May 19, 2005 9:33 AM PDT

Netscape update takes aim at phishing

Netscape on Thursday released the final version of Netscape 8, a browser that includes features to protect Web surfers against online scams.


Early test versions of the new browser--so-called alpha and beta releases--have been available since February. Netscape has made mostly cosmetic changes in the final version, said Jeremy Liew, general manager of Netscape, a division of Time Warner's America Online subsidiary.

Almost a million people participated in the public beta, which started in March, Liew said, and most of the criticism received was about the look and feel of the browser. During the beta process, Netscape improved the stability and speed of the browser by fixing bugs and optimizing the software, he added.

Security features in the Netscape software have not changed. "Security is the sizzle that will get people to use this new browser," Liew said. "I think the Web has become a more dangerous place. The threats of phishing and spyware have become more and more real."

The Netscape browser was once ubiquitous, but it was marginalized after Microsoft introduced Internet Explorer in the mid-1990s. However, several high-profile security vulnerabilities in IE have led others, including Netscape and Firefox distributor the Mozilla Foundation, to make security the No. 1 selling point for their browsers.

The new Netscape takes aim at two types of security risks now causing concern among consumers: spyware and phishing. Spyware is malicious software that gets surreptitiously installed on a PC and spies on the user's actions. Phishing scams are a prevalent type of online fraud that attempts to steal sensitive user information such as user names, passwords and credit card information. The attacks typically combine spam e-mail that lures victims to fraudulent Web pages that look like legitimate sites.

Related feature
Have you been phished?
Check here to see whether an e-mail that appears to be from your bank or an online merchant is actually an attempt to defraud you.

Netscape 8 adds a layer of protection when it comes to spyware, Liew said. Whereas many anti-spyware tools can help users after the malicious software has already hit their PCs, the new browser can prevent users from getting it in the first place, he said.

To help people avoid phishing frauds, the updated browser automatically adjusts security settings while they surf, based on lists of sites that are known to be malicious and of trusted sites. The lists will be updated three times a day and automatically downloaded when a PC connects to the Internet, Liew said.

Netscape uses information from parent AOL as well as from nonprofit privacy group Truste, VeriSign and security software company Paretologic to compile the lists, which will be stored on the user's PC. The initial whitelist that ships with the browser contains 150,000 sites, and the blacklist has thousands, according to Netscape.

However, systems will still be vulnerable to problems such as an exploitable flaw in the browser itself, said Thor Larholm, a senior security researcher at PivX Solutions.

"The new security features in Netscape 8 will help guide users in their choices, but will do little to prevent the recurring code execution vulnerabilities in Web browsers that we have seen over the years," he said.

Engineering
Netscape 8 is based on Firefox 1.0.3 and uses that browser's Gecko rendering engine by default. But the new software also supports Microsoft's Internet Explorer browser engine, which is part of Windows. Many Web sites have been built to work with IE, so supporting the engine maximizes compatibility.

Netscape 8 users will be alerted to malicious sites with a red shield in the browser tab. If the user chooses to display the site, it will be rendered using the Firefox engine and with browser features such as cookies and JavaScript turned off. Trusted Web sites are displayed with fewer restrictions and using the IE engine.

Security is the sizzle that will get people to use this new browser.
--Jeremy Liew, general manager, Netscape

Other features in the browser, unrelated to security, include the ability to set multiple Web sites as the home page. These pages will open in multiple tabs when starting the browser. Also, the browser offers improved support for RSS, or Really Simple Syndication, feeds.

Microsoft's browser still dominates in terms of usage, but Firefox and other browsers have been pecking at its market share. At the end of April, Microsoft held 88.86 percent of the U.S. browser market and Firefox stood at 6.75 percent, according to data from Web analytics firm WebSideStory.

Netscape hopes the new browser will be downloaded more than 15 million times this year, about the number of Netscape browser downloads the company hit last year, Liew said. Initially, Netscape 8 will only be available in U.S. English. Canadian English and French are set to follow in June. Other international versions may follow, he said.

The primary distribution mechanism for Netscape 8 will be through the Netscape.com Web site, which gets about 18 million unique visitors per month, Liew said. Netscape is also advertising the update on Web sites and in search engines, he said. A Windows version was available for free download on Thursday.

4 comments

Join the conversation!
Add your comment
In a nutshell
We have an interesting situation here in a proverbial nutshell. I'm all for Netscape's efforts, but couldn't help but noticed that this browser is based mostly on Firefox 1.03...however, Firefox is now at 1.04, due to their quick response to the possible security flaw recently uncovered. Now will Netscape be quick to follow suit, or will they either ignore the flaw or take forever to do an update...you know, sort of like, er...Microsoft.
Posted by xlxklsl (4 comments )
Reply Link Flag
Very Good Browser!
I love how the program automatically switches between IE's engine
and Firefox's engine. Now I can go to yahoo! launch and windows
update with one browser!
Posted by IchibanJay (4 comments )
Reply Link Flag
Not smart enough to read browser headings
Netscape isn't smart enough to read the browser headers sent to it. I went to netscape.com on my Mac, and it wanted me to download Netscape 8, despite the fact that currrently only WINDOZE is supported! I don't think I'll trust software from programmers who aren't smart enough to figure this one out!
Posted by ptkdude--2008 (25 comments )
Reply Link Flag
DeepNet was first...
I would say DeepNet Explorer was one of the first browsers to establish "phishing alarms".

link below of article:

<a class="jive-link-external" href="http://news.cbsi.com/Browser+promises+to+fend+off+phishers/2100-1029_3-5462928.html?tag=prntfr" target="_newWindow">http://news.cbsi.com/Browser+promises+to+fend+off+phishers/2100-1029_3-5462928.html?tag=prntfr</a>
Posted by jtea84 (5 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.