Tip

Opera: Another contender in the browser wars

Opera Software has removed the adware banners and licensing fee from version 8.5 of its browser. This makes Opera a viable competitor to Firefox and

    Requires Free Membership to View

Internet Explorer (IE), and provides organizations one more option in the search for a secure Web browser.

The numerous features in both Opera and Firefox browsers highlight how Internet Explorer has aged in recent years, and with IE's reputation for being vulnerable to attack, many organizations are looking at the alternatives. When compared to IE, Opera and Firefox have a reduced attack surface. They support fewer Microsoft related features, such as ActiveX. That's not to say you can't get spyware or other malicious code when using Firefox or Opera, but the risks are greatly reduced. Also, neither is as tightly integrated with the operating system as IE, so there is less chance for an exploit to use the browser as an interface into the underlying OS.

Commercial vs. open source

Opera is a commercial product with a large feature set. It is well designed and has an intuitive interface. On the security front it includes anti-phishing technology, support for security protocols, visual feedback on security levels and automatic checks for security updates.

Firefox is an open-source product from the Mozilla Foundation. Nearly 700 extensions have been written to extend the capabilities of the browser. However, this extension framework is regarded by some as a potential threat and has led to some criticism after it was discovered that hackers could potentially take control of a user's computer through a particular extension. Opera, on the other hand, has no extension framework. While this could be considered a security advantage, it limits the extensibility of the product.

MORE INFORMATION

Security expert Ed Skoudis asks, Is it time to ditch IE?

Learn about the security options in Firefox and how they compare to Internet Explorer's

 

Both Firefox and Opera have good reputations for releasing fixes quickly. It is a personal choice whether you prefer software from a commercial company or a community of volunteer coders who actively review and develop the product. Probably the best way of gauging a product's security is by seeing how newly discovered vulnerabilities are dealt with by the vendor. Secunia is an IT-security company that monitors vulnerabilities, and you can see their vulnerability reports for Firefox and Opera.

IE is the most widely deployed browser so most exploits have targeted it, but this may change as other browsers gain in popularity and use. Microsoft has made significant security improvements to IE with the release of Service Pack 2 for Windows XP, but many of these improvements aren't available for earlier Windows systems.

Opera and Firefox's perceived edge in security comes with the drawback of fewer features and a possible inability to access some Windows-based Web applications. In larger organizations it may be unrealistic to not use IE at all, especially if users must access servers that employ the features it supports over an internal network. One possible solution could be to reserve IE for internal sites only.

Remember, no browser is foolproof. Regardless of which one you choose you still need to put in place network security such as firewalls, antivirus and anti-spyware to detect and block malicious code that arrives through the browser.


This was first published in November 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.