360 Secure Browser
The 360 Secure Browser, also known as 360 Safe Browser (Chinese: 360安全浏览器), is a proprietary web browser developed by Qihoo 360 Technology Co. Ltd., a Beijing-based Chinese cybersecurity firm specializing in antivirus and internet security products.[1] First released in September 2009, it employs dual rendering engines—Trident, akin to that in Internet Explorer for legacy compatibility, and Blink, a Chromium derivative for contemporary web rendering—to deliver enhanced performance and security features including malicious URL interception, anti-phishing safeguards, and integrated malware scanning.[1][2] Primarily targeted at the Chinese market, the browser rapidly gained popularity, surpassing Internet Explorer as China's most-used browser by November 2012 with over 57% market share, owing to its emphasis on protection against online threats prevalent in domestic internet environments.[3] However, Qihoo 360's promotion tactics, including bundling with security software and alleged aggressive interference with rival applications, have sparked controversies, notably the 2010 "3Q War" antitrust dispute with Tencent that highlighted tensions over privacy and market dominance in China's tech sector.[4] Despite such issues, it continues to evolve with updates supporting 64-bit architecture and features like reduced blue light for eye comfort, maintaining a user base focused on secure browsing.[5][6]History
Initial development and launch
The 360 Secure Browser, known in Chinese as 360安全浏览器, was developed by Qihoo 360 Technology Co., Ltd., a Beijing-based internet security firm founded in September 2005 by entrepreneur Zhou Hongyi and partners, with an initial focus on providing free antivirus solutions to capture market share in China's competitive software landscape.[7] Following the 2006 launch of its flagship 360 Safe Guard antivirus, which emphasized real-time threat detection without subscription fees, Qihoo extended its ecosystem to browsers amid rising concerns over web-based malware, phishing, and vulnerabilities in dominant tools like Internet Explorer.[7] The browser's core development integrated Qihoo's proprietary scanning engines directly into the rendering process, aiming to isolate and neutralize threats before they could execute, while maintaining compatibility with the Trident engine for broad site support in the IE-heavy Chinese market.[2] The initial public launch occurred in May 2008 as a free standalone product, marking Qihoo's entry into the browser space with claims of superior protection through features like URL blacklisting and active content filtering tied to its antivirus database.[7] This timing aligned with the company's freemium strategy, where zero-cost tools drove user growth for later ad and partnership revenue, contrasting with paid competitors. Early versions prioritized security over speed or novel interfaces, using a single-core architecture based on Microsoft's rendering tech to ensure stability on Windows systems prevalent among Chinese users.[7] By late 2008, iterative updates had refined malware interception, contributing to rapid adoption as Qihoo positioned the browser as an essential complement to its desktop security suite.[7]Major updates and evolution
Following its initial release, 360 Secure Browser underwent significant enhancements with the adoption of a dual-engine architecture around September 2010, integrating the Trident rendering engine—derived from Internet Explorer—for compatibility with legacy Chinese websites and a WebKit-based engine for improved rendering speed and modern web standards support.[8] This dual-core approach, pioneered by Qihoo 360 in its browser lineup, allowed users to switch engines seamlessly, balancing domestic intranet compatibility with faster processing of international content.[9] In June 2014, Qihoo 360 issued a major update to the browser, adding lifestyle-oriented features such as integrated cloud services and personalized recommendations while reinforcing core security protocols like real-time phishing detection and malware scanning.[10] These changes aimed to expand beyond pure security into a more comprehensive browsing suite, reflecting the company's push to increase user engagement amid growing competition from international browsers. By the late 2010s, the browser shifted predominantly to a Chromium foundation, enabling frequent kernel upgrades aligned with upstream security patches and performance optimizations. For instance, version 13 incorporated Chromium 86, enhancing JavaScript execution and reducing memory usage.[5] Subsequent iterations, such as version 15 in April 2024 with Chromium 114, addressed high-severity vulnerabilities like CVE-2023-4353 and refined features including history management and webpage summarization.[11] As of October 2025, version 16 runs on Chromium 132, introducing 64-bit dual-core support for faster startup, optimized address bar functionality, and bolstered security modules to intercept emerging threats, while retaining IE kernel compatibility for enterprise legacy systems.[12] These evolutions underscore a trajectory from IE-centric compatibility to Chromium-driven efficiency, with ongoing emphasis on rapid vulnerability remediation and resource optimization to maintain dominance in China's secure browsing market.[13]Technical architecture
Underlying rendering engine
The 360 Secure Browser employs a dual rendering engine architecture, utilizing Blink—the rendering engine forked from WebKit and used in Google Chrome—as its primary engine for default webpage rendering. This Chromium-derived Blink engine enables high compatibility with modern web standards, including HTML5, CSS3, and JavaScript features optimized for speed and efficiency. The browser's adoption of Blink stems from its integration with the open-source Chromium project, which Qihoo 360 customized for enhanced performance and security features specific to the Chinese internet ecosystem.[2][14][1] For legacy site compatibility, particularly with websites relying on ActiveX controls or older Internet Explorer-specific behaviors prevalent in China, the browser incorporates Microsoft's Trident engine, accessible via a compatibility mode toggle. This dual-engine setup was introduced in 2010, initially with a WebKit-based engine in variants like the 360 Extreme Browser, and later standardized across Qihoo 360's offerings to balance forward-looking rendering with backward compatibility. Users can manually switch engines per session or page, though Blink remains the default to prioritize speed and reduced resource usage over Trident's heavier footprint.[14][15][1] This architecture reflects pragmatic engineering choices by Qihoo 360, prioritizing empirical compatibility in a market where IE-derived rendering lingered due to enterprise and government site dependencies, rather than strict adherence to a single-engine paradigm. Independent analyses confirm Blink's dominance in daily use, contributing to the browser's reported rendering speeds competitive with Chrome, while Trident's inclusion addresses verifiable compatibility gaps without compromising core security layers.[14][16]Core security implementations
The 360 Secure Browser employs a proprietary security engine integrated with Qihoo 360's antivirus infrastructure, featuring real-time interception of malicious URLs through a combination of local heuristics and cloud-based databases. This system automatically blocks access to webpages associated with malware distribution, phishing scams, and fraudulent online banking simulations, drawing on the company's extensive threat intelligence gathered from over 500 million users.[17][10] A key implementation is its sandbox isolation mode, which leverages original sandboxing technology to contain suspicious content and processes, thereby preventing potential trojan infections from spreading to the host system even during direct exposure.[18] This builds upon the underlying Chromium engine's native sandboxing but adds Qihoo-specific isolation layers for enhanced containment of web-based exploits. Download protection scans incoming files via the browser's embedded security engine, utilizing cloud scanning for zero-day threats and signature-based detection for known malware, activated by default in supported versions since at least 2014.[10] Complementary features include built-in anti-phishing mechanisms that monitor for credential theft attempts and identity protection during browsing sessions.[3] The overall framework constitutes a six-layer protection model, encompassing URL filtering, active defense against drive-by downloads, and integration with 360's cloud security services for dynamic updates to threat signatures.[19] These elements are supplemented by browser extensions like 360 Internet Protection, which provide real-time malicious URL blocking and anti-fraud capabilities across integrated environments.[20]Features
Browsing and usability tools
The 360 Secure Browser includes a range of tools aimed at improving navigation efficiency and user interface adaptability. Its dual-engine system, combining the Blink rendering engine (derived from Chromium) for high-speed modern web rendering with the Trident engine for compatibility with older sites, automatically detects and switches modes to prevent display issues and optimize loading times.[21][14] This setup supports faster page rendering on the Chromium 132 kernel, reducing latency for everyday browsing.[22] Interface customization options include a extensive skin library allowing users to alter visual themes for personal preference, alongside compatibility with over 2,000 extensions to extend core functionalities like tab management and toolbar adjustments.[22] Built-in ad filtering removes intrusive elements from webpages, streamlining content visibility without third-party add-ons.[21][23] Navigation aids encompass quick bookmark creation using the "Bookmark" button or Ctrl+D shortcut, with network bookmark synchronization enabling access across multiple devices.[22] Mouse gestures and super drag features permit gesture-based controls for actions such as opening links in new tabs, closing tabs, or scrolling, enhancing productivity by minimizing reliance on menus or keyboards.[24] Additional usability enhancements involve direct inline viewing and basic editing for more than 20 file formats, including JPG images, MP4 videos, and PDF documents, eliminating the need to launch external applications.[22] AI-integrated tools provide practical support, such as Super Search for refined query processing, multilingual text extraction from screenshots, and automated aids for PDF modification, image upscaling, and content assembly like generating PPT slides or short videos from inputs.[22] These elements collectively prioritize fluid, intuitive operation tailored to frequent web tasks.Integrated security mechanisms
The 360 Secure Browser integrates a multi-layered security architecture, prominently featuring a six-layer protection system that leverages cloud-based scanning and local isolation techniques to mitigate threats such as malware, phishing, and fraudulent sites. The URL cloud security layer employs a vast database of known malicious URLs combined with real-time cloud engine analysis to detect and block access to trojan-infested, phishing, or fraud websites before they load, displaying warning indicators like a "safety traffic light" for risky search results.[25][26] Similarly, the download cloud security layer scans incoming files against cloud-updated threat signatures during transfers, preventing execution of infected downloads.[26][27] Sandbox isolation forms another core mechanism, confining potentially hazardous web content—such as scripts or plugins—within a restricted environment to limit system-wide damage if exploitation occurs, drawing on principles of process separation akin to those in modern Chromium-based browsers.[26] For financial transactions, the online banking cloud security layer provides specialized monitoring and interception of phishing attempts targeting banking credentials, integrating URL validation with behavioral heuristics to alert users to anomalous redirects or form submissions.[25][28] Privacy protection mechanisms within the system include tools to obscure user tracking, such as blocking targeted advertisements based on browsing history and enabling data sanitization to erase temporary files, cookies, and traces that could enable profiling.[29] The browser doctor component acts as a diagnostic tool, scanning for vulnerabilities like outdated plugins or compromised settings and recommending automated repairs, while also integrating anti-phishing filters that cross-reference domains against known scam patterns.[26] These layers collectively rely on Qihoo 360's proprietary cloud infrastructure for threat intelligence updates, though independent verification of their efficacy varies, with some analyses noting reliance on signature-based detection that may lag against zero-day exploits.[21]Market position
Adoption and share in China
The 360 Secure Browser, developed by Qihoo 360 Technology, achieved significant early adoption in China following its launch in 2009, leveraging the company's established antivirus software ecosystem to bundle browser installations and promote security-focused browsing amid prevalent online threats like phishing and malware. By 2014, Qihoo 360 reported its PC-based products, including the browser, reaching approximately 495 million users in China, reflecting strong penetration driven by free security tools and aggressive distribution tactics.[4] As of early 2025, market share estimates for the browser in China vary across measurement methodologies, with domestic reports indicating higher usage than global analytics firms. Desktop browser share stood at around 20.25% in January 2025 according to Sina Finance data, positioning it behind Microsoft Edge (32.88%) and Google Chrome (30.53%) but ahead of QQ Browser (5.21%).[30] Independent analyses like those from CIW Team reported an overall share of 18.42% as of March 2025, attributing popularity to its multi-layered security features tailored to Chinese users' concerns over cyber risks.[31] In contrast, Statcounter's page-view-based metrics showed lower figures, with 5.49% for desktop and 3.17% across all devices in September 2025, potentially underrepresenting domestic browsers due to sampling biases in firewall-restricted environments.[32][33] Adoption has been bolstered by integration with Qihoo 360's broader suite, including antivirus and search services, fostering loyalty among users prioritizing native security over international alternatives like Chrome, which dominates at 45-61% but faces perceptions of foreign data risks. Recent user discussions note a decline from peak shares near 25% to 15% by mid-2025, linked to rising competition from Edge's Windows bundling and Chrome's ecosystem, yet the browser retains a core base valuing its anti-tracking and malware-blocking tools.[34][35] Empirical performance in blocking threats has sustained its niche, with Qihoo 360 emphasizing proprietary engines over Chromium reliance for enhanced local threat detection.[36]Global reach and competition
The 360 Secure Browser has achieved negligible penetration outside its primary market in China, where it commands approximately 18.42% of the browser share as of March 2025. Globally, its desktop usage stands at about 1.02%, reflecting minimal adoption beyond Chinese users despite claims of superior security features. This limited international footprint stems from factors including compatibility hurdles with Western software ecosystems, user wariness of data practices linked to a Chinese firm under national regulatory scrutiny, and a lack of tailored localization or marketing campaigns abroad. Qihoo 360's efforts, such as the short-lived Tuber app in 2020 for accessing blocked foreign sites, have not translated into sustained overseas growth.[31][37][38] Competition on the world stage pits 360 Secure Browser against entrenched leaders like Google Chrome, which dominates with 65-71% global share across desktop and mobile as of mid-2025, alongside Mozilla Firefox (around 3-7%), Microsoft Edge (4-5%), and Apple Safari (8-14%). These rivals leverage vast developer support, seamless integration with operating systems, and reputations for handling user data without state-mandated access, contrasting with 360's domestic focus on threats like localized malware and phishing. Privacy-centric alternatives such as Brave further erode potential gains for 360 internationally, as users prioritize verifiable independence from government influence over embedded security tools optimized for China's regulatory environment. In niche security comparisons, 360 trails in cross-border benchmarks due to its Chromium base lacking unique global differentiators.[39][40][41]Reception and impact
Achievements and empirical performance
The 360 Secure Browser achieved rapid adoption in China following its 2009 launch, surpassing Microsoft Internet Explorer to become the country's most widely used browser by November 2012, with Qihoo 360 reporting a market share of approximately 57% at that time.[42][3] This milestone reflected the browser's emphasis on security features tailored to domestic threats, such as phishing and malware prevalent in China's internet ecosystem, contributing to Qihoo's broader ecosystem of free tools that prioritized user acquisition over premium pricing. By January 2011, Qihoo claimed 172 million monthly active users for the browser, representing 44.1% of China's internet users, though independent analytics like StatCounter estimated lower figures between 2% and 7%, highlighting potential discrepancies in self-reported versus tracked usage data.[43] In terms of empirical performance, independent tests in 2015 revealed moderate web standards compliance: the browser scored 462 out of 555 on an HTML5 support benchmark, trailing Google Chrome's 526, and 92 out of 100 on CSS3 support compared to Chrome's 99.[14] Security-oriented evaluations of associated Qihoo extensions, such as those in 360 Total Security, demonstrated URL-level blocking of 58% of dangerous sites in a PCMag test, an improvement over prior iterations but below elite performers like top antivirus suites.[44] Qihoo's underlying detection engines, integrated into the browser, earned a 15.5 out of 18 score in AV-Test's 2014 evaluation for protection, performance, and usability, outperforming some free competitors like Avast at the time.[45] Recent market data from StatCounter indicates sustained desktop usage in China, with versions of 360 Safe Browser holding about 20.3% share in 2024, underscoring enduring appeal amid competition from Chrome's 73.57% dominance, though global benchmarks remain sparse due to limited international penetration.[46][32]Criticisms from users and analysts
Users have criticized the 360 Secure Browser for its aggressive bundling with Qihoo 360's antivirus suite, leading to unwanted installations and difficulty in complete removal, with reports of persistent registry entries that reinstall the software even after attempted uninstallation.[47] [48] Independent analysts have noted security implementation flaws, such as the browser's tendency to ignore SSL certificate errors and proceed to load pages while retaining user cookies, potentially exposing users to man-in-the-middle attacks despite its security branding.[49] This behavior, documented as early as 2014, contradicts the browser's core promise of enhanced protection. User forums highlight intrusive behaviors, including unauthorized homepage changes and the installation of additional rogue software extensions, which degrade the browsing experience and raise concerns about software integrity.[50] Reddit discussions echo these sentiments, portraying the browser as an outdated Internet Explorer shell with questionable security claims, often recommended against due to the parent company's reputation for opaque practices.[51] [52] Analysts reviewing Qihoo 360's ecosystem, including the browser, have criticized its overall effectiveness, pointing to subpar malware detection rates (around 90% in tests) and inadequate threat blocking compared to competitors like Norton or Bitdefender.[53] [54] These shortcomings extend to the browser's integrated mechanisms, where real-world performance fails to match marketing assertions of superior phishing and vulnerability scanning.[55] Additional complaints from users include interface clutter and performance lags, attributed to heavy reliance on proprietary plugins that prioritize security scans over smooth rendering, sometimes mimicking legacy browser limitations.[56] While some praise its ad-filtering in controlled environments, broader feedback indicates these features often introduce compatibility issues with modern web standards, limiting usability outside China-centric ecosystems.[51]Controversies
Aggressive user acquisition tactics
Qihoo 360 promoted the 360 Secure Browser through bundling with its flagship antivirus software, 360 Safe Guard, where the browser was installed by default during antivirus setup, often without explicit user consent beyond clicking "next" in installation dialogs.[42] This tactic facilitated widespread adoption, as the antivirus achieved high penetration via free distribution, reaching hundreds of millions of users in China by 2011.[57] Additionally, the browser was pre-installed on new personal computers sold in China, leveraging partnerships with hardware vendors to embed it at the OEM level.[42] The company integrated promotional mechanisms within the antivirus suite, such as pop-up notifications claiming the browser offered superior security over competitors like Internet Explorer, and persistent prompts to set it as the default browser for links from other applications.[57] Security scans conducted by 360 antivirus assigned lower safety scores to systems lacking the browser, recommending its installation to "improve" results, thereby coercing users through perceived vulnerability alerts.[57] Antivirus functionality also blocked rival browsers from assuming default status, further entrenching the 360 Secure Browser.[57] Uninstallation was deliberately obstructed; the provided "uninstall" or "change to IE" options in dialogs often reinstated the browser as default or required navigating misleading interfaces, while complete removal could alter system web settings, temporarily disrupting internet access.[57] In one documented case from August 2012, Qihoo 360 disseminated a fabricated Microsoft Internet Explorer patch labeled KB360018, which upon "installation" forcibly downloaded and set up the 360 Secure Browser without user authorization; China's State Administration for Industry and Commerce issued a formal warning in January 2013 for unfair competition practices.[58] These methods, criticized by analysts as manipulative, propelled the browser to overtake Internet Explorer as China's most-used in November 2011, capturing over 50% market share within months of launch earlier that year.[57] Evidence from independent investigations, including screenshots of deceptive interfaces, substantiated claims of icon mimicry resembling IE and covert bundling to confuse users.[57] While effective for rapid scaling in a competitive market dominated by free software, such tactics drew accusations of malware-like behavior from security researchers.[57]Privacy and backdoor allegations
In November 2012, a whistleblower publicly alleged the presence of a hidden backdoor in the 360 Secure Browser, claiming it enabled unauthorized remote access and data exfiltration by Qihoo 360.[59] The accusation prompted an independent technical analysis, which identified an undeclared update mechanism in the browser'sExtSmartWiz.dll component that initiated outbound connections to a Qihoo 360 server (se.360.cn) approximately every five minutes.[59] This mechanism downloaded files, including potentially executable ones, without user notification or disclosure in the company's privacy documentation at the time; testing observed downloads of non-malicious configuration data related to Baidu's XSS mitigation, but the capability raised concerns over possible future misuse for injecting code or surveillance.[59]
Qihoo 360's product director, Tao Weihua, dismissed the whistleblower's claims as a smear campaign, asserting that any remote capabilities were legitimate for security updates and not exploitable as a backdoor.[60] No evidence of active data uploading or exploitation emerged from the analysis, though the lack of transparency was criticized as a privacy risk, with recommendations for Qihoo 360 to enhance user disclosures.[59] Subsequent user reports and forums have echoed ongoing suspicions, describing the browser as difficult to uninstall and prone to aggressive data collection behaviors, though these remain anecdotal without independent verification of systemic backdoors.[61]
Broader allegations stem from Qihoo 360's status as a Chinese firm subject to national intelligence laws, which mandate cooperation with government requests for user data, potentially enabling state access to browser telemetry without user consent.[62] The U.S. Department of Commerce added Qihoo 360 to its Entity List in June 2020, citing risks of its involvement in military end-use activities and supercomputer support for China's defense sector, heightening scrutiny over products like the Secure Browser for embedded surveillance features.[63] Privacy policies for related 360 products disclose collection of browsing data, device info, and location for "security" purposes, but critics argue these enable undisclosed sharing under Chinese legal obligations, contrasting with more restrictive Western standards.[64] No public exploits of browser-specific backdoors have been documented post-2012, yet the opaque update mechanisms and geopolitical ties sustain user and analyst wariness.[65]