Over the last several months, we have come across numerous privacy and security threats that target individuals and the primary source of these threats are how users choose to interact with the Internet services using their web browser applications. Web browser encryption and security standards continue to evolve and become more advanced with each passing day and so does the level of intelligence of attackers and sophistication of their attacks.
Too much Browser Privacy could impact Security
Even though words like privacy and security are often used interchangeably in the context of cybersecurity, both of them have two completely different meanings.
“Many people believe privacy and security are very much the same things but they’re actually quite different,” said Chester Wisniewski, Principal Research Scientist at Sophos, when he spoke exclusively to us.
Our interaction primarily revolved around security and privacy when it comes to some of the most popular web browser applications. There are five major web browser applications: Microsoft Edge, Google Chrome, Apple Safari, Opera and Mozilla Firefox.
Firefox has rolled out DNS over HTTPS as the default protocol starting with the U.S. It also prevents Facebook from tracking users using a container extension. The browser has also upgraded the security of the Lockwise password manager.
During our interaction, Chester and I touched upon a very interesting topic of how Mozilla has always been extremely vocal and proactive about its focus towards user privacy whereas Google, on the other hand, delivers updates without taking ‘moral’ stances.
According to Chester, both Google and Mozilla are taking bold stances but on different levels. While Google’s focus remains on dropping support for old web standards and pushing new standards to improve security, Mozilla’s approach is pushing the forefront of privacy.
“Google is very much focused on the coding and the security and Google thinks everything can be solved technically with an algorithm, and it’s clear how they’ve handled Chrome security. Mozilla, on the other hand, has been privacy-focused more than security-focused.”
Google Chrome 81 automatically upgrades Mixed content to HTTPS.
Chrome is more Secure browser while Firefox is more Private
Well, ensuring privacy means one thing: You don’t want to share information. But not sharing information about what you’re doing, in turn, poses a different challenge altogether.
As a security expert, if you don’t share information about what you’re doing, it’s difficult for me to protect you as well. So sometimes security goes down when privacy increases because if I don’t know what website you’re going to I can’t block it if it’s bad. So there’s always a trade-off between privacy and security.
Although Chester believes Chrome is more secure and difficult to attack than Firefox, he also acknowledges the risk to user privacy is far greater than the risks of people attacking web browsers applications.
“There’s a choice that people get to decide which things are more important for them. At the moment, the risk to our privacy is far greater than the risks of people attacking our web browsers.”
Chester explains Google wants to show you ads so you’re probably not going to have as much privacy using Chrome. Mozilla, on the other hand, is a non-profit foundation so they may care more about user privacy.
It also means Mozilla doesn’t have as much funding. So, Firefox may not always be on the cutting edge of delivering new things. As a result, there’s a lot of balance in security and privacy when it comes to Chrome and Firefox, respectively.