Secure browsers offer alternatives to Chrome, IE and Firefox

The Web browser has been a major infection vector for years, allowing malware to be transported to millions of computers through phishing, man-in-the-middle, SQL injection and countless other attacks. But what if there were a way to stop this madness and secure the browsing channel itself?

The Web browser has been a major infection vector for years, allowing malware to be transported to millions of computers through phishing, man-in-the-middle, SQL injection and countless other attacks. But what if there was a way to stop this madness and secure the browsing channel itself?

There are several key things to look for. First is in understanding your existing browser. When you use Chrome, for example, you agree to let Google track your browsing behavior and offer up search suggestions, send them error reports, track your URLs, and lots more. They claim it is to help improve the user experience, but it also leaves you vulnerable to attacks and records your movements through cyberspace. So a replacement browser should offer some additional privacy components. (There are products that can be used to anonymize your browsing history and protect your identity when you surf online, such as TOR or ZipZap.)

Second, a new browser should be more secure by default and make it difficult for malware writers to inject their code onto your desktops. That seems obvious, but when you consider that the browser is just one piece of a very complex collection of tools, including malware targets such as Flash, Acrobat, Javascript, and others, it can be difficult to cover all the bases.

An active subset in this area includes numerous replacement browsers for Android smartphones, one of the up-and-coming sources of infections today, including products from AVG, McAfee, Opera, Orweb and Bitdefender. Another area includes endpoint security products that include better browser protection, including Bromium’s vSentry.

+ ALSO ON NETWORK WORLD The 10 most important milestones in Web browser history +slideshow version of this story.)

Finally, the better browser shouldn’t detract from the overall surfing experience: websites should look and perform the same as they do in the modern versions of Firefox or Chrome. There are alternative browsers that offer a subset of features and try to be more lightweight than the standard Firefox or Chrome browsers, such as Dillo, Lynx, Epiphany, Konqueror and others. (Watch a

We didn’t include any of the above-mentioned products in our tests. We focused on products that secure the typical desktop browsing session from transmitting infections to your desktop. We chose browsers that offered some balance of privacy protection and heightened security, although some fall more on one side or the other.

Click to see: Secure browser feature chart

Typically, these products offer one of two approaches: One way is they sandbox, virtualize or otherwise contain the browsing session via several different methods so that any Web pages or online content can’t reach the actual desktop that is being used to surf the Web. For this first approach, we looked at Spikes AirGap, Spoon’s BrowerStudio and Invincea’s FreeSpace. We also wanted to include WonTok’s SafeCentral, but they declined to participate.

A second approach is to replace the usual Internet Explorer, Firefox or Chrome browser software with a specialized browser that is locked down and has limited functionality. We looked at browsers from Comodo’s Dragon, Bitdefender’s Safepay, SRWare Iron and the open source Dooble that fit into this category.

Authentic8 Silo, our eighth product in this review, uses elements of both the sandbox and specialized browser approach.  

There are advantages and disadvantages to both approaches: the sandbox can offer more security, since the browsing session is isolated and whatever happens during the session is supposedly contained from the rest of the desktop computer. With some of the sandboxes, you can use your browser of choice, so you don’t forgo your bookmarks and familiarity with controls and plug-ins that you are used to using. The challenge is to ensure that the containment is complete and rock solid.

The replacement browser means that you suffer some loss of functionality in your quest towards better security. Some of them can’t deal with your existing bookmarks, or saving your site logins, or something else that you have taken for granted after using the same browser for many years. You also give up something else by using these browsers: whether it be Javascript functionality, surfing speed, or the ability to properly view certain complex websites. Also, you also can’t control how often these browsers are updated, which can be a mixed bag.

Most of these products are limited to Windows. (There are some Mac-only browsers, such as WhiteHat Security’s Aviator and OmniWeb, which we did not test.) AirGap is in beta for Mac OS 10.7 and Dooble is available for Mac and Linux machines in addition to Windows.

AirGap stands alone

We didn’t score the products because this is still a new area and the products are changing rapidly. None of these browsers is going to stop everything, and some don’t stop much more than a well-configured standard browser. But AirGap stands out. It was the only product that was always able to block downloads of executable files and still provide a solid level of HTML5 support. Its innovative use of virtualization technology was interesting. The downside is that there is some latency introduced into the browsing session as your bits travel across the Internet.

A second browser worth a closer look is Invincea’s FreeSpace. Because it sandboxes your existing browsers, you may want to go this route if your users run a variety of browsers and don’t want to switch to a new browser with fewer features. Administrators can block downloads (or allow users to choose) by setting an optional switch.

While each of these products has their merits, you can still pretty easily defeat their security measures. One way for end users to thwart IT’s efforts to deploy these alternative browsers is to simply continue to use their existing browser. So, for this to work in an enterprise setting, IT administrators will need to remove the end user’s original browser and try to convince the user not to download it in the future.

Second, your browsing history and other online tracks aren’t helped if you continue to use Google or Bing for your searches, no matter which browser you bring up. Nor does it help matters if you login to your Google or Microsoft accounts automatically every day.

You might want to try alternative search providers such as DuckDuckGo, which doesn’t store your search history. DuckDuckGo doesn’t have as complete an offering as Google (it added a link recently to Bing and Google image search, for example) but it can be a nice substitute for those concerned about their privacy footprint. SRWare uses this search engine by default, which is a nice touch.

Third, if you are still using an email client such as Outlook, you depend on its protection to keep any infected emails from polluting your system. None of these tools will help you if you click on a phished email or are using an older version that doesn’t have as solid protection.

Click to see: Browser comparative chart

Here are the individual reviews:

Authentic8 Silo: Sandbox/Secure Browser Combo

Silo has an interesting combination of both the sandbox and customized protected browser technologies. The sandbox feature happens because Silo connects across the Internet to a Linux machine (in Seattle, according to our tests), so supposedly you aren’t going to download anything to your own PC. The customized browser uses the Firefox v25 code base and encrypts your particular browsing session. And it has additional automated sign-on features that can be used across work teams as well, so you can bring up your browser and have everyone on the team open the five or 10 windows that you normally need to connect to begin your workday. That is a useful feature.

When you first bring up a browsing session, you are asked for a four-digit PIN, which you enter on a virtual keyboard screen that is designed to thwart keyloggers. You are then taken to a stripped-down screen that has just a navigation bar and a small menu of commands. You can’t import your bookmarks and it uses Google as the default search engine, which can’t be changed.

Silo’s admin console has the ability to set various policy options, including being able to block any downloads, or enable them for trusted devices, or allow them completely. This is a nice feature. Silo also managed to detect our various malware sites and phished emails in our browser.

Its HTML5 score was roughly in the middle of the pack: not the worst and not the best at resolving various features. Our check of components showed it was using Adobe Flash 11, which is the current Linux version.  

It is the only browser that we tested that comes with the ability to use additional two-factor authentication as an option. Like the two-factor features of Google, LinkedIn and other sites, it texts a code to your mobile phone for you to enter before you can bring up a browser session. Or you can allow specific desktops to be trusted to avoid this dialog.

Silo costs $10 a month or $100 a year per desktop.

Comodo Dragon: Free tool from established vendor

Comodo is a long-standing endpoint security vendor and has a free browser called Dragon based on Chrome v31. It scored highly in the HTML5 compatibility tests. It is moderately secure and has some privacy features as well. When you install it on your desktop, it also takes the liberty to install a version of Adobe Flash. There is also an installation option to make use of Comodo’s own secure DNS services just for the browsing session, or for all of your desktop apps. Given the increasing number of malware using DNS exploits, this is a nice touch. Finally, you can import bookmarks, history, passwords and search engine preferences from existing browsers.

It shares the same settings sheet as most Chrome-based browsers, and the Yahoo search engine is installed by default. Two important quibbles: neither the version of Chrome or Flash is the most current, at least according to our Qualys-based check of the components. The browser has a couple of cool features for sharing content across social networks, but is otherwise as sparse in the visible menu controls as the typical Chrome ones.  

Dragon didn’t stop executable files or PDFs from being downloaded to the desktop, but it does come with several tools that can help improve your security posture, if you remember to use them. There is a Webinspector tool that can help determine if a URL is suspicious or from a phishing site, although it didn’t recognize the phished webmail that we had received. And there is the PrivDog sidebar widget that can further secure your pages: it has controls for blocking third-party cookies, web tracking code, untrusted ads and other browsing habits.

You can enable or disable each of these categories if you want further granularity or if it complains too much about the pages that you actually want to view. Given all these controls, it isn’t surprising that we couldn’t find any malware that executed on our desktop, although some code was visible in the browser screen.

Comodo is a nice middle ground covering both security and privacy controls: while it isn’t the most capable on either metric, it is noteworthy in that it comes from a major software vendor.

Spikes AirGap: Sandbox to the max

Of all the products in this test, AirGap is the most unique and the most capable in terms of security. It is a sandbox approach like Silo’s, only more so. AirGap runs a virtualized session on another machine across the Internet, in this case a Linux-based VM in California, according to our tests. The VM renders the content and converts it to pixels that are compressed and streamed to your desktop, so any malware or other bad stuff is rendered useless since there is nothing to actually execute on your own machine. Every user session has its own virtualized session and even every browser tab has its own session and is isolated from the other tabs. That has a lot of appeal.

AirGap was the only product to refuse to execute everything on our local desktop by default, but it did so quietly and somewhat clumsily, without any notification to the user that it was being blocked. The vendor promises in a future release that it will support better notification, and also allow network administrators to unlock downloads if they really want them, which is what FreeSpace and Silo offer.

AirGap is based on Chrome v25 code and is somewhat behind in terms of using the current version of Chrome and an older version of Flash too, at least according to our tests. Its HTML5 score was in the middle of the pack, perhaps an indication of the age of its Chrome base.

Enterprises have some choice when it comes to deploying the master VM rendering engine: we used one in Spikes’ cloud that was available for testing, but you can also deploy the VM on your own hardware.

The biggest downside for AirGap is the slight delay it has in using the protected browsing session. While we didn’t measure this, it is noticeable. Spikes otherwise has done a solid job at keeping performance close to what you would expect. AirGap also lacks any browser controls or settings, which could be a blessing for harried network administrators.