WingNews logo WingNews GitHub [2]

HelloThur's comments

HelloThur | 5 years ago | on: Chrome Is Bad

Market share has a factor, but its not always the commanding factor.

Take a look at https://zerodium.com/program.html

Apache and Nginx have a very similar market share. Nginx has higher share in top 10k websites, Apache has slightly higher share overall.

Yet Apache has over double the price as nginx exploits:

* Apache RCE 500k

* Nginx RCE 200k

HelloThur | 5 years ago | on: Chrome Is Bad

Thats a valid point if we're referring to relatively unknown browsers. But the main three browsers are all high profile enough that they all have significant eyes on them and are thoroughly tested.

Firefox may have a small market share, but exploits for Firefox may even have more value to some entities/governments, due to its use in Tor Browser.

To clear any confusion, all three are extremely secure in comparison to other types of products (which is why exploits are so expensive), however Chrome just edges ahead, due to its sandboxing, and rapid patch cycle.

HelloThur | 5 years ago | on: Chrome Is Bad

In the security industry it's commonly known Chrome has the best security, this partly due to the amount of money Google invests in finding vulnerabilities (via fuzzing) in Chrome.

For "proof", you can check how much exploit vendors pay for exploits for each browser. For example Zerodium offer:

* $500k for Chrome RCE

* $100k for Safari RCE

* $100k for Firefox RCE

https://zerodium.com/program.html

The higher amount would generally indicate its harder to get an RCE in Chrome.

HelloThur | 5 years ago | on: State of Cybersecurity Industry Exposure at Dark Web

"97% of companies have data leaks and other security incidents exposed on the Dark Web" - Bold claims. Do you have any proof of this? Such as redacted screenshots or examples of these leaks?

The article shows lots of stats, but no real evidence.

page 1