Mozilla has responded to Microsoft’s new browser security test site by claiming it lacks some key comparisons.
Microsoft launched its new YourBrowserMatters.org site earlier this week to highlight the risks of running an old browser. The company revealed that around 340 million PCs worldwide use an outdated version of their browser software. YourBrowserMatters.org serves as a portal for end users to test their browser security. Microsoft ranks each browser from 0-4 on a scale system. The ranking system uses data from various third parties to asses the important aspects of browser security. The site also encourages users to upgrade to the latest version of their browser.
Mozilla isn’t too impressed with Microsoft’s new site however. “Mozilla is fiercely proud of our long track record of leadership on security,” said Johnathan Nightingale, Mozilla’s director of Firefox engineering, in an email to ComputerWorld. “We believe that being safe on the Web means having a robust browser that defends against malware and phishing, includes new technologies to help sites and users secure themselves, and a responsive security team that gets security updates out quickly and reliably.” Nightingale believes Microsoft’s tests lack some key comparisons. “[It] is more notable for the things it fails to include,” said Nightingale, highlighting three missing factors. Microsoft’s site does not test for HSTS, Do Not Track and patch response time.
HSTS (HTTP Strict Transport Security) is a proposed web security policy that allows websites to instruct browsers to connect via an encrypted link. Mozilla’s Firefox browser and Google’s Chrome browser both support HSTS. Microsoft has not yet announced any plans to support the unapproved standard. Nightingale also cites Microsoft’s lack of comparisons on “Do Not Track” technologies. The feature allows users to prevent websites from storing tracking cookies on their machines. The third criticism of the test is over Microsoft’s patch response times. The software maker patches Internet Explorer flaws every two months and Mozilla updates its Firefox security every six weeks.