Yandex launches Chromium-based Web browser with security extras

Chromium-based Yandex Browser features process sandboxing, a file scanner from Kaspersky Lab and Opera's Turbo technology

Russian Internet services and Web search company Yandex released its own browser on Monday, following a similar move by competitor last week.

The new Yandex Browser is largely based on Chromium, the open-source browser that serves as the foundation for Google Chrome. As a result, it uses the WebKit browsing engine and Google's V8 JavaScript engine.

In addition, Yandex Browser has Chromium's tab process separation and process sandboxing features and also includes Adobe's Flash Player plug-in and a PDF viewer from Foxit Software.

Both the Flash Player plug-in and the PDF viewer are sandboxed, Vladimir Isaev, Yandex's manager of international media relations, said Monday via email.

However, the Yandex Browser development team didn't borrow everything from the Chromium project. For example, instead of using Google's Safe Browsing API (application programming interface) for malicious URL blocking, the Yandex Browser relies on a similar technology developed by Yandex and used on its Web search service to flag malicious search results.

"We do have our own security platform that lets us check more than 20 million Web pages daily and finds about 2,000 new hosts containing malware," Isaev said. "As a search engine we notify users about potential vulnerabilities on our search result pages (actually we show about 5 million alerts daily)."

Yandex has also partnered with Russian antivirus vendor Kaspersky Lab to integrate a file scanner into the browser. The component checks all downloaded files against a list of known malicious files that gets updated over the Internet, Isaev said.

"Yandex integrated Kaspersky SafeStream II technology which includes a set of AV [antivirus] signatures designed to protect against the most dangerous and widespread malware," said Konstantin Matyukhin, Kaspersky Lab's account manager for technology alliances, via email. "These AV signatures are used to scan every file which is downloaded through the browser. Thus it creates an additional layer of protection for a PC."

"We believe security is a big focus for all developers today," Isaev said. As more users come to the Internet, more malware is being created, he said.

Aside from security, the Yandex Browser development team also took performance aspects into consideration. In order to help users with slow Internet connections, Yandex incorporated Opera's Turbo technology into the new browser.

When Opera Turbo is enabled, the browser's HTTP requests -- not the HTTPS (HTTP Secure) ones -- are passed through proxy servers operated by Opera. The servers then download the requested pages, compress them and serve smaller versions of those pages back to the browser. Opera Turbo has been a feature in the Opera browser since 2009.

As expected, Yandex Browser was built specifically to promote and provide easy access to Yandex's services, which include Web search, email, maps, cloud-based storage and more. Yandex's main market is Russia, but the company also operates in Ukraine, Kazakhstan, Belarus and Turkey.

Yandex Browser can run on Windows or Max OS X and its default language is Russian. The browser's language can also be switched to English, but that's mostly to accommodate Russian-speaking users who prefer their software user interfaces in English, Isaev said.

Late last week, Russian Internet services company, one of Yandex's primary competitors, launched Amigo, a Chromium-based Web browser that focuses on better integration with social media websites. also offers a more general-purpose Chromium-based browser called "Internet."

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Lucian Constantin

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts