Making secure browsers a reality

Making secure browsers a reality

For the average consumer, hopping online to shop is as commonplace as physically going to the mall. No one thinks for a moment about how relatively unsafe it is to conduct business on the web. But in spite of our years’ long dependence on the web for commerce, it’s still astonishingly easy for cybercriminals to hack web-based transactions.

The reason? Web browsers. The fundamental insecurity of web browsers is arguably the weakest link in cyber security today. While the basic architecture of the web has a number of security elements built in (firewalls, browser isolation and TLS/SSL), developers know that browsers can’t be trusted to safely run JavaScript code.

The extent of the problem

Essentially, browsers are controlled by users. As a result, developers have no control over the state of the code in a given user’s browser or what is actually going on on the client side. Thus, website operators have no idea if the client-to-sever connection has been intercepted, if the user is a person or a bot, or if their app is working as intended. The core of the problem is that most people can’t keep their computers secure and likely don’t even know they have to.

Google/Mozilla recently discovered in research using Firefox that 10-18% of all internet connections are actively being intercepted by what’s known as “man-in-the-middle” (MitM) attacks. This is a little known fact because often these attacks are impossible to trace back to the browser, or the result of the attack appears too small to cause alarm. But it’s now clear that the browser can secretly provide a gateway to larger-scale mayhem and theft, a problem that will only get worse as industries become increasingly open and connected.

The solution

Thus far, safeguarding browsers against attack has been an intractable problem. It requires achieving the near impossible feat of hardening code that sits in plain sight of anyone with an internet connection.

Irdeto has been working on solving this problem for the past 10 years, and we’ve finally cracked it. How did we do it? Suffice to say (for now) that it requires a set of multi-layered interlocked defenses using a unique combination of code obfuscation, diversity and whitebox cryptography.  Irdeto is now the only security company that’s able to successfully harden client-side JavaScript against MitM and other browser-based attacks.

See you at Codemotion Amsterdam

I will be divulging all of the details about our unprecedented browser security solution at Codemotion Amsterdam. REGISTER HERE to see my talk “Now you can trust the browser” on May 16 at 12:30 pm. Learn more about how Irdeto is pioneering a truly secure internet and how you can become part of this groundbreaking effort. Hope to see you there!