The Browser Is Broken

Written by Guise Bule, Editor at Secjuice

The Browser Is Broken

We love browsers, they are our window to the world. We love browsers so much that we have fought wars over them, wars so fierce that only three browsers really survived. Two of them arguably survived because their developers also happen to own major operating systems and I do not even need to name names, you all instinctively know who I am talking about. Whatever its name, we rely on the browser and we need the browser, otherwise how else are we supposed interact with the outside world? Go outside?


Well I am sorry, but I am far too busy for that. Going outside is great, but when it comes to seeing what is really going on elsewhere and interacting with it, going outside ain’t got nothing on the browser. We can all probably agree that life without the browser would be lonely and miserable.

But that doesn’t mean that the browser isn’t broken. That doesn’t mean that the browser doesn't let the bad things in. What? Don’t believe me? Who gave you that last virus without telling you that you were infected? Who let that god awful ransomware come in and encrypt all of your stuff, demanding a bitcoin ransom to decrypt it all? Who greedily gorges themselves on cookies and tracking code to let others track your habits? Who left the window open so those filthy degenerate perverts could look through the webcam into your bedroom and watch you getting changed? Go on, I will give you a guess and a clue.

If you gaze long enough into a browser window,
sometimes the browser window will gaze back into you.

It wasn’t that bloated excuse for word processor that is Microsoft Word, but then again it might have been, you never know these days. Nope, it was the browser and if you need yet more evidence its broken, when was the last time it stopped your ISP or whoever happens to be sniffing the Starbucks wifi network today from watching you browse Reddit? When was the last time your web browser stopped those advertisers from assaulting your eyeballs without an ad-block plugin lending a helping hand?

Never is the answer, it's not the browsers problem apparently. Like I said, the browser is broken.

The problem we have is that the browser is broken and takes responsibility for nothing, choosing to shirk off its responsibilities to the anti-virus, the firewall or whatever security software you think will protect you. We already know how well they do though, you may as well have a ‘Beware Of The Dog’ sign as your screensaver and keep your fingers crossed. The reason we have a clear problem is because the vast majority of attacks against your computer are not coming through your Starbucks WiFi, your IM client, or from dirty USB sticks.

The browsers dirty little secret is that the vast majority of monsters are climbing in through its open window and even when you think you closed and locked that window, the browser still lets the monsters in. Even if we haven’t fallen victim to a ransomware attack yet, we all know that shady websites belch malware onto you through your browser, it doesn’t take a genius to work out that when you open a browser window and gaze for long enough into the browser, sometimes the what is in the browser window can gaze back into you.

Brilliant, let's not use browsers then, that way nobody will ever steal our email archives, our online dating messages, online trading accounts, banking details or blog posts about our holidays. But wait, we actually need a browser for everything (unless there is an app for it) and not using them really isn’t an option for most people, so I suggest that we should do the next best thing and wear a browser condom.

We know every time we stick a piece of ourselves into the internet, we may catch some kind of nasty dose, so let's wear internet condoms. By this I mean lets put a physical barrier between us and the nasty infectious stuff that lurks around on the internet, something that we are already used to when you think about it.

IT professionals know that the vast majority of attacks begin with the internet browser, so why are they not safely isolating their users browsers? To be fair, a lot of us may not have heard of a smoking hot new cybersecurity model (according to Gartner) called remote browsing. Remote browsing is self explanatory, your internet users browser the internet through remote browsers, ones hosted and delivered from physically isolated servers and networks. By adopting remote browsing for your business, you push all of their browsing activity and the associated cyber risks away from your internal data and networks. By using remote browsers, you physically isolate yourself from the potential web infections.

Do not use the browser on your local machine to browse the internet, there be dragons. Instead physically isolate your browser together with all of the malware that your browser picks up when you use it by using a remote browsing solution. If we are serious about protecting our users, we need to wake up to the fact that the browser is broken and start wearing internet condoms.

We need to start making remote browsers available to our users, because it's the only real way to stop the vast majority of web infections from infecting the vast majority of innocent everyday internet users. Until we recognize that the browser is broken, that it causes most of our cybersecurity infections and treat it accordingly, our dependence on the browser will continue to put us at the mercy of the bad stuff. Give yourself internet peace of mind with WEBGAP remote browsers.

Like the things we write? Follow @WEBGAP on Twitter for more!