How Modern Browsers Keep You Safe (Without Telling You)
Summary
-
Modern browsers block malware using constantly updated black lists and ML analyzes in real time.
-
The tabs run in sandboxes with site permits, so that a compromised page cannot infect other tabs or your system.
-
The browsers have automatically updated, prefer HTTPS and offer forks focused on confidentiality like Librewolf or Tor for stronger confidentiality.
Occasionally, you may have seen a red warning from your Internet browser when it blocks access to a potentially harmful website. Blocks like these are only one of the many, many safety measures, modern browsers have in place to ensure you online.
Browsers block malware before loading
In the first days of the Internet, browsers like Netscape Navigator and Internet Explorer had only minimal or even none. This is why the spread of malicious software and phishing scams was much more common at the time.
Today’s browsers make the internet a much safer place than it was in the past. Google keeps a database constantly updated from malicious URLs by scanning each site to which it can access. This feature is called Google Safe Navigate.
Firefox, brave, chrome, safari and others use this database to warn you when you try to access one of these blacklist URLs. Microsoft retains its own version of this database called Defender Smartscreen, on which Microsoft Edge relies.
The database and analyzes run locally on the device, and browsers recover and automatically put their local lists several times in an hour. Before loading an URL, the browser checks it in relation to the huge list of dangerous URLs and only loads the website if it is safe.
Google constantly scans billions of URLs for phishing sites (false clones of real websites designed to steal your sensitive information). Automatic learning algorithms are looking for signs of shaded design and behavior in real time and suspect websites in real time.
Sandbox tabs
“Sandboxing” An application allows it to be carried out in a secure environment where it cannot affect the user space or the network. If you suspect that an application has malware, you can test it in a virtual machine. An isolated virtual machine would become a sandbox where the application cannot access or infect the real system.
Modern browsers do something similar with the tabs. Each new tab you open in its own limited sandbox. Each of these sand trays is contained with strict restrictions and authorizations.
This is why you can adjust cookies and other site authorizations individually for each site you visit. You must manually give access when a site wishes to access your location or your camera, for example.
Even if a tab is exposed to malicious software, it is limited to this tab only. The sandbox does not let it spread on other tabs or your local files on the system.
Before the navigators adopt this sand architecture, all tabs and extensions operated in one whole process. If a tab was infected, it would crush the entire browser and even compromise your entire system.
They automatically correct vulnerabilities
Internet browsers update much more often than other types of software, even if you rarely see the browser to update itself. At most, you will get an prompt to restart the browser after installing a new update. Indeed, the browser updates occur in the background, every two or four weeks.
The major updates provided with new features or upgrades are deployed each month, but between these major updates, browsers frequently obtain security fixes.
The reason why browsers need so many security corrections is that the vulnerabilities of these applications are constantly appearing. For example, you can find thousands of chromium -open bug reports (the browser that feeds brave, chrome, edge and others) on the chromium problems monitoring page. . The Mozilla safety page follows the safety fixes advanced for vulnerabilities in Firefox.
But why do browsers have so many vulnerabilities and bugs in the first place? The answer is not an error of the developer (although it is sometimes the culprit); This is because browsers are incredibly complex.
Browsers must execute code in many different languages and not only make web content, but provide a lot of additional features such as password managers and extensions. These are mainly tiny operating systems with millions of lines of code, including third -party APIs. Bogues and vulnerabilities are fundamentally inevitable.
At the start of the internet, browsers had to be updated with physical support, such as a disk or a CD. The companies themselves have not pushed the fixes for security vulnerabilities all this often. Modern browsers are much safer due to the automatic updates I mentioned and advanced bug bonus programs.
Your connections are automatically improved in HTTPS
There was a time when most of the data sent on the Internet were not encrypted at any time. Anyone with access to your network can “sniff” your internet data packages. They would not only know which websites you have visited, but also what you do on the website.
Although it is now largely deleted, the hyper or HTTP text transfer protocol is the way your browser and your servers were talking. Your browser would send an HTTP request to obtain a file from a server, for example. The HTTP demand was just a lot of text specifying exactly what the browser was looking for. Then the server would respond with the content that your browser required: HTML code, image, text or other files.
Since no step has been encrypted, an attacker could intercept exactly what you ask and what the server returns, including sensitive information such as connection identification information. They could even alter what the server has returned.
Hyper secure text transfer protocol or HTTPS has set this vulnerability. The request and response between the site and the browser are now encrypted and kept private. If an URL starts with https: //, and you see a locking icon next to the loaded URL, this means that the established connection is secure.
With HTTPS, no one can spy on data packets in transit, even if they are connected to the same network. The maximum they can see is which websites you visit, but not the data sent in both directions.
Even if HTTP is now being deleted and HTTPS is almost everywhere, you could end up clicking on an old HTTP link at some point. Modern browsers are designed to “prefer” HTTPS connections so that they automatically redirect the URL to HTTPS. If the HTTPS alternative is not available and the browser must fall back on HTTP, it warns you that the connection is dangerous.
Freewolf is a modified version or “fork” of the standard Mozilla Firefox browser. This browser, and others like this, are aggressively configured to make the browser as private and as secure as possible.
For example, it deactivates all telemetry and data collection on the browser side, includes features to minimize the fingerprints of the browser, deletes the functionality and services of Mozilla which are not necessary for basic features, HTTPS forces on all connections, automatic line cookies, etc. Compared to the parameters outside the box and the features of Firefox, Freewolf is much more user -friendly.
There is another version of Firefox called the TOR browser which connects to the Tor network – a decentralized version of the Internet where users are functionally anonymous. The TOR browser is even more aggressive in its confidentiality guarantees, going so far as to deactivate JavaScript and lock the size of the window, so that the servers cannot say what is the size of your screen. Without JavaScript and activated cookies, sites tend to break, but it is generally not a problem on the Tor network, where sites with the special domain “.onion” are generally designed without JavaScript.
Google Chrome also has alternatives hardened by confidentiality as a crote.
These are only a few of the ways that modern browsers keep us safe online. There are even more defense systems always active in the background, and by choosing the right browser, you can make your activity online safer than it is already.
