Microsoft Edge is built not only in compliance with the industry standard but with the security as its highest priority in mind as well. In a blog post on May 11, 2015 with a title in “Building a safer browser”, they committed that:
With Microsoft Edge, we want to fundamentally improve security over existing browsers and enable users to confidently experience the web from Windows. We have designed Microsoft Edge to defend users from increasingly sophisticated and prevalent attacks.
So what are the security features implemented in Edge that make the new browser to hold a strong position to against the online threats?
Phishing is one of the most common threats on the internet nowadays. It’s tricky, it’s dirty, and most frighteningly it has a very high success ratio getting people’s personal information including authentication information. The most effective way to really defend phishing, other than educating people to be aware of such an attach, is to remove the need for users to enter plain-text text password into the website.
Microsoft introduced a new technology called Passport, a code name for a programming system to provide a more secure way of letting you sign-in to websites or apps on your behalf without sending up a password, trying to stop the phishing attempts before they even cast their baits.
SmartScreen is nothing new and has been for years since it debuted in Internet Explorer 8, but it’s still a very important piece to fight off the bad threats from the internet. When turned on, Edge will do a reputation check on individual websites to make sure everything on the website you are attempting to visit is clean and threaten-free. If anything suspicious, the end-user will see a warning instead of the content on the website.
The SmartScreen setting can be found at the bottom of Advanced settings in Microsoft Edge.
One step Microsoft did very wrong in Internet Explorer is to make it so tied into Windows. While it’s good from a business stand point, it’s very bad from a security perspective, because when the browser is compromised, your entire system could be taken down along with it.
Microsoft corrected it in Edge to make the new browser a complete independent universal Windows app, which fundamentally changed the process model. It’s constantly running in a partial sandbox, a contained environment isolated from the Windows core, without interference with any other programs running on the same system.
That means if Edge is compromised, the rest of the computer will just be running fine.
More secured extension model
With HTML5 getting more dominated on the web, the old technologies used to make rich content for our web have become more and more obsolete and irrelevant. The days surrounded by ActiveX, VB Script, Toolbars, etc. are finally behind us. It’s time to embrace HTML5 and let it shine in full.
Thus, Microsoft finally put the stop sign to any of those in Edge, and are working on a modern, HTML/JS-based extension model. Most likely, the new extension model in Edge will effortlessly port all Chrome extensions over without making a lot of code changes.
Microsoft certainly made the right choice of dumping the old Internet Explorer to start fresh. Despite of the fact that there are still a lot of features missing, it’s a damn good browser that will definitely shine its way to be back to the main stream.