X
Tech

If you're concerned about security, look beyond the browser

My blogging colleague George Ou raised some interesting points in a post yesterday looking at security flaws in Firefox and Internet Explorer. Over the years I've come to the conclusion that counting bugs is a pointless exercise and that it's far better to limit the attack surface you present to hackers.
Written by Adrian Kingsley-Hughes, Contributing Writer

My blogging colleague George Ou raised some interesting points in a post yesterday looking at security flaws in Firefox and Internet Explorer.  Over the years I've come to the conclusion that counting bugs is a pointless exercise and that it's far better to limit the attack surface you present to hackers.

After years of tracking bugs in different browsers I've come to one conclusion - browsers are buggy.  No matter whether you carry the flag for IE or Firefox, it doesn't really matter because it's clear to me that after more than ten years of trying to come up with the perfect browser, no one has yet managed that, and my guess is that given the pace at which web technology is moving on and the pressure to make the web more interactive, the perfect browser is just as far away from us now as it was ten years ago.  George is spot on when he says that neither Microsoft or Firefox should be proud of their track record when it comes to security.  True, the fact that Internet Explorer 7 on Vista runs in Protected Mode gives me a little bit of a warm fuzzy, but I'm not kidding myself for one second that this is invulnerable.  I always look at the Internet with the same suspicion that I'd have for a cleared minefield - in other words, I tread carefully.

But there's more to keeping the bad guys out of your digital kingdom that counting browser bugs and fixes.  A real-world analogy would be putting all your resources into having excellent door locks but neglecting to even close the windows.  Rather than worry about which browser is the safest, I much prefer to limit the attack surface I offer to hackers and keep as much unnecessary software off my system as possible.

At the top of the list of software that I like to keep off my system is QuickTime.  In fact, I hate QuickTime with a passion, so much so that I only have it installed on one on my PCs (the one that has iTunes installed on it).  Another is RealPlayer.  Not only are these serious bug magnets but they are largely unnecessary.  I also keep browser add-on, toolbars and even security software to a minimum.  With large suites such as Microsoft Office, I now only install the components that I'll need - gone are the days when I select "Full Install."  Not only does keeping software to a minimum mean that there's less opportunities for the bad guys will be able to get across my moat, but it also means I have to deal with fewer updates and my system is more responsive because there's less running all the time.

Another policy I have is to only install the browser that I need - I've found that it's rare that I need all three browsers installed on a system. 

Thoughts?

Editorial standards