The BSI (Federal Office for Information Security) is more in the foreground after the last presidential elections in the USA at the latest. When it was founded in 1991, nobody expected that fake news, security gaps in the network or hacker attacks would one day take on such proportions. For this reason, the BSI was awarded 180 new positions this year, which means that over 600 employees now monitor the security of the World Wide Web (if that is possible...). One of the first projects has now come to a result that not only all federal administrations can take to heart, but also state and local administrations as well as private users. Mozilla Firefox, Google Chrome, Microsoft Internet Explorer and Microsoft Edge were tested for security gaps.
Firefox performs best
Even if a lot of information on security may seem too complicated for many non-IT professionals, it is easy to count on one hand which browser is the safest according to the BSI. With 32 different test areas, Mozilla's Firefox is only considered limited in one area. Google Chrome and Microsoft Internet Explorer are behind with 2 limitations each and Microsoft Edge comes last with three comments, one even as insufficient.
All browsers are well positioned when it comes to troubleshooting and updating. In this way, all products adapt to new security measures as quickly as possible if a vulnerability is found. Data security also seems to work. All browsers provide up-to-date lists to check for "phishing", for example.
"Phishing" is a neologism for the English word "fishing". In the web area, this means attempts to obtain personal data from an Internet user via fake websites, e-mails or short messages, thereby committing identity theft.
Microsoft Edge with small vulnerability
The examined section “Identification and Authentication” is interesting. It checked whether the password manager of the browser has unrestricted access to the saved passwords or not. With Firefox, you can select the option that the stored passwords can only be accessed after entering a master password. Chrome and the Microsoft products enable this functionality only through external extensions. Of course, the point of saved passwords is not to have to enter them all the time, which a master password loses in function. However, it does show that Mozilla is putting more security options in the default browser than the rest.
Unfortunately, Microsoft Edge makes a negative impression. Encrypted connections were examined in the "Trusted Communication" area. While the other three browsers show in color whether a connection is encrypted or in plain text, Microsoft Edge does not show this. No protocol version or cipher suite (standardized collection of cryptographic procedures for Encryption) is displayed, which means that encryption or non-encryption is not recognizable.
private use
This is very specific information for private use. Since government agencies place a higher priority on sending encrypted data, Microsoft Edge's dropping off is justified. However, private users do not have to switch browsers because all providers are suitable for simple surfing on the Internet. Anyone who sends important data to contractual partners (e.g. mobile phone provider with account number, etc.) should find out beforehand whether the data is sufficiently encrypted. That's the theory. Nevertheless, always be aware: if you want to get your data via the Internet, you will be able to do it without any problems with the appropriate know-how. Use all security measures to limit the probability at least a little. In this sense: “happy surfing”!
