Did Google handicap malware defenses in Firefox and Safari?
In December a Google-funded security study slammed Firefox, putting Mozilla’s browser at the bottom of the heap when it came to protecting users as they surf. NSS labs quickly entered the fray to clarify some inconsistencies in the report and defend Firefox’s good name in the process.
NSS indicated that Chrome’s malware block rate had suddenly jumped to more than 50% right around the time that the original report was issued. Despite the fact that Firefox and Safari also rely on Google’s Safe Browsing API, their block rate remained stagnant at about 2 or 3%. Then, inexplicably, there was a dramatic swing in the days that followed the NSS Labs’ rebuttal. Chrome’s block rate dropped off a cliff, falling to just 20% — while Firefox and Safari’s rates more than doubled.
So what’s the story here? Did Google perform some behind-the-scenes trickery to give Chrome improved access to the Safe Browsing API and data that Mozilla and Apple simply couldn’t match? Google has informed ZD Net’s Ed Bott that no such tomfoolery occurred, and that people can simply checked the source code to see that’s true.
Trouble is, the code they’re referring to is the Chromium source code. While Chromium’s code is completely open, Chrome’s is not. That means there are certain bits of functionality in Google Chrome that you can’t see in their bare-code form. Unless Google’s Safe Browsing-related code ships in its entirety with Chromium, there’s no way to verify their statement.
However, when you look at Chrome’s sudden sharp drop and the jump from Firefox and Safari — and consider that they happen on exactly the same day in December — it seems more likely that Google was either testing things out in Chrome first (where they have full control over the code) before flipping the switch for everyone who accesses the Safe Browsing API. Either that, or there was a bug floating around that caused some unexpected behaviors that was subsequently squashed.
What’s your take on the NSS chart? Is Google up to something, or is it simply the result of Chrome using a different (and quite possibly superior) implementation of Safe Browsing-based malware blocking?
(Source: geek.com)
