Hi. People on this list are security-conscious. I wonder what browsers they use?
What browsers do you consider more secure than others?
Granted, they're all full of all kinds of holes, but what do you do to
tighten their security?

Thanks.

[ message continues ]

I like Firefox with noscript and adblock to stop the javascript.

[ message continues ]

+1

Firefox it's a good browser.

[ message continues ]

Some people wouldn't consider these strictly *security* features, but
if you're using Firefox it helps to be aware of
  firefox -ProfileManager
and use that to keep stuff separate. Additionally, you can also use
-no-remote and -P <profilename> to concurrently run two or more
firefox instances with different profiles. Cf.:
  http://kb.mozillazine.org/Command_line_arguments

Also be aware that even after you've deleted all traditional cookies,
so-called "Flash cookies" (LSOs) may still persist, and sneaky sites
do use those to track you as well.
One add-on that you can use to kill those is this;
  http://netticat.ath.cx/BetterPrivacy/BetterPrivacy.htm
(And even after deleting all cookies and LSOs, sites can still tell
what other places on the web you've been to, due to CSS leaking that
info, which may be unfixable, cf. e.g.
http://www.amirharel.com/2009/09/20/css-privacy/ )

Finally, if you use Adblock Plus, you owe it to yourself to also use
Element Hiding Helper.

This will not necessarily make Firefox "more secure than others", and
there are lots of things about Firefox that suck ass, but the above
will, "tighten [its] security", at least for some value of security.

--regards,
ropers

[ message continues ]

PS: I don't actually know to what extent the LSO issues apply to
OpenBSD, as there is only limited Flash compatibility, but anyway.


[ message continues ]

firefox + adsuck


[ message continues ]

What is your opnion on Chrome, OpenBSD gurus? Okay we all know about
it's privacy and identity leakage concerns. It's designed by Google
with this built-in - they want to know everything about you and don't
care about your privacy, yada yada. But what about its supposedly more
secure multi-process design. Is it really better than Firefox and
others in this regard?

[ message continues ]

All your ads are belong to us.

Max Headroom might have an opinion too.


[ message continues ]

Well, in theory, if they can stick to it, a privsep design is more
secure from the point of view of the application.

When done right.

Now, is it a small and secure program? I dunno: You decide:



# uname -a
OpenBSD cthulhu.cns.ualberta.ca 4.6 GENERIC.MP#27 amd64
# pwd
/usr/local/chrome
# ldd chrome
chrome:
        Start            End              Type Open Ref GrpRef Name
        0000000000400000 0000000002c9f000 exe  1    0   0      chrome
        0000000209b99000 000000020a0cc000 rlib 0    14   0
/usr/X11R6/lib/libX11.so.12.0
        0000000210dbf000 00000002111c8000 rlib 0    7   0
/usr/X11R6/lib/libXrender.so.5.0
        00000002069ca000 0000000206ddb000 rlib 0    7   0
/usr/X11R6/lib/libXext.so.10.0
        0000000212468000 0000000212877000 rlib 0    1   0
/usr/local/lib/libexecinfo.so.0.0
        000000021037f000 0000000210bab000 rlib 0    1   0
/usr/local/lib/libgtk-x11-2.0.so.1402.0
        00000002111f4000 00000002116aa000 rlib 0    2   0
/usr/local/lib/libgdk-x11-2.0.so.1402.0
        0000000214671000 0000000214a8c000 rlib 0    3   0
/usr/local/lib/libgdk_pixbuf-2.0.so.1402.0
        0000000204490000 000000020489d000 rlib 0    3   0
/usr/local/lib/libpangocairo-1.0.so.1801.0
        000000020a660000 000000020aa62000 rlib 0    3   0
/usr/X11R6/lib/libXinerama.so.5.0
        000000020ff75000 000000021037f000 rlib 0    3   0
/usr/X11R6/lib/libXi.so.10.1
        00000002058fc000 0000000205d04000 rlib 0    3   0
/usr/X11R6/lib/libXrandr.so.6.1
        000000020db06000 000000020df10000 rlib 0    3   0
/usr/X11R6/lib/libXcursor.so.4.0
        00000002029e5000 0000000202de8000 rlib 0    3   0
/usr/X11R6/lib/libXcomposite.so.3.0
        0000000202e4d000 0000000203250000 rlib 0    3   0
/usr/X11R6/lib/libXdamage.so.3.1
        00000002065c0000 00000002069c5000 rlib 0    6   0
/usr/X11R6/lib/libXfixes.so.5.0
        0000000211fc2000 00000002123e0000 rlib 0    2   0
/usr/local/lib/libatk-1.0.so.2800.0
        000000020ce25000 000000020d2b0000 rlib 0    4   ...
[ message continues ]

Can anybody comment on privoxy?
Junkbuster used to be simple, but privoxy seems to be quite complex to set 
up.

Regards,
David

[ message continues ]

You know, it's really trivial to run chrome and watch the network and
see just what terrible secrets it's transmitting back to the mother
ship.  But be aware that if you do that, you may find you no longer

Compared to every version of firefox I've ever used, chrome is crazy
fast.  Also, it can render pages with a lot of html instead of pooping
itself.  As for security, I guess it's better.  Certainly, it's nicer
to have one tab crash and not bring down the whole browser.

[ message continues ]

Privacy and Google are interesting.

Obviously it makes sense for Google to collect as much data on you as  
possible (tin foil hat removed), as a marketing company its their job to  
do so. However Google have always stated Chrome is an attempt to get  
people using more javascript to create larger javascript based  
applications (similar to Wave). This clearly increases their market for  
ad. revinue etc.

Google are clearly clever enough to know that upsetting the 'tin-foiled'  
geeks, by 'spying' on them would be enough to disrupt its browser.  
Especially given its lowly market share, just a little bad press would  
stop this thing ever taking off.

As has been said though, look at your own traffic yourself, does it  
contain anything it shouldn't? If not then its not a problem. If it does,  

I don't think many people could put it better than Bob already has.


-- 
Using Opera M2: http://www.opera.com/mail/

[ message continues ]

I highly doubt that. I think the browser will be adopted quickly and
overtake the market. Neither the majority of browser users nor Google
care about privacy or anonymity. Google also wants the browser to be
used by businesses - so there will be many features similar to those
IE has in the Windows version. There's a reason why Chromium/Chrome
uses Windows' proxy crap on Windows, and the developers are refusing
to change that despite many requests.

http://code.google.com/p/chromium/issues/detail?id=266

[ message continues ]

Stop paying attention to shit. The amount of energy spend in that thread
is amazing. 100+ angry posts for a stupid browser. I'm sorry but people
seem to never learn...

[ message continues ]

Uh,
"Comment 7  by nsylvain@chromium.org, Sep 08, 2008

If you want to use a different proxy server for Google Chrome, you can use this
command line :

chrome.exe --proxy-server=foo:8080"

Jus' sayin'.

[ message continues ]

I use netcat.

[ message continues ]

"I send mail to a demon which runs wget and mails the page back to me."

-- 
Antoine

[ message continues ]

Richard is that you?

[ message continues ]

Only his mom calls him Richard. To us, he is RMS.



Your Friend,



IR


_________________________________________________________________
Windows Live: Keep your friends up to date with what you do online.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/soci
al-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_1:092010

[ message continues ]

Well you really shouldn't use DEMONS to do your computer work.
They should never be trusted.

But a daemon is OK :)

-- 
A human being should be able to change a diaper, plan an invasion,
butcher a hog, conn a ship, design a building, write a sonnet, balance
accounts, build a wall, set a bone, comfort the dying, take orders,
give orders, cooperate, act alone, solve equations, analyze a new
problem, pitch manure, program a computer, cook a tasty meal, fight
efficiently, die gallantly. Specialization is for insects.
   -- Robert Heinlein

[ message continues ]

RMS?

-

[ message continues ]

I'm not telling.

cel

[ message continues ]

lynx

[ message continues ]

Chrome/Chromium: stable, secure, but questioned privacy. I don't know
if anyone has gone though the *whole* code to actually check this
issue, since it *is* open source, so the privacy issue should be
something no-so-impossible to leave behind.

Firefox: might slow down on some sort of sites (heavy javascript,
etc). If on tab crashes, the whole thing goes down. Privacy a bit more
trustworthy than google, but not-so-stable and not-so-secure.

Chrome has no master password for remembered passwords, so that might
be a security issue in some environments.

[ message continues ]

Why?

[ message continues ]

Because Google's stated mission is to collect all the world's
information and "make it useful", whereas Mozilla's is to promote an
open web.

[ message continues ]

Oh sorry, I forgot to think like an American for a second there.

(Change you can believe in, penny on the dollar)

[ message continues ]

[ message continues ]

what's about srware iron?

[ message continues ]

Who pays for the majority of firefox's development?


[ message continues ]

Wait, wait... don't tell me...

[ message continues ]

Ooooh right. Good point. Well, I wasn't meaning to make a fuss, just
filling in the rhetorical answer. Hugo just said "a bit" after all.

[ message continues ]