In the last few days I have been researching all the types of viruses and also about the ways of infection. I have also read about the drive by method and my questions are:
How is it still possible that the attacker can execute code in browser and make the user download an infected file without his knowledge?
What are the facts when calling a browser secure? All the browsers like Mozilla, Chrome and Opera call themself secure but none of them are "bulletproof".
How is it still possible that the attacker can execute code in browser and make the user download an infected file without his knowledge?
In Google Chrome, files are downloaded into the Downloads directory without the user being prompted, so long as the file extension is not on a certain blacklist of known unsafe file types.
For potentially dangerous file types, the user must approve the download and/or opening of the file. There have been attempts to thwart this via click-jacking. Modern browsers such as Chrome and Firefox have a built-in delay to prevent this.
Some users can still be fooled though.
What are the facts when calling a browser secure? all the browsers like mozilla chrome opera call itself secure but none of them are "bulletproof"
The term "bulletproof" is very vague.
In modern browsers, much effort has been applied to fix any vulnerabilities that would allow direct hacking out of the browser's built-in sandbox. It is important you keep your browser up to date to take advantage of these protections. Once you do that, the difference in security of the major browsers gets pretty small.
Even with no 'vulnerabilities' per se, the 'security' of various browsers may not be equal. Also it is highly subjective. There are many complex and edge case features various browser vendors can implement to protect your security.
For example, if a website asks for access to your Microphone and Video, both Firefox and Chrome ask for approval, but Chrome also requires that the website offers HTTPS encryption. Firefox does not have that requirement. (yet) That is not really a security issue in Firefox, nor a bullet-proofing of Chrome, but does make a difference in certain situations, such as public WiFi usage.
Some browsers do not yet support Content Security Policy. However, CSP is only a feature to help developers mitigate their own vulnerabilities.
All of these are very minor differences in the security of a browser.
I have a personal opinion that IE is one of the less secure browsers.
Again, always keep your browser up to date to take advantage of any new security features they have introduced.
The ability to force download and execution of malware upon a visitor is not a feature, it is a bug. It is not as simple as browser vendors saying "hmm, maybe we should disable that JavaScript secretlyDownloadAndExecuteFile() function".
Drive by downloads are done in these ways:
First one is easily fixed. Just throw the plugins out the window. That is exactly what we are doing - the days of both Java and Flash plugins in browsers are numbered.
The second and third ones are hard. To fix them you would need bug free code and enlightened users. Due to human nature, we have none of those. So good luck.
Just saying that something is secure is an empty and pointless statement. Security is not a binary thing. It is not even a one dimensional thing. To make sense, you need to say how secure something is against what threats.
Perfect security does not exist. If you think you can just make something secure, and then go home, you are doing it wrong.
