Bouncing around the web I ran into a reddit page from a user called “illCodeYouABrain” who while opening Firefox at times receives a message from Windows 10 (image shown link). I thought it was a little interesting but wanted to know for sure or rather what prompted Microsoft to create such a notification.
So apparently Microsoft has enabled a set of ‘Windows Tips’ that lets users who use Firefox and Chrome know that their Edge browser is safer. I do remember some news months ago about Windows 10 warning Chrome and Firefox users about battery drain related to those browsers and recommended using Edge instead. This notification of course most likely applies to those that have portable Windows 10 devices like tablets and laptops. My first reaction to it was just a simple “okay”. I can understand already how battery drain can be applied to Chrome and Firefox just from my own personal use of the browsers. Both have more features and having addons in any browser will equate to more battery use depending on the addons you like to use. Microsoft even supposedly performed an experiment to prove it. (video on left) I don’t know how trustworthy this would be and I have a lot of questions on the test itself but either way it would not surprise me for reasons I have mentioned latter.
The notification can at times popup when opening Firefox as well as Chrome; and, if anyone has seen this popup make a comment. Microsoft of course will only respond with rhetoric that coincides with the tone they use in the Windows 10 environment with words like “We want to provide easy information that can help our users enhance their Windows 10 experience.” I will add that you can change the settings for this feature if you open Settings => System => Notifications => Disable “Get tips, tricks and suggestions as you use Windows”
So where does this tip find its merit? Well NSS Labs performed a comparison of the 3 major browsers. Now I know Microsoft in the past has asked them to do studies and Internet Explorer has come out on top but apparently this time Microsoft had not commissioned this study. I have the results and read through them and this is the scoop.
The NSS test results were obtained from live testing where all browsers were subjected to the same set of social malware. “This test comprised 220,918 test cases that included 5,224 unique suspicious samples. Ultimately, 304 samples met NSS validation criteria and were included as part of the test.”
The Edge browser blocked a great 99% of the socially engineered malware (SEM) that was thrown at it. Now this is due to SmartScreen URL Rep and App Rep which are reputation based defenses that protect you from malicious links and downloads. Chrome and Firefox use Google’s Safe Browsing service. Just check the image (right) to see how the the others compared in this test.
There were 2 tests and the next one was in phishing protection, namely the average phishing URL catch rate for browsers over a 12 day period where Edge hit 91.4% while Chrome and Firefox also following closely. (image on left)
Security is important in all browser and Microsoft has been on the ball as far as security in concerned. It seems Edge is pretty secure. Now will these result make you want to switch? Idk. Mozilla and Google have a good history of keeping their users safe. Now Edge is a Windows 10 only browser while Firefox and Chrome are available on PC, Mac, and Linux. Edge having less features and being less compatible being addon-less will of course make it more secure just on that point alone but I see changes little by little as Microsoft aspires to add more to the Edge browser. Overall??? Nothing beats user knowledge. The NSS report itself says this
“Users who are able to identify social engineering attacks rely less on technology for protection against such attacks. Technology will sometimes fail, but those users who can identify social engineering attacks will remain protected, regardless of the method used to attempt social engineering.”
which is something I always tell my own clients anyways.
If you wish to view some of the other data from the NSS report you can just continue reading. Whatever your browser of choice is just remember what was just said and know that YOU are the best protection against threats.
Other Tests Performed
There were other tests between the two categories of SEM and Phishing which I will show below.
Socially Engineered Malware
New threats are always an issue and will continue to be and so how fast your browser can respond to new threats is also important. This image shows how long it took for each browser to block a threat once it was introduced. The cumulative protection rates were calculated each day until the threats were blocked. “During the test, Microsoft Edge demonstrated a 98.7% zero-hour protection rate for malware. Microsoft Edge blocked 5.9% more malware than Google Chrome and 20.4% more malware than Mozilla Firefox. By the end of the seventh day of testing, Microsoft Edge was maintaining a 3.6% lead over Google Chrome and a 17.4% lead over Mozilla Firefox.”
“Figure 3 depicts the average time to block SEM samples for each browser.”
“Microsoft Edge required an average of less than ten minutes to block new SEM. At more than two hours and 39 minutes, Google Chrome had the next best average time to block. Mozilla Firefox took longer than three hours and 45 minutes to block malware.”
“Figure 4 compares the use of Google Safe Browsing API vs Microsoft SmartScreen.”
“Microsoft has invested significantly in its SmartScreen technology, which has constantly provided superior
protection for its users over time. When Google Safe Browsing API was first rolled out, it only offered protection against drive-by downloads and phishing sites. In response to the increase in socially engineered malware, Google added protection against SEM, which improved its block rate over previous NSS browser tests.”
“Throughout the test, new URLs hosting SEM were added, and URLs that were either no longer reachable or no longer delivering SEM, were removed. Figure 5 shows the consistency of protection of the tested browsers throughout the testing period.”
“Microsoft Edge had an average block rate of 99.0%; with its lowest recorded at 98.0%. Google Chrome had an average block rate of 85.8%; its lowest recorded at 50.0%. Mozilla Firefox had an average block rate of 78.3%, which was noticeably different than the 38.9% block rate it demonstrated at the beginning of the test.”
Masquerading as a legit entity to obtain sensitive info.
Equivalent data when referencing phishing attacks…
“Figure 2 depicts how long it took the browsers to block a threat once it was introduced into the test cycle. Cumulative protection rates are listed at the time of introduction, i.e., the “zero hour,” through the end of the test. Final protection scores for the duration of the URL test are summarized under the “Total” column.
“Initial protection from phishing sites ranged from 82.7% for Google Chrome to 92.1% for Microsoft Edge. Since both Google Chrome and Mozilla Firefox rely on the Google Safe Browsing API, their protection is almost identical.”
“Figure 3 answers the question of how long a user must wait on average until a requested phishing URL is added to a block list. It shows the average time to block a phishing site once it was introduced into the test set, but only if it was blocked during the the test. Unblocked sites are not included,…”
“The average time to block a site (if it is blocked at all) is 56.4 minutes. Microsoft Edge was significantly faster at adding protection in the earliest hours of a phishing attack than any of the other browsers. Google Chrome and Mozilla Firefox took more than one hour on average to block new phishing websites.”
Daily users visit a wide range of sites that change from time to time thus phishing links also evolve along with it and keeping the phishing links blocked is key. NSS tested some live hyperlinks every six hours. The percentages will be different from the link results because this test entails multiple tests of a link. So if a link is blocked early on this will improve the score while links missed continually will lower the score.
“Figure 4 shows protection at each of the 44 incremental tests of over a period of 12 days, and each score represents protection at a given point in time.”
“Google Chrome and Mozilla Firefox use the Google Safe Browsing API. The mean detection rates for these browsers is very close; however, Chrome lags behind Firefox in early protection.”