Hi. People on this list are security-conscious. I wonder what browsers they use? What browsers do you consider more secure than others? Granted, they're all full of all kinds of holes, but what do you do to tighten their security? Thanks.
+1 Firefox it's a good browser.
Some people wouldn't consider these strictly *security* features, but if you're using Firefox it helps to be aware of firefox -ProfileManager and use that to keep stuff separate. Additionally, you can also use -no-remote and -P <profilename> to concurrently run two or more firefox instances with different profiles. Cf.: http://kb.mozillazine.org/Command_line_arguments Also be aware that even after you've deleted all traditional cookies, so-called "Flash cookies" (LSOs) may still persist, and sneaky sites do use those to track you as well. One add-on that you can use to kill those is this; http://netticat.ath.cx/BetterPrivacy/BetterPrivacy.htm (And even after deleting all cookies and LSOs, sites can still tell what other places on the web you've been to, due to CSS leaking that info, which may be unfixable, cf. e.g. http://www.amirharel.com/2009/09/20/css-privacy/ ) Finally, if you use Adblock Plus, you owe it to yourself to also use Element Hiding Helper. This will not necessarily make Firefox "more secure than others", and there are lots of things about Firefox that suck ass, but the above will, "tighten [its] security", at least for some value of security. --regards, ropers
PS: I don't actually know to what extent the LSO issues apply to OpenBSD, as there is only limited Flash compatibility, but anyway.
firefox + adsuck
What is your opnion on Chrome, OpenBSD gurus? Okay we all know about it's privacy and identity leakage concerns. It's designed by Google with this built-in - they want to know everything about you and don't care about your privacy, yada yada. But what about its supposedly more secure multi-process design. Is it really better than Firefox and others in this regard?
All your ads are belong to us. Max Headroom might have an opinion too.
Well, in theory, if they can stick to it, a privsep design is more secure from the point of view of the application. When done right. Now, is it a small and secure program? I dunno: You decide: # uname -a OpenBSD cthulhu.cns.ualberta.ca 4.6 GENERIC.MP#27 amd64 # pwd /usr/local/chrome # ldd chrome chrome: Start End Type Open Ref GrpRef Name 0000000000400000 0000000002c9f000 exe 1 0 0 chrome 0000000209b99000 000000020a0cc000 rlib 0 14 0 /usr/X11R6/lib/libX11.so.12.0 0000000210dbf000 00000002111c8000 rlib 0 7 0 /usr/X11R6/lib/libXrender.so.5.0 00000002069ca000 0000000206ddb000 rlib 0 7 0 /usr/X11R6/lib/libXext.so.10.0 0000000212468000 0000000212877000 rlib 0 1 0 /usr/local/lib/libexecinfo.so.0.0 000000021037f000 0000000210bab000 rlib 0 1 0 /usr/local/lib/libgtk-x11-2.0.so.1402.0 00000002111f4000 00000002116aa000 rlib 0 2 0 /usr/local/lib/libgdk-x11-2.0.so.1402.0 0000000214671000 0000000214a8c000 rlib 0 3 0 /usr/local/lib/libgdk_pixbuf-2.0.so.1402.0 0000000204490000 000000020489d000 rlib 0 3 0 /usr/local/lib/libpangocairo-1.0.so.1801.0 000000020a660000 000000020aa62000 rlib 0 3 0 /usr/X11R6/lib/libXinerama.so.5.0 000000020ff75000 000000021037f000 rlib 0 3 0 /usr/X11R6/lib/libXi.so.10.1 00000002058fc000 0000000205d04000 rlib 0 3 0 /usr/X11R6/lib/libXrandr.so.6.1 000000020db06000 000000020df10000 rlib 0 3 0 /usr/X11R6/lib/libXcursor.so.4.0 00000002029e5000 0000000202de8000 rlib 0 3 0 /usr/X11R6/lib/libXcomposite.so.3.0 0000000202e4d000 0000000203250000 rlib 0 3 0 /usr/X11R6/lib/libXdamage.so.3.1 00000002065c0000 00000002069c5000 rlib 0 6 0 /usr/X11R6/lib/libXfixes.so.5.0 0000000211fc2000 00000002123e0000 rlib 0 2 0 /usr/local/lib/libatk-1.0.so.2800.0 000000020ce25000 000000020d2b0000 rlib 0 4 ...
Can anybody comment on privoxy? Junkbuster used to be simple, but privoxy seems to be quite complex to set up. Regards, David
You know, it's really trivial to run chrome and watch the network and see just what terrible secrets it's transmitting back to the mother ship. But be aware that if you do that, you may find you no longer Compared to every version of firefox I've ever used, chrome is crazy fast. Also, it can render pages with a lot of html instead of pooping itself. As for security, I guess it's better. Certainly, it's nicer to have one tab crash and not bring down the whole browser.
I highly doubt that. I think the browser will be adopted quickly and overtake the market. Neither the majority of browser users nor Google care about privacy or anonymity. Google also wants the browser to be used by businesses - so there will be many features similar to those IE has in the Windows version. There's a reason why Chromium/Chrome uses Windows' proxy crap on Windows, and the developers are refusing to change that despite many requests. http://code.google.com/p/chromium/issues/detail?id=266
Stop paying attention to shit. The amount of energy spend in that thread is amazing. 100+ angry posts for a stupid browser. I'm sorry but people seem to never learn...
I use netcat.
"I send mail to a demon which runs wget and mails the page back to me." -- Antoine
Richard is that you?
Only his mom calls him Richard. To us, he is RMS. Your Friend, IR _________________________________________________________________ Windows Live: Keep your friends up to date with what you do online. http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/soci al-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_1:092010
Well you really shouldn't use DEMONS to do your computer work. They should never be trusted. But a daemon is OK :) -- A human being should be able to change a diaper, plan an invasion, butcher a hog, conn a ship, design a building, write a sonnet, balance accounts, build a wall, set a bone, comfort the dying, take orders, give orders, cooperate, act alone, solve equations, analyze a new problem, pitch manure, program a computer, cook a tasty meal, fight efficiently, die gallantly. Specialization is for insects. -- Robert Heinlein
I'm not telling. cel
Because Google's stated mission is to collect all the world's information and "make it useful", whereas Mozilla's is to promote an open web.
Oh sorry, I forgot to think like an American for a second there. (Change you can believe in, penny on the dollar)
what's about srware iron?
Who pays for the majority of firefox's development?
Wait, wait... don't tell me...
Ooooh right. Good point. Well, I wasn't meaning to make a fuss, just filling in the rhetorical answer. Hugo just said "a bit" after all.
|Greg KH||Og dreams of kernels|
|Jens Axboe||[PATCH 31/33] Fusion: sg chaining support|
|Arnd Bergmann||Re: finding your own dead "CONFIG_" variables|
|Mark Brown||[PATCH 2/2] Subject: natsemi: Allow users to disable workaround for DspCfg reset|
|Tony Breeds||[LGUEST] Look in object dir for .config|
|Brian Downing||Re: Git in a Nutshell guide|
|John Benes||Re: master has some toys|
|Matthias Lederhofer||[PATCH 4/7] introduce GIT_WORK_TREE to specify the work tree|
|Alexander Sulfrian||[RFC/PATCH] RE: git calls SSH_ASKPASS even if DISPLAY is not set|
|Junio C Hamano||Re: Rss produced by git is not valid xml?|
|Linux Kernel Mailing List||iSeries: fix section mismatch in iseries_veth|
|Linux Kernel Mailing List||ixbge: remove TX lock and redo TX accounting.|
|Linux Kernel Mailing List||ixgbe: fix several counter register errata|
|Linux Kernel Mailing List||b43: fix build with CONFIG_SSB_PCIHOST=n|
|Linux Kernel Mailing List||9p: block-based virtio client|
|Michael Breuer||Re: [PATCH] af_packet: Don't use skb after dev_queue_xmit()|
|Michael Breuer||Re: [PATCH] af_packet: Don't use skb after dev_queue_xmit()|
|David Daney||[PATCH 5/7] Staging: Octeon Ethernet: Convert to NAPI.|
|Wolfgang Grandegger||[PATCH net-next v4 1/3] can: mscan: fix improper return if dlc < 8 in start_xmi...|
|Amit Kumar Salecha||[PATCHv3 NEXT 2/2] NET: Add Qlogic ethernet driver for CNA devices|
|Theo de Raadt||Re: Old IPSEC bug|
|Tomáš Bodžár||Problem with vpnc connection - check group password !|
|Insan Praja SW||Mandoc Compiling Error|
|Carl Roberso||Re: Cannot change MTU of carp interface?|
|Richard Daemon||Re: booting openbsd on eee without cd-rom|