Thursday, 5 September 2013

Future Browsers Will Protect You from Spying

Internet browsers, chrome, firefox, internet explorer, safari, opera

Now that most major Web browsers have similar features, users are looking instead to security and privacy features to determine which program they'll use.
Security firm Sophos, which operates out of both England and the United States, is currently running a poll where users can select their favorite Web browser. At present, Firefox is in the lead, with Chrome a distant second, but the poll itself is not nearly as interesting as the reasoning behind it.

The most secure browser

"Where you choose to put your faith is a big deal because everything you do on the web passes through your browser," wrote Mark Stockley, the poll's overseer. "It goes everywhere with you in the virtual world and, more often than not, it knows exactly where you are in the real world too."
Stockley also pointed out that browsers do not exist in a vacuum — if you trust a browser, then by extension, you trust its manufacturer.

Trusting a software giant like Apple, Google or Microsoft has never been easy, but it'seven less so now in light of the U.S. National Security Agency's (NSA) PRISM program, which can tap into user information that those big companies provide.
Browsers like Internet Explorer, Firefox, Chrome, Safari, Opera and others have gotten to the point where there are few major differences in how each program displays online content. Instead of worrying about which browser has the fastest page load times or the most options for video playback, users want to know how safe their information will be.
"Right now, the choice of a user's browser has a significant effect on security and privacy," Dan Auerbach, a staff technologist for the Electronic Frontier Foundation advocacy group, told Tom's Guide. He highlighted some of the security features of each. "If you use Safari, you block third party cookies by default, which greatly enhances your privacy," Auerbach said.

Chrome, on the other hand, has a number of useful security features, but Google itself might prove a risk. "[Chrome] does not seem poised to offer users greater privacy given Google's deep ties to an advertising industry which has been resistant to make changes that help user's privacy," Auerbach said.

On the other hand, Auerbach had nothing bad to say about Firefox. "Firefox offers a good array of security and privacy features, and a great amount of flexibility for power users to customize their browser," he said.

The future of HTTP

Everyday users are not the only ones looking to the future. The Internet Engineering Task Force (IETF) is a collection of activists who want to improve the Internet from a design perspective. Security is one of its hallmark issues, and it recently proposed a way to make a more secure browser.

At present, most Internet sites work through Hypertext Transfer Protocol (the http:// you see at the beginning of a Web address), which allows the transfer of data to a remote location (like a website through a browser, for instance). HTTP is incredibly useful, but not very secure, as the data on these pages is unencrypted and accessible by anyone.
Hypertext Transfer Protocol Secure (HTTPS) is a much safer way to access the Internet, as it provides two-way encryption that protects both the website and the user accessing it. However, the IETF pointed out that at present, only a website administrator can choose to implement HTTPS — users have no say in whether to use HTTP or HTTPS on any given website.

The group proposed that websites should adopt a system known as HTTP 2.0, which is currently in development. This system uses Google's SPDY system (it doesn't stand for anything, but it sounds like "speedy"), which offers both user- and server-side encryption for Web pages.
Auerbach believes that such a system might provide a much more secure online experience, regardless of browser. "Will HTTP 2.0 require encryption, as SPDY does?" Auerbach asked. "If the answer is yes, then yes, this will greatly improve the security of the Web." Users can also use HTTPS on a large number of websites by downloading various plugins for Firefox and Chrome.

Until then, users will have to take responsibility for their own Web security. You've probably heard Auerbach's suggestions before, but they're still good ones. "Be wary of anything you download and run," he said. "Use HTTPS as much as possible … Turn off Javascript … Do not re-use passwords."
"This will be disruptive," Auerbach warns, but until the future of Internet browsers arrive, the present is still rife with potential dangers.


No comments:

Post a Comment