The Browser Is A Bitch
We love browsers, they are our window to the world, we love browsers so much that we have fought wars over them, but sadly the browser is not your friend.
Anthropomorphism and gender assumptions aside, the browser is a total bitch and even worse, she shamelessly acts like she is our best friend. We love browsers, they are our window to the world, we love browsers so much that we have fought wars over them, wars so fierce that only three browsers came out of them alive.
Arguably, two of them only survived because their developers also happen to own major operating systems and I do not even need to name names, you all instinctively know who I am talking about. Whatever its name, we love the browser, we rely on the browser and we need the browser, otherwise how else are we supposed to look at the outside world? Instagram and Twitter are great, but when it comes to seeing whats going on elsewhere, they ain’t got nothing on the browser.
I think we can all agree, life without the browser would be pretty miserable, but that doesn’t mean that she isn’t a total bitch. What? Don’t believe me?
Who gave you that last virus without telling you that she was infected? Who let those rat sneak cyber thieves come in and encrypt all of your stuff, demanding a cryptocurrency ransom to decrypt it all? Who is it that allows all browser tabs to spontaneously pop open crappy websites when you try and stream pirate movies? Who let that pervert could come into your house and watch you naked through your webcam?
Go on, I will give you three guesses and a clue.
It wasn’t the bloated shadow of a word processor that is Microsoft Word, although it might have been you never really know these days.
It was the browser and if you need yet more proof that she is a total bitch, when was the last time she stopped your ISP, OS vendor, local intelligence community or whoever happens to be sniffing the Starbucks wifi network today from watching you browse Reddit? When was the last time she stopped those filthy degenerate advertisers from assaulting your eyeballs without an adblock plugin?
Never is the answer, not my problem she says.
Thats the fundamental problem we have as internet users, the browser is a total bitch and she takes responsibility for nothing, choosing to shirk off her responsibilities to the anti-virus, the firewall or whatever security software you happen to be running to protect yourself and we already know how well they get on, you may as well have a Dads Army guarding your network borders.
This is a problem because the vast majority of cyber attacks against your computer are not coming through your wifi connection, they are not coming through your IM client and they are not coming through your email client (because you know not to click sketchy links from strangers). The vast majority of attacks are climbing into your machine through the open window that is your web browser.
The browser is the primary attack vector for the vast majority of cyber attacks, but of course we didn’t need to be told that because most of us have have been brutally mauled by some sort of malware infection at some point. Even if we haven’t fallen victim to ransomware attack yet and we all know that shady websites belch malware on you through your open browser window when you click on links.
You don't have to be a genius to work out that when you open up a browser window to look into the abyss, sometimes the abyss looks back, into you.
Then let's not use browsers, that way nobody will ever steal our online banking details, nude pictures and credit card details. But wait, we actually need a browser for EVERYTHING (unless there is an app for it) and not using them just isn’t an option, so perhaps we should do the next best thing and wear a condom.
Let's Wear Internet Condoms
We know every time we stick a piece of ourselves into the internet, we are going to catch some kind of nasty dose, so lets just wear internet condoms and by this I mean lets place a physical barrier between us and the nasty infections stuff that lurks around on the internet. It makes a lot of sense when you think about it right?
And at this point I would like to apologize for my facetiousness and take on a more serious tone. As IT professionals, we KNOW that the vast majority of attacks originate in the internet browser, so why are we not isolating our users browsers and browsing activity? Yes, I know it can be expensive with some vendors.
Browser isolation is a simple premise, it requires that you recognize where all the trouble is coming from and commit yourself to physically isolating that trouble away from the things that matter to you the most. Simply put, you take the browser (and all of its associated browsing activity) and host it away from your local machine.
There is absolutely no need for your browser activity and all of its associated cyber risk to live on your local machine when it can be safely isolated away from you.
You will be amazed at the positive change which occurs in your online life when you decide to isolate yourself from all the cyber negativity and embrace browser isolation. Suddenly all of the badness cannot touch you, only goodness remains.
If we are serious about protecting our users, we need to wake up to the fact that the browser is a bitch and treat her like she is poison before she poisons our online lives, it is really the only effective way to stem the vast majority of malware, ransomware and cyber attacks for the vast majority of internet browsing users.
Until we recognise the browser is a bitch who causes us nothing but problems, our dependence on the browser will continue to be our downfall malwarewise.
My advice? Put a WEBGAP between you and the malware with a remote browser, which is kind of like an internet condom but not as fiddly to deploy.
*Disclaimer: I coined the term WEBGAP.