Monday, 12 November 2012

Anti Phishing and anti malware protection In Chrome and Firefox

This is one of my assignment for one of the subjects I had. we were asked to compare one of security features of most recent version of Google Chrome and Firefox. It is not a professional comparison.

 Introduction
In this report we compare anti phishing and anti-malware features of the recent versions of two web browsers, Firefox 15, and Chrome 22. We also compare their advantages and disadvantages and their impact on the browsing experience.
What is phishing?

Phishing and malware

Web Forgery or Phishing is the act of attempting to acquire information such as usernames, passwords, credit card details, and sometimes, indirectly, money by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by e-mail spoofing or instant messaging and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

On the other hand, Malware, which is short for malicious software, is software installed on user’s machine often without user’s knowledge and is designed to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. Malware is a general term used to refer to a variety of forms of hostile or intrusive software. Malware includes computer viruses, worms, Trojan horses, spyware, ad ware, and other malicious programs.

Chrome vs. Firefox

Chrome is blocking phishing websites or malware in the following way. It periodically retrieves updates of two blacklists, one for phishing and one for malware, and will show users a warning message before users visit a site that is suspected of containing malware or phishing. This service is also made available for use by others via a free public API called "Google Safe Browsing API".

Chrome will typically allocate each tab to fit into its own process to "prevent malware from installing itself" and prevent what happens in one tab from affecting what happens in another. Following the principle of least privilege, each process is stripped of its rights and can compute, but cannot write files or read from sensitive areas, e.g. documents, desktop. For example, malicious software running in one tab is supposed to be unable to sniff credit card numbers entered in another tab, interact with mouse inputs, or tell Windows to "run an executable on start-up" and it will be terminated when the tab is closed. This enforces a simple computer security model whereby there are two levels of multilevel security (user and sandbox) and the sandbox can only respond to communication requests initiated by the user.

Google has also added some new security functionality to new version of Chrome. Every time that the user downloads a file, the browser will compare it against a whitelist of known-good files and publishers. If the file is not in the whitelist, its URL will be transmitted to Google's servers, which will perform an automatic analysis and attempt to guess if the file is malicious based on various factors like the trustworthiness of its source. If the file is deemed a potential risk, the user will receive a warning.

Firefox on the other hand has the same feature and technically does the same things. Firefox gets a fresh update of forgery sites a whopping 48 times a day, so if you try to visit a fraudulent site that’s pretending to be someone you trust; a warning message will stop you before any harm is done.

Firefox’s Phishing and Malware Protection works by checking the sites that you visit against lists of reported phishing and malware sites. There are two times when Firefox checks the phishing and malware protection database and web service. The first is during the regular updates to the lists of reporting phishing and malware sites. The list on your PC is automatically updated every 30 minutes or so when the Phishing and Malware Protection feature is enabled. The second is in the event that you encounter a reported phishing or malware site. Before blocking the site, Firefox requests a double check to ensure that the reported site has not been removed from the list since your last update.
Advantage and disadvantage

Since Google has indexed most of the website in the internet it is much easier for Chrome to have the phishing websites list to be very up to date. Another big advantage is that, whenever a phishing website is running on one tab, it does not effect on other tabs or operating system itself, because every tab is running in different so called jail. Firefox, however, uses Google service called “Google Safe Browsing API”, which is big disadvantage since it uses other rival browser creator technique.

The disadvantage of the Chrome’s way of dealing with phishing and malware protection is user concern of privacy. Every time a file is being downloaded chrome send the file and the website information to Google to check against its database of safe websites and sends back the information to the browser, which some users do not like that who are concern about their privacy.

The advantage of Firefox over chrome is that it does not send any user’s information back to anywhere like Chrome does, so users do not need to be worried about someone checking their files or information by sending back somewhere over internet.
Conclusion

Overall both browsers are doing the same thing to prevent phishing and protect users from malware files and phishing websites, however, Chrome has been proved that is doing slightly better than Firefox in protecting users from this security threat.

 References:








1 comment: