Q&A [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings

Evjl's Rain

Level 47
Verified
Trusted
Content Creator
Malware Hunter
Apr 18, 2016
3,607
28,309
Comparison between browser extensions

Test 29/12
Q&A - [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings


Test 24/11
Q&A - [Updated 24/11/2018] Browser extension comparison: Malwares and Phishings


Test 12/11
Q&A - [Updated 12/11/2018] Browser extension comparison: Malwares and Phishings


Test 7/11
Q&A - [Updated 7/11/2018] Browser extension comparison: Malwares and Phishings


Test 6/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 3/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 2/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Test, quick 1/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Fun test 25/7/2018
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 24/7/2018 (most comprehensive, as possible)
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 19/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 18/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 10/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 7/6/2018
Q&A - [Updated 7/6/2018] Browser extension comparison: Malwares and Phishings


Updated 3/6/2018
Q&A - [Updated 3/6/18] Browser extension comparison: Malwares and Phishings


Updated 25/4/2018
Poll - [Updated 25/4/18] Browser extension comparison: Malwares and Phishings


Update: 23/3/2018
Poll - [Updated 23/3/18] Browser extension comparison: Malwares and Phishings



Browser: Google Chrome 65 x64
Malware and phishing links: 10 malc0de, 10 vxvault, 10 openphish, 10 verified phishtank, 10 unverified phishtank
Total: 50 links
Extensions: recently downloaded from Chrome Web Store
- Google Safe Browsing (built-in chrome's protection)
- AdGuard AdBlocker: default settings, uses Google Safe Browsing (delayed) and their own database
- Avira browser safety: default settings
- Norton Safe Web: default settings
- Bitdefender Trafficlight: default settings, it rarely blocks any malware links, just old ones
- Avast Online Security: default settings, only has phishing protection, expected to score 0 against malwares
- Netcraft Extension: default settings, only has phishing protection, expected to score 0 against malwares
- uBlock Origin with some additional filters

NOTE: the result can vary from day-to-day. Tomorrow with different links, the result can be very different. All are live links but they can be dead a few minutes after the test. No duplication

Results:
result.png


Winner: Google Safe Browsing
 
Last edited:

Evjl's Rain

Level 47
Verified
Trusted
Content Creator
Malware Hunter
Apr 18, 2016
3,607
28,309
Now, for security, I recommend you to use the Firefox built-in protection (Safebrowsing - Google) + VirusTotal add-on/extension (VTzilla 2.0 ) + an external AV (Avast) + firewall (Comodo CS' settings). In my opinion this is the less intrusive combo, with the best protection.
I'm using similar combo with Kaspersky free + CF + Google safe browsing + Norton Safe Web + VTchromizer
norton is light that no one can notice its existence so I can't get rid of it. Similar to WDBP but I doubt about its effectiveness
 
Last edited:

Decopi

Level 3
Oct 29, 2017
122
431
That's great @Evjl's Rain !... the right/perfect combo, is the combo each user likes. If it works for the user, then is the right/perfect combo for him.

Privacy/security combos depend only on user profile.
Most of the user won't care about system performance, and they will prefer "plug-and-play" solutions (something easier to install/use).
In the other hand, paranoids never will be satisfied, they always will want more and more, redundancies, complex and sophisticated stuff etc. They are always looking for perfection, "the 100%" in everything.
I prefer something in the middle of both (basic user vs paranoids).

Honestly, after testing CF+CS settings, I didn't feel anymore the need of an external AV. I still use/recommend an external AV, just because of the possible "human error factor" (allowing wrong stuff at CF). So, basically CF alone is enough for me, and AV is redundant.

Similar logic goes to the browser: The VTzilla 2.0 add-on is more than enough for me. It stops every download. And it checks every download. And it does that without killing system performance. I don't need Norton, Malwerbytes, nothing. Even is not necessary the built-in Safebrowsing-Google option.

For phishing, as you said, I trust my experience & habits. But if I fail, VTzilla 2.0 add-on can check URLs.

Conclusion, I personally don't need AV, antimalware/phishing add-ons or blocking hosts lists, nothing. I just need VTzilla 2.0 add-on and CF+CS settings... that's all!

For 3rd-parties I use Pi-Hole, not because security risks, but for browser performance improvements. 85% of the webpages don't need 3rd-parties, they work "ok", without breaking. So, blocking this webgarbage means "internet speed boost", webpages loading faster, less RAM, less CPU, more battery-life, less internet band consumption etc.
But for those without Pi-Hole, tiny/lightweight 3rd-party blockers are enough.

For my user profile, this is the right/perfect combo.
But I perfectly understand that other users love other combos.
 
Last edited:

oldschool

Level 63
Verified
Mar 29, 2018
5,254
38,354
That's great @Evjl's Rain !... the right/perfect combo, is the combo each user likes. If it works for the user, then is the right/perfect combo for him.

Privacy/security combos depend only on user profile...


For 3rd-parties I use Pi-Hole, not because security risks, but for browser performance improvements. 85% of the webpages don't need 3rd-parties, they work "ok", without breaking. So, blocking this webgarbage means "internet speed boost", webpages loading faster, less RAM, less CPU, more battery-life, less internet band consumption etc.
But for those without Pi-Hole, tiny/lightweight 3rd-party blockers are enough.

For my user profile, this is the right/perfect combo.
But I perfectly understand that other users love other combos.

+ 1 on user profiles being determining factor. Nano Adblocker or uBO - Advanced User Mode Medium: Block all 3 Party Scripts and Frames. Pretty easy to use for most sites as well. Fast & light!
 

Evjl's Rain

Level 47
Verified
Trusted
Content Creator
Malware Hunter
Apr 18, 2016
3,607
28,309
Just tried "Windows Defender Browser Protection", it blocks 16 malware links, like Edge before. I guess, it is updated separately. :unsure:
I think they have the same database but Edge can scan and analyze the website and the downloaded file (for digital signature and reputation) + Edge is also integrated with Smartscreen for windows => better results
WDBP is just blacklisting, nothing more, I think
 

Evjl's Rain

Level 47
Verified
Trusted
Content Creator
Malware Hunter
Apr 18, 2016
3,607
28,309
Test 7/6/2018
special thanks: @mekelek






Malware (34)



Phishing (6)



Dead links



Total (40)



Google​



27​



1​



0​



28/40​



Edge​



29



0​



0​



29/40​



WDBP​



24​



0​



0​



24/40​



Malwarebytes​



29



0​



0​



29/40​



Avira​



30



0​



0​



30/40​



Norton​



24​



0​



0​



24/40​



Adguard​



2​



0​



0​



2/40​



Squidblacklist​



21​



0​



0​



21/40​



Kaspersky Free



33



5​



1​



38/39​



K9



32



6​



1​



38/39​




Late test (3-5 hours)


















Malware



Phishing



Dead links



Total



Forticlient



33



4​



1​



37/39​



Norton DNS​



20​



0​



1​



20/39​



Neustar DNS​



22​



1​



1​



23/39​



Quad9 DNS​



4​



0​



2​



4/38​



Adguard DNS​



2​



0​



2​



2/38​



Best AV's web filter: Kaspersky Free, Forticlient, K9 Web Protection
Best extension (malware): Avira Browser Safety, Malwarebytes
Best DNS: Neustar Recursive DNS


Losers: Adguard Adblocker, Quad9 DNS, Adguard DNS
 
Last edited:

Nestor

Level 8
Apr 21, 2018
400
1,998
@Nestor I tested K9 as you wish
It was surprising good but the default preset was too aggressive, it even blocked youtube. It needs to be properly configured
,
Thank you very much! Indeed it is very aggresive,i use it with configured settings (only malware,spyware,fishing) and it is very good!I think Blue Coat,owned the last years by Norton.
 
Last edited:

Evjl's Rain

Level 47
Verified
Trusted
Content Creator
Malware Hunter
Apr 18, 2016
3,607
28,309
Hows the Performance with k9 compared to forticlient? For me forticlient is affecting ping a bit
I haven't had enough time to test the performance impact yet but K9 seems very light to me, but I had to test it under a VM because I don't want it to conflict with comodo firewall and kaspersky

I tried forticlient with all modules installed, it didn't feel light to me
I haven't tried forticlient with web filter only
 

Evjl's Rain

Level 47
Verified
Trusted
Content Creator
Malware Hunter
Apr 18, 2016
3,607
28,309
@TairikuOkami I noticed a problem with WDBP
When I executed all links at the same time, WDBP only blocked 4, maximum 6/34 malware links
but when I executed 1 by 1 it blocked 24/34 :mad:
although 24 links were blocked, many malwares were still be able to download

WDBP needs recovery time :unsure:
just realize it now
 
Last edited:

Moonhorse

Level 30
Verified
Content Creator
May 29, 2018
1,996
9,995
I haven't had enough time to test the performance impact yet but K9 seems very light to me, but I had to test it under a VM because I don't want it to conflict with comodo firewall and kaspersky

I tried forticlient with all modules installed, it didn't feel light to me
I haven't tried forticlient with web filter only
Thanks, appreciate your work
 

TairikuOkami

Level 31
Verified
Content Creator
May 13, 2017
2,048
10,351
EDIT: what about K9? it was impressive
It is, blocks malware, adult content (which most filters omit) and can be customized, like allow proxy images on duckduckgo. I love it thus far.
I do not like running a realtime software, but I think, that I will make an exception. 0,04% CPU and 544B/s nonstop, I can live with that. :cautious:

K9 + UltraDNS should do the trick. UltraDNS is able to catch URLs, which bypass browser's dnscrypt somehow (direct downloads?).

EDIT: It seems, that I do not even need Netcraft anymore, that should make things a little lighter, less of multiple filtering. :p

 

Attachments

  • capture_06072018_183637.jpg
    capture_06072018_183637.jpg
    306.3 KB · Views: 467
Last edited:
Top