LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Browser security (https://www.linuxquestions.org/questions/linux-newbie-8/browser-security-4175555464/)

gillsman 10-06-2015 03:15 PM
Browser security
 
I use Firefox & I have a couple security add-ons namely Csycon phishing protection & Avira browser safety both of which can recognise sites compromised by malware & various other dodgy stuff, but I got to thinking I'm still doing things from a Windows user's point of view which is something I'm trying to leave behind, so my question is simply this ~ Do I really need add-ons like this in Linux or is it still wise to steer clear of infected sites?
I realise of course that in the case of viruses I am much safer than our Windows friends but are there still things out there that can harm my security which these security measure can protect me from.

Emerson 10-06-2015 05:29 PM
Infecting Linux is possible via social engineering, if they tempt you to install something and you fall for it.

I've been using Linux exclusively since 2003, I visit all the sites I want, I open all the email attachments I want. This is the way one should use his/her computer, without fear. I'm behind NAT router, never used a firewall behind router, why put unnecessary load on your hardware.

chrism01 10-06-2015 05:34 PM
I highly recommend noscript for firefox

frankbell 10-06-2015 05:53 PM
If these add-ons guard against malware intended for Windows. the kind that some dodgy websites are known to drop, they are likely superfluous in a wholly Linux environment. If they are designed to protect against attacks on the browser itself, there may be some utility in them, though I must say I've not used (nor even heard of) either one.

I second chrism01's recommendation of noscript and echo what Emerson said: Getting entrapped by social engineering or phishing is the bigger danger on Linux. The biggest security threat in any system is PeBCAK (person between chair and keyboard). Noscript and good careful browsing are your best defense.

gillsman 10-07-2015 11:49 AM
Thanks to all for the input, I will investigate noscript, thanks.

BeaverTek 10-07-2015 07:39 PM
You definitely need to protect your browser. That's the new target as it's what everyone uses. Flash, Java, Javascript, etc.

Check out:
NoScript or SafeScript
Bluhell Firewall
uBlock
Self-Destructing Cookies
HTTPS Everywhere

chrism01 10-07-2015 07:50 PM
Yeah, actually I use :

NoScript
HTTPS-Everywhere (NB you have to go to eff.org for this)
Ghostery
Flashblock
AdblockPlus

but there are loads of options/add-ons to choose from.

I also only allow pop-ups (see menu Preferences-> Content) and cookies (Privacy->History & select 'Custom...) by exception ie use the built-in FF menus for those.


--------------
Just came across this by coincidence - really good write-up of safe browsing HOWTO : includes recommendations of which tools+addons to use and why(!)

==================================
Edit ... sigh - yes indeed there was supposed to be a link
https://gist.github.com/atcuno/3425484ac5cce5298932

Thanks to this article I've now swapped AdBlockPlus out for uBlock instead; read the article to see why :)
Also added PrivacyBadger ...

gillsman 10-08-2015 12:37 PM
chrism01 was there meant to have been a link to something in the line ~
Just came across this by coincidence - really good write-up of safe browsing HOWTO : includes recommendations of which tools+addons to use and why(!)

Thanks

D.wyatt1 10-08-2015 01:51 PM
I would like to add, don't surf the web as the root user.

Install trusted plugins/extensions. If unsure, do a google search on the plugin/extension you want to use.

Don't saturate your browser with tons of them.

You may want to read this article from howtogeek.com

Warning: Your Browser Extensions Are Spying On You

John VV 10-08-2015 01:54 PM
it really depends on what YOU!!! consider a "virus" or "malware"

i call tracking cookies MALWARE!!!
and FB a virus

an example

if you already post EVERYTHING on Facebook and twitter and vine and ( fill in the blank)

then you really do not care about having anything out of the hands of Big-DATA and the NSA/CIA/FBI/FSB/GCHQ / and so on

then do not install anything - it will not make a bit of difference

you already have EVERYONE in the WORLD already tracking you
( and yes tracking your porn sites as well as your FB/G+ and everything you type to your SO - including your "naughty bits" )

gillsman 10-09-2015 01:14 AM
I heard that Ghostery collections information on your browsing habits & then sells it on, if that's true it would mean I'm being protected by Spyware, can anyone confirm or reject this?

Captain Pinkeye 10-09-2015 01:28 AM
Quote:
Originally Posted by gillsman (Post 5432018)
I heard that Ghostery collections information on your browsing habits & then sells it on, if that's true it would mean I'm being protected by Spyware, can anyone confirm or reject this?
https://www.ghostery.com/en/faq/exac...stery-collect/

https://www.ghostery.com/en/faq/how-...l-you-collect/

I personally like Ghostery a lot, to me it is much less troublesome than noscript, for example.

Hasek39 10-09-2015 02:24 AM
To be honest, if you are an ordinary user you don't need any special security addons for your Firefox. I will give just this two simple advices:
1. Don't browse web and start GUI applications from root. Also if it's possible use https when connecting to web at public networks.
2. Don't post any private information about yourself in social networks and forums. You must understand that in majority of cases user manually upload to web a lot of information about himself and it can be easily found without any hacking.


All times are GMT -5. The time now is 12:25 PM.