Opera 9.5 was released yesterday (June 12, 2008). Firefox 3 final will be released next Tuesday (June 17, 2008). Among the many new features that each browser is touting are beefed up security enhancements.
Both browsers now have mechanisms that enlist the help of your web browser to prevent a malware infection from known malicious sites, or fraud from known phishing sites. While browsers have offered phishing protection for a while, malware protection is something new.
How does it work?
Attempting to access a site with Firefox 3 that’s known to infect visitors with malware will offer a warning like this:
Accessing a known malware site with Opera 9.5 offers this warning:
The warnings are similar, and both serve to warn you’ve been blocked from a potentially harmful site. They allow you to continue, or return to your default homepage (malware sites will often break the back button functionality).
Opera partnered with Netcraft as the source of their advisories. Firefox partnered with Google (via stopbadware.org) for their advisories. One nice feature of Firefox’s warning is that you can get more technical information about the advisory by clicking the “Why was this site blocked?” button. An example below:
Warnings when attempting to access known phishing sites are very similar in both browsers.
Firefox 3 phishing warning:
Opera 9.5 phishing warning:
Again, both browser use a different source for their advisories, but display similar results. Except, in this case Firefox 3 does not display specific technical information about the site being blocked, but instead offers general information about phishing protection. While Firefox provides a distinctive warning for malware and phishing sites, in my tests Opera’s warnings were identical except for the URL.
How well do they work?
Through our work with malware removal in the forums, we have access to a lot of bad sites. My non-scientific testing involved trying to visit sites known to install the Zlob trojan, and known phishing sites.
Overall, I preferred Firefox’s solution better. The warnings were more obvious and offered more information. They also offered different warnings for malware and phishing sites. Opera fared better in blocking recent phishing sites in my test, but both performed horribly in blocking recent zlob trojan sites. In fact, I had to look hard to find sites that they would block. Much like virus and anti-malware scanners, the protection offered by these browsers is only as good as their databases.
While I commend browsers for recognizing that web sites have become an increasing source of fraudulent information and malware, modern infections and phishing groups change their URLs so often that I’m afraid their protection is more fluff than substance.
What’s your experience?
If you use one of these browsers, and have had a site blocked site, please tell us about your experience in the comments. Do you think browsers should offer protection against known malware sites?