Dunkan
join:2008-03-18
CA 08976
| Secure browsers
Hi there,
Can anyone suggest really secure browser(s) except for firefox
opera,safari etc...
I tried to find any secure browser but all in vain
None of the browsers that i have found don't fit me
If U know browsers that can produce good security facilities
Please post |
|
tempnexus
Premium
join:1999-08-11
Boston, MA
| Well:
FireFox with NoScript, AdBlock and Lowered Rights via Local Security Policy for that browser.
Opera with Java unticked and Macromedia unticked also with lowered rights via LSP for that browser.
The rest of the browsers are actually based on either OPERA, IE or Mozilla code. |
|
snowguynotlogin
@verizon.net
| reply to Dunkan
Dunkan
Let the fun begin !
Make your own broswer...take your time..you can..if you really want to.
See:
»www.beansoftware.com/Windows-For···ser.aspx
|
|
Psicop
More human than human
Premium
join:2005-12-21
edit:
March 18th, @08:40AM
| reply to Dunkan
Try these:
»offbyone.com/offbyone/
»www.delorie.com/web/lynxview.html
See the screenie for how does Lynx view this thread.
Not pretty but effective as. |
|
Dunkan
join:2008-03-18
CA 08976
| reply to tempnexus
said by tempnexus  :Well: FireFox with NoScript, AdBlock and Lowered Rights via Local Security Policy for that browser. Opera with Java unticked and Macromedia unticked also with lowered rights via LSP for that browser. The rest of the browsers are actually based on either OPERA, IE or Mozilla code. Actually I mean the browser that could provide anonymous web
surfing opportunity using TOR and encrypted private data that stored in my pc, all included so to say |
|
Cudni
La Merma - La Guerrilla
Premium,MVM
join:2003-12-20
Someshire
 ·BTOpenworld
| once you installed Tor then you can use Torbutton extension in Firefox to quickly enable/disable browsing via Tor
»https://addons.mozilla.org/en-US/firefox/addon/2275
You are aware, i assume, that there could be some issues
»Rogue Nodes Turn Tor Anonymizer Into Eavesdropper's Paradise
Cudni
--
"Mercifully, he hit him with the soft end of the pistol."
Help yourself so God can help you.
Microsoft MVP, 2006-2007 |
|
Dunkan
join:2008-03-18
CA 08976
| Firefox addons has dozen of vulnerabilities and
also firefox launches very slowly with many addons installed |
|
Davebo_
join:2002-11-19
Canada | Proof - right now.... |
|
Cudni
La Merma - La Guerrilla
Premium,MVM
join:2003-12-20
Someshire
·BTOpenworld
| reply to Dunkan
said by Dunkan :Firefox addons has dozen of vulnerabilities and also firefox launches very slowly with many addons installed None of the ones listed in this thread here have known vulnerabilities and with them installed FF will load as it usually does
Cudni
--
"Mercifully, he hit him with the soft end of the pistol."
Help yourself so God can help you.
Microsoft MVP, 2006-2007 |
|
Dunkan
join:2008-03-18
CA 08976
| reply to Davebo_
said by Davebo_ :Proof - right now.... »www.pcmag.com/article2/0,2704,2138984,00.asp,
»paranoia.dubfire.net/2007/05/rem···fox.html
and many many hacker web sites will prove to u |
|
Cudni
La Merma - La Guerrilla
Premium,MVM
join:2003-12-20
Someshire
·BTOpenworld
| If you look in your second link you will see
"...
Users of popular Firefox extensions such as NoScript, Greasemonkey, and AdBlock Plus have nothing to worry about.
..."
and from the 1st link
"...
The attack requires that other significant compromises exist on the network—specifically that the user's DNS server be compromised
.."
Cudni
--
"Mercifully, he hit him with the soft end of the pistol."
Help yourself so God can help you.
Microsoft MVP, 2006-2007 |
|
javaMan
Premium,MVM
join:2002-07-15
San Luis Obispo, CA
| said by Cudni :If you look in your second link you will see "... Users of popular Firefox extensions such as NoScript, Greasemonkey, and AdBlock Plus have nothing to worry about. ..." and from the 1st link "... The attack requires that other significant compromises exist on the network—specifically that the user's DNS server be compromised .." Cudni Please don't obscure the issue with facts.
--
Woe unto them that call evil good, and good evil; that put darkness for light, and light for darkness. . . Isa. 5:20 |
|
Psicop
More human than human
Premium
join:2005-12-21
edit:
March 18th, @09:54AM
| reply to Dunkan
If you want to feel better: Ablock Plus and especially NoScript update almost daily in this box.
Edit: The extensions mentioned in the link you provided are basically virus magnets. I wouldn't touch any of those even with a 10 foot pole.
A different story is clicking on a "MySpace fake invite" as I did not many months ago. In that instance you are basically "pollo frito." |
|
Cudni
La Merma - La Guerrilla
Premium,MVM
join:2003-12-20
Someshire
·BTOpenworld
| reply to javaMan
said by javaMan :Please don't obscure the issue with facts. I will not obscure the issue with facts.
I will not obscure the issue with facts.
I will not obscure the issue with facts.
I will not obscure the issue with facts.
I will not obscure the issue with facts.
I will not obscure the issue with facts.
I will not obscure the issue with facts.
I will not obscure the issue with facts.
I will not obscure the issue with facts.
Cudni
--
"Mercifully, he hit him with the soft end of the pistol."
Help yourself so God can help you.
Microsoft MVP, 2006-2007 |
|
quatrix
join:2005-02-11
Davie, FL
| reply to tempnexus
said by tempnexus :Well: FireFox with NoScript, AdBlock and Lowered Rights via Local Security Policy for that browser. Opera with Java unticked and Macromedia unticked also with lowered rights via LSP for that browser. He said "secure", not "crippled". You don't cut off your arm to avoid getting a papercut. |
|
Davebo_
join:2002-11-19
Canada
| reply to Dunkan
PCmag (lol) and a blog entry, eh?
NEXT!
In fairness, all browsers are insecure. Firefox, configured properly, is the most secure browser out there IMO. Opera is pretty decent as well, if you can get used to it. |
|
tempnexus
Premium
join:1999-08-11
Boston, MA
edit:
March 18th, @10:32AM
| reply to quatrix
Find me a "Secure" browser that allows full Java and Macromedia compatibility???
We are no longer looking at BROWSER EXPLOITS, we are looking at JAVA exploits and Macromedia (aka flash) exploits. You can't have a secure browser if you allow it to execute unsecure code like JAVA and/or Flash.
Your attack vector is no longer against the browser engine it's against the JAVA and FLASH.
Of course running in LIMITED or GUEST rights via LSP will help a lot since the child spawned by the parent will inherit the parents rights...but just to be sure, you can always add JAVA and Flash into Limited/Guest LSP entry.
And in all fariness his Definition of "secure" is actually "Obfuscated" aka "annonymous" browsing and not "security/antiexploit" browsing. |
|
javaMan
Premium,MVM
join:2002-07-15
San Luis Obispo, CA
| said by tempnexus :. . . Of course running in LIMITED or GUEST rights via LSP will help a lot since the child spawned by the parent will inherit the parents rights...but just to be sure, you can always add JAVA and Flash into Limited/Guest LSP entry. Running as limited or guest? You must be kidding. That's asking the impossible of Windows users. 
--
Woe unto them that call evil good, and good evil; that put darkness for light, and light for darkness. . . Isa. 5:20 |
|
tempnexus
Premium
join:1999-08-11
Boston, MA
edit:
March 18th, @10:51AM
|
Well it's called LSP entry under SOFTWARE RESTRICTION POLICY -> ADDITIONAL RULES -> New Path Rule (point to the browser and choose security level).
The whole system will still run as Admin but the browser will run as Whatever security you specify (and so will it's child process...or at least in most cases) |
|
javaMan
Premium,MVM
join:2002-07-15
San Luis Obispo, CA
| said by tempnexus :Well it's called LSP entry under SOFTWARE RESTRICTION POLICY -> ADDITIONAL RULES -> New Path Rule (point to the browser and choose security level). The whole system will still run as Admin but the browser will run as Whatever security you specify (and so will it's child process...or at least in most cases) Or they could use limited/standard accounts--the recommended method--and not have to do it at all. Anyway, I didn't mean to sidetrack the thread.
--
Woe unto them that call evil good, and good evil; that put darkness for light, and light for darkness. . . Isa. 5:20 |
|
