tempnexus
Premium
join:1999-08-11
Boston, MA
| reply to Dunkan
Re: Secure browsers
Well:
FireFox with NoScript, AdBlock and Lowered Rights via Local Security Policy for that browser.
Opera with Java unticked and Macromedia unticked also with lowered rights via LSP for that browser.
The rest of the browsers are actually based on either OPERA, IE or Mozilla code. |
|
Dunkan
join:2008-03-18
CA 08976
| said by tempnexus  :Well: FireFox with NoScript, AdBlock and Lowered Rights via Local Security Policy for that browser. Opera with Java unticked and Macromedia unticked also with lowered rights via LSP for that browser. The rest of the browsers are actually based on either OPERA, IE or Mozilla code. Actually I mean the browser that could provide anonymous web
surfing opportunity using TOR and encrypted private data that stored in my pc, all included so to say |
|
Cudni
La Merma - Los De Aca
Premium,MVM
join:2003-12-20
Someshire
 ·BTOpenworld
| once you installed Tor then you can use Torbutton extension in Firefox to quickly enable/disable browsing via Tor
»https://addons.mozilla.org/en-US/firefox/addon/2275
You are aware, i assume, that there could be some issues
»Rogue Nodes Turn Tor Anonymizer Into Eavesdropper's Paradise
Cudni
--
"Mercifully, he hit him with the soft end of the pistol."
Help yourself so God can help you.
Microsoft MVP, 2006-2007 |
|
Dunkan
join:2008-03-18
CA 08976
| Firefox addons has dozen of vulnerabilities and
also firefox launches very slowly with many addons installed |
|
Davebo_
join:2002-11-19
Canada | Proof - right now.... |
|
Cudni
La Merma - Los De Aca
Premium,MVM
join:2003-12-20
Someshire
·BTOpenworld
| reply to Dunkan
said by Dunkan :Firefox addons has dozen of vulnerabilities and also firefox launches very slowly with many addons installed None of the ones listed in this thread here have known vulnerabilities and with them installed FF will load as it usually does
Cudni
--
"Mercifully, he hit him with the soft end of the pistol."
Help yourself so God can help you.
Microsoft MVP, 2006-2007 |
|
Dunkan
join:2008-03-18
CA 08976
| reply to Davebo_
said by Davebo_ :Proof - right now.... »www.pcmag.com/article2/0,2704,2138984,00.asp,
»paranoia.dubfire.net/2007/05/rem···fox.html
and many many hacker web sites will prove to u |
|
Cudni
La Merma - Los De Aca
Premium,MVM
join:2003-12-20
Someshire
·BTOpenworld
| If you look in your second link you will see
"...
Users of popular Firefox extensions such as NoScript, Greasemonkey, and AdBlock Plus have nothing to worry about.
..."
and from the 1st link
"...
The attack requires that other significant compromises exist on the network—specifically that the user's DNS server be compromised
.."
Cudni
--
"Mercifully, he hit him with the soft end of the pistol."
Help yourself so God can help you.
Microsoft MVP, 2006-2007 |
|
javaMan
Premium,MVM
join:2002-07-15
San Luis Obispo, CA
| said by Cudni :If you look in your second link you will see "... Users of popular Firefox extensions such as NoScript, Greasemonkey, and AdBlock Plus have nothing to worry about. ..." and from the 1st link "... The attack requires that other significant compromises exist on the network—specifically that the user's DNS server be compromised .." Cudni Please don't obscure the issue with facts.
--
Woe unto them that call evil good, and good evil; that put darkness for light, and light for darkness. . . Isa. 5:20 |
|
Psicop
More human than human
Premium
join:2005-12-21
edit:
March 18th, @09:54AM
| reply to Dunkan
If you want to feel better: Ablock Plus and especially NoScript update almost daily in this box.
Edit: The extensions mentioned in the link you provided are basically virus magnets. I wouldn't touch any of those even with a 10 foot pole.
A different story is clicking on a "MySpace fake invite" as I did not many months ago. In that instance you are basically "pollo frito." |
|
Cudni
La Merma - Los De Aca
Premium,MVM
join:2003-12-20
Someshire
·BTOpenworld
| reply to javaMan
said by javaMan :Please don't obscure the issue with facts. I will not obscure the issue with facts.
I will not obscure the issue with facts.
I will not obscure the issue with facts.
I will not obscure the issue with facts.
I will not obscure the issue with facts.
I will not obscure the issue with facts.
I will not obscure the issue with facts.
I will not obscure the issue with facts.
I will not obscure the issue with facts.
Cudni
--
"Mercifully, he hit him with the soft end of the pistol."
Help yourself so God can help you.
Microsoft MVP, 2006-2007 |
|
quatrix
join:2005-02-11
Davie, FL
| reply to tempnexus
said by tempnexus :Well: FireFox with NoScript, AdBlock and Lowered Rights via Local Security Policy for that browser. Opera with Java unticked and Macromedia unticked also with lowered rights via LSP for that browser. He said "secure", not "crippled". You don't cut off your arm to avoid getting a papercut. |
|
Davebo_
join:2002-11-19
Canada
| reply to Dunkan
PCmag (lol) and a blog entry, eh?
NEXT!
In fairness, all browsers are insecure. Firefox, configured properly, is the most secure browser out there IMO. Opera is pretty decent as well, if you can get used to it. |
|
tempnexus
Premium
join:1999-08-11
Boston, MA
edit:
March 18th, @10:32AM
| reply to quatrix
Find me a "Secure" browser that allows full Java and Macromedia compatibility???
We are no longer looking at BROWSER EXPLOITS, we are looking at JAVA exploits and Macromedia (aka flash) exploits. You can't have a secure browser if you allow it to execute unsecure code like JAVA and/or Flash.
Your attack vector is no longer against the browser engine it's against the JAVA and FLASH.
Of course running in LIMITED or GUEST rights via LSP will help a lot since the child spawned by the parent will inherit the parents rights...but just to be sure, you can always add JAVA and Flash into Limited/Guest LSP entry.
And in all fariness his Definition of "secure" is actually "Obfuscated" aka "annonymous" browsing and not "security/antiexploit" browsing. |
|
javaMan
Premium,MVM
join:2002-07-15
San Luis Obispo, CA
| said by tempnexus :. . . Of course running in LIMITED or GUEST rights via LSP will help a lot since the child spawned by the parent will inherit the parents rights...but just to be sure, you can always add JAVA and Flash into Limited/Guest LSP entry. Running as limited or guest? You must be kidding. That's asking the impossible of Windows users. 
--
Woe unto them that call evil good, and good evil; that put darkness for light, and light for darkness. . . Isa. 5:20 |
|
tempnexus
Premium
join:1999-08-11
Boston, MA
edit:
March 18th, @10:51AM
|
Well it's called LSP entry under SOFTWARE RESTRICTION POLICY -> ADDITIONAL RULES -> New Path Rule (point to the browser and choose security level).
The whole system will still run as Admin but the browser will run as Whatever security you specify (and so will it's child process...or at least in most cases) |
|
javaMan
Premium,MVM
join:2002-07-15
San Luis Obispo, CA
| said by tempnexus :Well it's called LSP entry under SOFTWARE RESTRICTION POLICY -> ADDITIONAL RULES -> New Path Rule (point to the browser and choose security level). The whole system will still run as Admin but the browser will run as Whatever security you specify (and so will it's child process...or at least in most cases) Or they could use limited/standard accounts--the recommended method--and not have to do it at all. Anyway, I didn't mean to sidetrack the thread.
--
Woe unto them that call evil good, and good evil; that put darkness for light, and light for darkness. . . Isa. 5:20 |
|
La Luna
Surviving Ashraful
Premium
join:2001-07-12
Warwick, NY
clubs:
 ·Optimum Online
 ·Vonage
| reply to Dunkan
First of all, both articles are almost a year old.
Secondly, don't believe ALL the FUD you read on the "internet".
Thirdly, use the correct extensions and DON'T use the incorrect ones (those not downloaded directly from Mozilla, as also mentioned) with Fx.
I don't know if that vulnerability even still exists, it may have been patched by now. Not to mention one of the following situations ALSO needs to be true for this vulnerability to work: "this possibility exists whenever the user cannot trust their domain name server (DNS) or network connection. Examples of this include public wireless networks, and users connected to compromised home routers".
There is NO browser that is 100% "secure", there is only MORE secure. And that would be Fx, especially with the right extensions.
--
10,741 DEADLY TERROR ATTACKS SINCE 9/11~~TEAM DISCOVERY
Can't feel you anymore, don't need you anymore, don't believe you anymore, I don't need you anymore
|
|
chrisretusn
Retired
Premium
join:2007-08-13
Philippines
| reply to javaMan
said by javaMan :Please don't obscure the issue with facts. Or old information. |
|
