I got to spend a number of days last week with some experts from Kaspersky Lab. Kaspersky has been in the news a lot lately, at the forefront of a lot breaking news in IT security, like Flame. Eugene Kaspersky also made headlines with his comments about Apple and its approach to security.
While I was with them to learn more about Kaspersky’s release of its upcoming Internet Security 2013, which will offer some very innovative protections, I took note of two points that came up repeatedly by speakers during their presentations and in private conversations. One is that security education — as in getting people to understand the very basics of security — is lacking. The other, which I’m going to touch on today, is that the browser and OS you use do matter when it comes to making sure your network is secure.
I’ve heard mixed comments about browser security — beyond the people who still use outdated versions of IE, which everyone agrees is bad. Most say that the browser you use doesn’t matter, while others warn to stay away from IE in general.
However, among the Kaspersky experts, Google Chrome received the thumbs up and the journalists in attendance were encouraged to switch to Chrome if we weren’t already using it. The reason? Chrome automatically updates the browser, and does it with enough frequency to keep it secure.
I thought it was interesting that Chrome is so secure, seeing that Google struggles to keep its Android platform secure. I’ll trust the experts on this, but I do wish Google would step up its security beyond the browser.
Firefox, incidentally, was considered the second best choice for a browser, with IE and Safari way behind.
As for the operating systems, well, it is no secret that Kaspersky isn’t a fan of Apple. As Stefan Tanase said in his talk:
Apple is new to the security game, and users are still convinced they are immune.
Or, in other words, Apple users don’t worry about security like PC users do (Tanase puts the blame on Apple’s marketing campaign and I totally agree). But the malware is out there, and Kaspersky just announced a new wave of Mac OS X attacks. According to IT News Online:
The APT attackers were sending customised emails to a select number of Uyghur activists who were presumed Mac users. The targeted emails included ZIP attachments inside them, which contained a malicious Mac OS X backdoor. To disguise the malware, the ZIP file showed a JPEG photo together with the malicious application.
We’re going to keep seeing attacks on Apple, Eugene Kaspersky said, unless Apple very quickly gets serious about security, and, he added, millions of users are going to end up very surprised.
However, the Kaspersky experts do have high praise for the security in the soon-to-be-released Windows 8. Windows 7 had a good start with security, they said, but Windows 8 takes OS security to another level.
The browser and OS you use are important, they concluded, because you can’t depend on your anti-virus to take care of everything. It was a good lesson and a good reminder that the best security requires multiple levels and individual choices of applications are just as vital for security as individual choices of behavior.