True story, I’m not a Google employee making this up.
To prove it there’s the fact that it was the only browser that survived the 3-day pounding at this year’s PWN2OWN competition. The competition, sponsored by TippingPoint Technologies, awards a prize for each vulnerability found on various internet browsers. All the other contestants (Firefox, Internet Explorer and Safari) fell miserably during the first day.
The first one to fall was Safari on a Macbook, in just under 10 seconds. Charlie Miller used a prepared exploit to crack it wide open, which allows a remote attacker to gain control of a machine by having a user click on a single malicious URL. He had already won the competition last year, and even predicted that Safari would be the first to fall this year:
It’s an easy target.
It might be because I’m biased about the things I’m good at, but it’s the easiest browser [to hack].
The result: he walked home with $5.000 and the Macbook he pwned.
On the same day, a 25 year old computer science student at the University of Oldenburg in Germany by the name of ‘Nils’ demonstrated exploits for Internet Explorer 8, Firefox and Safari, winning him $15.000. Firefox has since fixed the vulnerability found by ‘Nils’, with it’s 3.08 release. No word on the others, though…
The only browser left standing was Google Chrome. According to Charlie Miller, it’s just harder to compromise:
There are bugs in Chrome but they’re very hard to exploit. I have a Chrome vulnerability right now but I don’t know how to exploit it. It’s really hard. The’ve got that sandbox model that’s hard to get out of. With Chrome, it’s a combination of things — you can’t execute on the heap, the OS protections in Windows and the Sandbox.
I might have this bug and I might be able to get code execution. But now you’re in a sandbox and you have no permissions to do anything. You need another bug to get out of the sandbox. Now you need two bugs and two exploits. That raises the bar.
This doesn’t mean Chrome is completely secure. It just means it’s more secure than all the others… Add that to the fact that its market share is quite small, and that makes it even safer, because the amount of hackers targeting it is not that big.
Chrome has been my favorite browser since it was released. It doesn’t have all the bells and whistles of Firefox (extensions being the most significant piece missing), but it’s faster and better at memory management. It also has a cleaner interface and some nice features that are actually time-saving (the most-visited websites when a new tab is opened and the ability to search other websites from the url bar are 2 that come to mind). Internet Explorer doesn’t even deserve a comparison, and as for Safari… this is a lesson for all the Macs-are-the-best-and-all-the-rest-is-crap zombies.
I always like to use the best of what’s around, and for Internet browsing, that’s Google Chrome right now.
Recent Comments