The recent onslaught of internet browsers to hit the market is a boon for user security according to Tim Callan, a product marketing executive from security firm Verisign.
In an attempt to generate unique selling points and stem the growing tide of personal information theft, many of these companies are including more robust and easier-to-understand security features.
"It's got to be a really dynamic time for browser security and browsers in general, which we applaud," explained Callan in a recent interview with The INQ.
"As the browsers get better, that's only good for the consumer, that's only good for online business, it's good for online economy in general and it's very much the right thing to be happening for all of us."
Callan went on to highlight the certificate handling aspect as a great example of this trend.
"If you look at older browsers, there were a lot of certificate handling gaps in the optimal way of doing things, for instance the low amount of significance given to an expired certificate or domain mismatch situation or an untrusted route," lamented Callan.
He explained that in these cases, users would usually be presented with an innocent looking dialogue, but most wouldn't understand the significance of just accepting the warning and moving on to the site.
He feels the new range of applications do a much better job of informing the end user about the security of the sites they are using.
Features such as bolder and easier to understand warning messages, the green address bar when the site has been verified as secure, along with the classic padlock and the domain highlighting to help avoid phishing sites are all new features that can help ensure that everyone is more protected and has a better understanding of the dangers that plague the internet.
"They have very strong, bold treatment of a certificate problem," he said. "They've gotten much better at saying 'this is something you need to be concerned about'."
Callan said that browser makers have finally got over the implicit assumption that everyone going on to the internet was some kind of "computer intelligencia."
He believes that the fierce competition between browser vendors has helped with front and back end security. For instance, the new beta version of Internet Explorer 8 can detect some types of cross-site scripting.
This is important, because these developers are no longer leaving these back-end issues to the web site developers or hosts, but are instead trying to the best they can to detect and prevent these exploits on the client side.
Callan acknowledges that there are still flaws in the security of all the browsers, but he is also quick to point out that the two most talked-about at the moment, Microsoft's IE8 and Google's Chrome, are both still in beta.
Furthermore, users should not rely solely on their browser to keep them secure online and should exercise common sense when shopping or divulging personal details on any site.
"This browser renaissance we've seen in the last two years is really terrific and we hope it maintains itself for quite some time," concluded Callan. µ
Browser wars good for security
By Ian Williams on Sep 9, 2008 9:51AM