The most secure browser?

Novatian · 01-17-2012, 03:30 PM

Of the Linux and BSD browsers, which is most secure for banking and buying online?

Firefox, Sea Monkey, Ice Weasel, Opera, any others?

corp769 · 01-17-2012, 03:44 PM

Chrome is a good one, but IMO, I don't trust google products. I use firefox, with a bunch of addons to help *somewhat* secure myself. Remember, there is no such thing as 100% safe/security.

sycamorex · 01-17-2012, 03:53 PM

A couple of months ago I read some browser comparison in one of Linux magazines and apparently Chrome came 1st in terms of security (as far as I remember the comparison didn't include any addons). I guess Firefox with some addons will do a pretty good job.

MartinStrec · 01-17-2012, 03:57 PM

Hi!

I think you will get many different opinions of LQ members. I personally use Firefox and Chrome, both seems to working well without any security accidents. On my desktop/notebook I use SELinux to protect my computer and once it was really helpful even though I had known that the visited page was danger.

About internet banking and online shopping? I think that the browser is not the exposed point of your security. There are many other techniques and cheats those are danger to stole your credentials or your money. My opinion is that really safe is to buy in known, pay after delivery, user PayPal or other secure pay system, use eshops with secured DNS by DNSSec.

If you use online banking/internet banking, use transaction amount limits, use one-off transaction key and so on.

I'm afraid just secure your browser is a really small drop in the sea of security steps.

unSpawn · 01-17-2012, 04:32 PM

Quote:

Originally Posted by MartinStrec

I think you will get many different opinions of LQ members.

Shouldn't be any need to base security on opinions as there's facts abound:

CVE entries for:
- Opera (279): http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Opera
- Chrome (573): http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Chrome
- Firefox (800): http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Firefox

NSS Labs Browser Security tests: http://www.nsslabs.com/research/endp...wser-security/
Accuvant Browser Security Comparison: http://www.accuvant.com/capability/a...ative-approach *
*while this test was done on an incompatible platform some conclusions it provides are cross-platform like the one about Chrome sandboxing.

Quote:

Originally Posted by MartinStrec

About internet banking and online shopping? I think that the browser is not the exposed point of your security. There are many other techniques and cheats those are danger to stole your credentials or your money. (..) If you use online banking/internet banking, use transaction amount limits, use one-off transaction key and so on. I'm afraid just secure your browser is a really small drop in the sea of security steps.

Indeed. Exactly what I wrote here. As for web browsers themselves:
Zalewski's Browser Security Handbook: http://code.google.com/p/browsersec/wiki/Main
CERT Securing Your Web Browser: http://www.cert.org/tech_tips/securing_browser/
US-CERT Evaluating Your Web Browser's Security Settings: http://www.us-cert.gov/cas/tips/ST05-001.html

MartinStrec · 01-17-2012, 04:40 PM

Hi, unSpawn, that is the perfect browser security overview. Thanks

wpeckham · 01-17-2012, 05:10 PM

For maximum security you want something that is minimal install, runs no script (no javascript support) either blocks downloads ot allows immediate threat scanning of downloads (preferrably automated).

I am thinking lynx, Links, or ELinks may fit.

I like Dillo for the best compromise between security and convenience. (And no compromise on speed, it is FAST!)

LauMars · 01-18-2012, 09:09 AM

Quote:

Originally Posted by wpeckham

For maximum security you want something that is minimal install, runs no script (no javascript support) either blocks downloads ot allows immediate threat scanning of downloads (preferrably automated).

I am thinking lynx, Links, or ELinks may fit.

If you're going to that level of security then I'd recommend curl

But in all seriousness, Opera is the most secure of the big 5 (Chrome, FF, IE, Opera, Safari)

rsciw · 01-19-2012, 09:45 AM

Quote:

Originally Posted by corp769

Chrome is a good one, but IMO, I don't trust google products. I use firefox, with a bunch of addons to help *somewhat* secure myself. Remember, there is no such thing as 100% safe/security.

Might want to have a look at this

http://www.srware.net/en/software_srware_iron.php

NyteOwl · 01-19-2012, 11:12 AM

Or just build Chromium (Chrome without the Google bits)

Novatian · 01-19-2012, 03:17 PM

Where does Sea Monkey stand, just curious.

bonixavier · 01-21-2012, 03:27 PM

Quote:

Originally Posted by rsciw

Might want to have a look at this

http://www.srware.net/en/software_srware_iron.php

Take a look at this too:
http://chromium.hybridsource.org/the-iron-scam

rsciw · 01-23-2012, 05:40 AM

Quote:

Originally Posted by bonixavier

Take a look at this too:
http://chromium.hybridsource.org/the-iron-scam

good read, cheers

Linux_Kidd · 01-25-2012, 01:41 PM

interesting thread. its a futile exercise to "build" the most secure browser because the next joe re-builds the most secure browser with one less feature making it the most secure browser, going back and forth until the browser has zero features and taken to the point where perhaps its runtime is broken.

conclusion - the browser that cant run is the most secure browser.

perhaps if the question was limited to the top-10 most used pre-compiled browsers it would make for a better discussion?

what are they? i thought top 3 were
IE
FF
Opera

but this resource says differently
http://www.w3schools.com/browsers/browsers_stats.asp

and youser, iOS still has about 2x market over android. seems apple is king of some things.

bonixavier · 01-25-2012, 02:20 PM

Quote:

Originally Posted by Linux_Kidd

and youser, iOS still has about 2x market over android. seems apple is king of some things.

Really? I had no idea.