Google has recently funded a research, which identified Chrome as the most secure web browser and Firefox the least. The reputed security firm Accuvant, which counts Charlie Miller as one of its Research Consultants, carried out the research. Charles Miller was the first to find vulnerabilities in the iPhone and Android G1. He has also been winning the CanSecWest Pwn2Own for the last four years. That makes him quite the guy for this kind of a research.
This research puts Google Chrome at the top, which has stayed unbeaten at Pwn2Own. Google funded this research knowing it will emerge at the top. Then, what was the real objective of this research? Of course, it was not about re-establishing facts. This research was aimed straight at Firefox.
Firefox has been the browser of choice for a majority of people. When Google Chrome started out, Firefox had a decisive user share. However, now, that Google Chrome is rising and has overtaken Firefox, Firefox is no more than a threat to Google Chrome. The only reason for conducting this research was to try to get people off the Firefox bandwagon. With most of the Internet using Google Chrome, Google would have a decisive control over the way people use the Internet.
The browser-security comparison results are available at this page with the following description:
The Accuvant LABS research team completed an extensive security evaluation of the three most widely used browsers Mozilla Firefox, Google Chrome, and Microsoft Internet Explorer to determine which browser best secures against attackers. The team used a completely different and more extensive methodology than previous, similar studies. They compared browsers from a layered perspective, taking into account security architecture and anti-exploitation techniques.
Accuvant has also pointed out areas where Firefox can improve its code base. Mozilla’s Director of Engineering Jonathan Nightingale has responded to the research saying,
Firefox includes a broad array of technologies to eliminate or reduce security threats, from platform level features like address space randomization to internal systems like our layout frame poisoning system. Sandboxing is a useful addition to that toolbox that we are investigating, but no technology is a silver bullet. We invest in security throughout the development process with internal and external code reviews, constant testing and analysis of running code, and rapid response to security issues when they emerge. We’re proud of our reputation on security, and it remains a central priority for Firefox.