The Browser Is Broken

We love browsers, they are our window to the world. We love browsers so much that we have fought wars over them, wars that are so fierce, only three browsers survived. Two of them arguably survived because their developers also happen to own major operating systems and I do not even need to name names, you all instinctively know who I am talking about. Whatever its name, we rely on the browser, otherwise how else are we supposed to interact with the outside world? Go outside?

Well, I am sorry, but I am far too busy for that. Going outside is great, but when it comes to seeing what is really going on elsewhere and interacting with it, going outside ain’t got nothing on the browser. We can all probably agree that life without the browser would be lonely and miserable, although we would probably read books more.

But that doesn’t mean that the browser isn’t broken. That doesn’t mean that the browser doesn't let the bad things in. Don’t believe me? Who gave you that last virus without telling you that you were infected? Who let that god-awful ransomware come in and encrypt all of your stuff, demanding a Bitcoin ransom to decrypt it all? Who greedily gorges themselves on cookies and tracking code to let others track your habits? Who left a window open so those perverts could look through the webcam into your bedroom and watch you getting changed?

It wasn’t that bloated excuse for a word processor that is Microsoft Word. Nope, it was the browser, and if you need yet more evidence it's broken, ask yourself when was the last time it stopped your ISP or whoever happens to be sniffing the Starbucks Wi-Fi network today from watching you browse Reddit? When was the last time your web browser stopped advertisers from assaulting your eyeballs without an ad-block plugin lending a helping hand?

Never, is the answer. It's not the browser's problem (apparently). As I said, the browser is broken.

The problem we have is that the browser is broken and takes responsibility for nothing, choosing to shirk its responsibilities to the anti-virus, the firewall, or whatever security software you think will protect you. We already know how well they do though. You may as well have a ‘Beware Of The Dog’ sign as your screensaver and keep your fingers crossed. The reason we have a clear problem is due to the vast majority of attacks against your computer not coming through your Starbucks WiFi, your IM client, or from dirty USB sticks.

The browser's dirty little secret is that the vast majority of monsters are climbing in through its open window and even when you think you closed and locked that window, the browser still lets the monsters in. Even if we haven’t fallen victim to a ransomware attack yet, we all know that shady websites belch malware onto you through your browser. It doesn’t take a genius to work out that when you open a browser window and gaze for long enough into the browser, sometimes what is in the browser window can gaze back into you.

Brilliant, let's not use browsers then, that way nobody will ever steal our email archives, our online dating messages, online trading accounts, banking details, or blog posts about our holidays. But wait, we do actually need a browser for everything (unless there is an app for it), and not using them isn’t an option for most people, so I suggest that we should do the next best thing and wear a browser condom.

We know every time we stick a piece of ourselves into the internet, we may catch some kind of nasty dose, so let's wear internet condoms. By this, I mean let's put a physical barrier between us and the nasty infectious stuff that lurks around on the internet, something that we are already used to when you think about it.

IT professionals know that the vast majority of attacks begin with the internet browser, so why are they not safely isolating their users' browsers? To be fair, a lot of us may not have heard of a smoking hot new cybersecurity model (according to Gartner) called remote browsing. Remote browsing is self-explanatory; your internet users browse the internet through remote browsers, ones hosted and delivered from physically isolated servers and networks. By adopting remote browsing for your business, you push all of their browsing activity and the associated cyber risks away from your internal data and networks. By using remote browsers, you physically isolate yourself from potential web infections.

Do not use the browser on your local machine to browse the internet, there be dragons. Instead, physically isolate your browser together with all of the malware that your browser picks up when you use it by using a remote browsing solution. If we are serious about protecting our users, we need to wake up to the fact that the browser is broken (and start wearing internet condoms).

We need to start making remote browsers available to our users because it's the only real way to stop the vast majority of web infections from infecting the vast majority of innocent everyday internet users. Until we recognize that the browser is broken and that it causes most of our cybersecurity infections, we can treat it accordingly. After all, our dependence on the browser will continue to put us at the mercy of the bad stuff.

If you would like a fact finding conversation click here to schedule a video or phone call with us.