rogue anti malware programs. The first group heavily relies on dirty techniques like drive by downloads that get easily detected as suspicious. The second group does not use suspect techniques but delivers a fake or sub mediocre product in an attempt to separate people from their money.

The second group may not get seriously flagged by D+ and when it is not in the av database it will pass.

Kyle142 · September 1, 2009, 12:50am

It also depends heavily on what rules you have set, Rogues can be quite difficult for security solutions to detect… As Eric said.

What other browsers could do this? Chrome, Opera, Firefox with WOT. Just to name a few
SmartScreen is a neat feature though

Endymion · September 1, 2009, 11:04am

Indeed URL blacklisting capabilities are already included in most browsers whenever it might look like something new.

As for Internet Explorer contributions, Internet explorer 6 it is still contributing a lot…

…but not to security and interoperability. :o

Dch48 · September 1, 2009, 7:32pm

Yes but my question really was, what browsers can do it in their “out of the box” default installation with no addons?

Citizen_K · September 1, 2009, 7:57pm

Opera has out of the box protection against malware provided by Haute Secure and phishing protection by PhishTank and GeoTrust.

For a read:

Endymion · September 1, 2009, 8:26pm

Indeed apart from lynx, also Firefox, Chrome and Safari perform URL blacklisting in their Out of the box default installation as well.

Though blacklisting is a mitigating factor it would be a tad reductive to score security accounting to that aspect alone.