Firefox, Chrome users more up to date than Safari and Opera

People who use Firefox or Chrome are more likely to be running the latest version of the software when compared against Safari and Opera users, according to Swiss security researchers. This is thanks to the browsers' auto-update mechanisms that are keeping the users of Firefox and Chrome as secure as possible with minimal user interaction.

Those who use Firefox and Chrome are inherently more up-to-date—and therefore more secure—than those who run Safari and Opera, according to researchers from the Swiss Federal Institute of Technology (ETH Zurich) and Google Switzerland. But it's not the browsers themselves that magically make people stay updated—it's their built-in mechanisms that automatically update when new versions are available. These mechanisms are keeping a large majority of their users secure, even if power users and admins might get antsy over their loss of update control.

Swiss Federal Institute of Technology researcher Stefan Frei and Thomas Duebendorfer of Google released a paper with their findings this week called "Why Silent Updates Boost Security" (PDF). In it, they note that only about 45 percent of Internet users were using the most secure browser version when visiting Google's Web servers. This, of course, is bad news—as many Ars readers know, Web browsers are increasingly used to target vulnerable users with viruses, malware, adware, and more.

This discovery prompted the researchers to further examine what kinds of users are the most secure, and they found that 83 percent of all active Firefox users were using the latest version. However, Chrome's "silent-update" mechanism made it the most effective of all—the researchers found that 21 days after releasing Chrome version (a version number that would surely not send most of us rushing to download), 97 percent of active Chrome 1.x users were using it. "This is by far the best update effectiveness measured for any of the four investigated Web browsers," reads the report.

Comparatively, browsers that don't stay on top of updates themselves performed poorly in Frei and Duebendorfer's analysis. Only 53 percent of Safari 3.x users had performed an update within three weeks of the update's release, and with newer releases of Safari 3.2.x, the update effectiveness was even lower. And Opera didn't fare any better. After three weeks of a new release, a maximum of 24 percent of active Opera 9.x users had the newest version installed. "It's a pity that 76 percent of Opera 9.x users currently don't benefit from the security improvements and new features of Opera versions within three weeks of its release," the researchers wrote.

Frei acknowledged in a post on his website, however, that while the silent update method may be the best for browser security, not all users are happy with the loss of control. Those who identify themselves as "expert users" are particularly sensitive to the loss of full control over what is installed on their machines, but it might be OK to let them deal with updates on their own. "Expert users don’t need to be excessively taken care by taking control over updates out of their hands. They supposedly know what they do and have the expertise to assess their risks in doing so," wrote Frei.

It's the regular old "ordinary" users who need the most help, he says, as there are more than a billion technically unsavvy people on the Internet with little-to-no protection other than the browser. "There is absolutely no need to confuse this class of users with unnecessary security decisions—which they anyway don’t understand," Frei notes. "I consider 'silent updates' the best solution for this group of users."

He concludes that the best option is for all browsers to include silent update options that are enabled by default, with the option for power users to turn it off. The large majority of users won't change the settings, while the remainder can customize their update preferences however they like. In the meantime, if you're a Safari or Opera user, what are you waiting for? Better go check to make sure you're up to date.

Source: ars technica

Tags: Chrome, Firefox, Opera, Safari

Add comment

Your name:
Sign in with:
Your comment:

Enter code:

E-mail (not required)
E-mail will not be disclosed to the third party

Last news

The NVIDIA GeForce GTX 1180 will be Turing-based with a 12nm FinFET die shrink
This only works on posts made by profiles that are public
The device will be standalone and based on a Qualcomm chipset
Apple plans on offering a cheaper smart speaker that will be priced at $199
Chrome will adopt a new approach to indicating site security
Data shows they are leading smartphone sale worldwide
Is this an error or it is really happening?
The Samsung Galaxy A5 (2017) Review
The evolution of the successful smartphone, now with a waterproof body and USB Type-C
February 7, 2017 /
Samsung Galaxy TabPro S - a tablet with the Windows-keyboard
The first Windows-tablet with the 12-inch display Super AMOLED
June 7, 2016 /
Keyboards for iOS
Ten iOS keyboards review
July 18, 2015 /
Samsung E1200 Mobile Phone Review
A cheap phone with a good screen
March 8, 2015 / 4
Creative Sound Blaster Z sound card review
Good sound for those who are not satisfied with the onboard solution
September 25, 2014 / 2
Samsung Galaxy Gear: Smartwatch at High Price
The first smartwatch from Samsung - almost a smartphone with a small body
December 19, 2013 /

News Archive



Do you use microSD card with your phone?
or leave your own version in comments (10)