Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account



Photo

How secure is your browser?

- - - - -

  • Please log in to reply
25 replies to this topic

#1
Flasche

Flasche

    A bottled message!!

  • Member
  • PipPipPipPip
  • 594 posts
  • Joined 20-January 14
  • OS:ME
  • Country: Country Flag
Hey y'all I'm just wondering what browser y'all use and how y'all would rank it in security (from 1-10). To start I use SeaMonkey 2.24 with ad-block plus. (Filters: All the Fanboy filters http://www.fanboy.co.nz/) I also have NoScript to prevent XSS and Clickjacking attacks. I'd rank my new secure browser somewhere between a 7-8 as since I do not want another Win 7 incident http://www.msfn.org/...-5#entry1067128 , though I bet y'all can do better so tell us what you got and how would you rank it from 1-10 :), but please no 1s.

Seeker Of Truth by E. E. Cummings                                                                                           Quote (Me)

  • seeker of truth                                                 "If you want to reach and discover the true meaning of order; You must go through chaos first."            344d0f9.jpg
  • follow no path                                 
  • all paths lead where
  • truth is here
 


How to remove advertisement from MSFN

#2
LostInSpace2012

LostInSpace2012

    -

  • Member
  • PipPipPipPip
  • 578 posts
  • Joined 20-August 12
  • OS:none specified
  • Country: Country Flag

Donator

(K-Meleon 1.5.4) - java disabled, javascript disabled, popup blocker turned on, image animation blocker turned on, remember passwords turned off, clear the cookies and history on every shutdown. I'd say it's a pretty secure browser. Never had any *noticeable* security problems. Then again, I don't put my credit card or social security numbers online using this computer. Overall score = 8. Minus two points for loss of functionality. Of course, my scoring is totally arbitrary. Who knows, my computer could be comprimised and I wouldn't even know it! However, I doubt it is infected because I have a total of 13 on-demand antivirus scanners/tools on this computer (or on hand). I'd say my paranoia is justified considering my computer's age.

(SeaMonkey 1.1.19) - the exact same options are disabled here as in the above browser. Again, zero problems with security. SeaMonkey doesn't have the option to clear cookies on shutdown, so I use CCleaner to wipe out all cookies when I boot my computer. Score = 8.

On another tangent... there is a criteria for determining your browser's uniqueness and how easy it would be for someone to track your digital footprint. Go here: https://panopticlick.eff.org/

I ran the test and here's my score: "Currently, we estimate that your browser has a fingerprint that conveys 19.88 bits of identifying information."

Edited by LostInSpace2012, 16 February 2014 - 11:23 PM.


#3
Flasche

Flasche

    A bottled message!!

  • Member
  • PipPipPipPip
  • 594 posts
  • Joined 20-January 14
  • OS:ME
  • Country: Country Flag

Heres a nice site with a list of tools to check security 
 
http://www.techrepub...owser-security/

I particularly used Browser scope http://www.browserscope.org/ and my setup for sea monkey (on vista) got a score of

---------------------___Score____Security__Rich Text____Selectors API__Network___Acid3_____JSKB
SeaMonkey 2.2.4___86/100___16/17___933/1308____100.0%_____11/16_____100/100___82

Results for security HTML: http://www.browsersc...link sniffing=1

 

Compare that to my windows me opera 10.63 which got a 8/17 http://www.browsersc...tegory=security and my Me's firefox 3.6.28 which got a 12 or 13/17 test still says running for Strict Transport Security


Edited by Flasche, 17 February 2014 - 01:04 AM.

Seeker Of Truth by E. E. Cummings                                                                                           Quote (Me)

  • seeker of truth                                                 "If you want to reach and discover the true meaning of order; You must go through chaos first."            344d0f9.jpg
  • follow no path                                 
  • all paths lead where
  • truth is here
 

#4
LostInSpace2012

LostInSpace2012

    -

  • Member
  • PipPipPipPip
  • 578 posts
  • Joined 20-August 12
  • OS:none specified
  • Country: Country Flag

Donator

I occasionally use Opera 10.63 and FF 3.6.28 with Kernelex....

It looks like security wise, SeaMonkey 2.2.4 did the best. I'm guessing that's probably because it's the newer, whereas Opera 10, which is the oldest, got the weakest score of the three. I guess that figures :-)

Edited by LostInSpace2012, 17 February 2014 - 02:21 AM.


#5
Flasche

Flasche

    A bottled message!!

  • Member
  • PipPipPipPip
  • 594 posts
  • Joined 20-January 14
  • OS:ME
  • Country: Country Flag

I occasionally use Opera 10.63 and FF 3.6.28 with Kernelex....

It looks like security wise, SeaMonkey 2.2.4 did the best. I'm guessing that's probably because it's the newer, whereas Opera 10, which is the oldest, got the weakest score of the three. I guess that figures :-)

No script also did effect the score.


Seeker Of Truth by E. E. Cummings                                                                                           Quote (Me)

  • seeker of truth                                                 "If you want to reach and discover the true meaning of order; You must go through chaos first."            344d0f9.jpg
  • follow no path                                 
  • all paths lead where
  • truth is here
 

#6
Flasche

Flasche

    A bottled message!!

  • Member
  • PipPipPipPip
  • 594 posts
  • Joined 20-January 14
  • OS:ME
  • Country: Country Flag

http://www.browsersc...link sniffing=1

 

Interesting results. Firefox is less secure than IE 10 and 11 (Vanilla Firefox with no addons)


Seeker Of Truth by E. E. Cummings                                                                                           Quote (Me)

  • seeker of truth                                                 "If you want to reach and discover the true meaning of order; You must go through chaos first."            344d0f9.jpg
  • follow no path                                 
  • all paths lead where
  • truth is here
 

#7
LostInSpace2012

LostInSpace2012

    -

  • Member
  • PipPipPipPip
  • 578 posts
  • Joined 20-August 12
  • OS:none specified
  • Country: Country Flag

Donator

this is what it showed when I visited their webpage...

Attached Files


Edited by LostInSpace2012, 16 March 2014 - 12:01 AM.


#8
j7n

j7n

    Member

  • Member
  • PipPip
  • 283 posts
  • Joined 18-December 06
  • OS:XP Pro x86
  • Country: Country Flag

On another tangent... there is a criteria for determining your browser's uniqueness and how easy it would be for someone to track your digital footprint. Go here: https://panopticlick.eff.org/

I ran the test and here's my score: "Currently, we estimate that your browser has a fingerprint that conveys 19.88 bits of identifying information."

That script read my entire, unique list of installed fonts via the Flash plugin for 21.92 "bits"! Removing Flash prevented that. The next list highest category was set of preferred languages. Having 3 on the list gave the same 21.92 "bit" count for that item. Clearing it out to leave on English, dropped the estimate to 8 "bits".

#9
Flasche

Flasche

    A bottled message!!

  • Member
  • PipPipPipPip
  • 594 posts
  • Joined 20-January 14
  • OS:ME
  • Country: Country Flag

this is what it showed when I visited their webpage...

Yes and it showed firefox was less secure, even if it was by one.


Seeker Of Truth by E. E. Cummings                                                                                           Quote (Me)

  • seeker of truth                                                 "If you want to reach and discover the true meaning of order; You must go through chaos first."            344d0f9.jpg
  • follow no path                                 
  • all paths lead where
  • truth is here
 

#10
Flasche

Flasche

    A bottled message!!

  • Member
  • PipPipPipPip
  • 594 posts
  • Joined 20-January 14
  • OS:ME
  • Country: Country Flag

this is what it showed when I visited their webpage...

 

My apologies. I didn't realize that you were testing SeaMonkey. I thought that you were comparing Firefox and internet explorer. That is interesting indeed. do you have no script installed. did you tweak the browser.


Seeker Of Truth by E. E. Cummings                                                                                           Quote (Me)

  • seeker of truth                                                 "If you want to reach and discover the true meaning of order; You must go through chaos first."            344d0f9.jpg
  • follow no path                                 
  • all paths lead where
  • truth is here
 

#11
LostInSpace2012

LostInSpace2012

    -

  • Member
  • PipPipPipPip
  • 578 posts
  • Joined 20-August 12
  • OS:none specified
  • Country: Country Flag

Donator

Howdy... I always surf with javascript turned off. No "noscript" or anything, just plain turned off :-)

#12
vinifera

vinifera

    <°)))><

  • Member
  • PipPipPipPipPip
  • 967 posts
  • Joined 27-August 09
  • OS:Windows 7 x86
  • Country: Country Flag

I've personally never encountered insecure browser except when I used IE below version 7

 

for past few years I'm on Opera 11.52

and the only thing that got me was via Java plugin

 

removing that made it all safe back again

I use custom hosts file and I never have any problems ...


If you want true Windows user experience
try Longhorn builds: 3718, 4029, 4066

#13
Flasche

Flasche

    A bottled message!!

  • Member
  • PipPipPipPip
  • 594 posts
  • Joined 20-January 14
  • OS:ME
  • Country: Country Flag

I've personally never encountered insecure browser except when I used IE below version 7

 

for past few years I'm on Opera 11.52

and the only thing that got me was via Java plugin

 

removing that made it all safe back again

I use custom hosts file and I never have any problems ...

 

That is very good to know. :w00t:  Do you have a 98 or windows me Virtual machine, and if you do how well does it run. I use opera 12.02, but don't like how I cant add to the speed dial.


Seeker Of Truth by E. E. Cummings                                                                                           Quote (Me)

  • seeker of truth                                                 "If you want to reach and discover the true meaning of order; You must go through chaos first."            344d0f9.jpg
  • follow no path                                 
  • all paths lead where
  • truth is here
 

#14
Flasche

Flasche

    A bottled message!!

  • Member
  • PipPipPipPip
  • 594 posts
  • Joined 20-January 14
  • OS:ME
  • Country: Country Flag

Howdy... I always surf with javascript turned off. No "noscript" or anything, just plain turned off :-)

 

You most certainly beat my Firefox 3.2.68 setup. I think I'm download the latest 1.xx SeaMonkey to try it out.


Seeker Of Truth by E. E. Cummings                                                                                           Quote (Me)

  • seeker of truth                                                 "If you want to reach and discover the true meaning of order; You must go through chaos first."            344d0f9.jpg
  • follow no path                                 
  • all paths lead where
  • truth is here
 

#15
Tarun

Tarun

    Spectre

  • Super Moderator
  • 3,187 posts
  • Joined 27-January 04
  • OS:Windows 7 x64
  • Country: Country Flag

Firefox Nightly x64 builds.

 

I've always found the Fanboy filters to be far too overly aggressive. They also used to block a lot of images and other things that were totally safe on websites (recommended/affiliate websites - basically friend type websites).



#16
Flasche

Flasche

    A bottled message!!

  • Member
  • PipPipPipPip
  • 594 posts
  • Joined 20-January 14
  • OS:ME
  • Country: Country Flag

Firefox Nightly x64 builds.

 

I've always found the Fanboy filters to be far too overly aggressive. They also used to block a lot of images and other things that were totally safe on websites (recommended/affiliate websites - basically friend type websites).

 

Fanboy's main filters are now adblocks easy list. So sad.

 

 

this is what it showed when I visited their webpage...

 

It might be because Seamonkey is the king. Seamonkey 2.25 with Noscript turned off.

 

Attached File  SeaMonkey.bmp   63.51KB   6 downloads


Seeker Of Truth by E. E. Cummings                                                                                           Quote (Me)

  • seeker of truth                                                 "If you want to reach and discover the true meaning of order; You must go through chaos first."            344d0f9.jpg
  • follow no path                                 
  • all paths lead where
  • truth is here
 

#17
bphlpt

bphlpt

    MSFN Addict

  • Member
  • PipPipPipPipPipPipPip
  • 1,798 posts
  • Joined 12-May 07
  • OS:none specified
  • Country: Country Flag

It might be because Seamonkey is the king. Seamonkey 2.25 with Noscript turned off.


It might be the "king", but I'm quite happy using Chrome and it's variants and miss one point in the security area, and gain in overall to 87 vs 15 for Seamonkey. :)

Cheers and Regards


Posted Image


#18
Flasche

Flasche

    A bottled message!!

  • Member
  • PipPipPipPip
  • 594 posts
  • Joined 20-January 14
  • OS:ME
  • Country: Country Flag

 

It might be because Seamonkey is the king. Seamonkey 2.25 with Noscript turned off.


It might be the "king", but I'm quite happy using Chrome and it's variants and miss one point in the security area, and gain in overall to 87 vs 15 for Seamonkey. :)

Cheers and Regards

 

 

That was because I did the security test only. I ran all the tests and got an 86.

Attached File  SeaMonkey2.bmp   64.19KB   2 downloads


Seeker Of Truth by E. E. Cummings                                                                                           Quote (Me)

  • seeker of truth                                                 "If you want to reach and discover the true meaning of order; You must go through chaos first."            344d0f9.jpg
  • follow no path                                 
  • all paths lead where
  • truth is here
 

#19
bphlpt

bphlpt

    MSFN Addict

  • Member
  • PipPipPipPipPipPipPip
  • 1,798 posts
  • Joined 12-May 07
  • OS:none specified
  • Country: Country Flag

Then I guess COMODO Dragon beats Seamonkey:

 

5mmqgo.jpg

 

Security - 16

Overall - 87

 

The king is dead!  Long live the king!  LOL

 

Cheers and Regards


Posted Image


#20
Flasche

Flasche

    A bottled message!!

  • Member
  • PipPipPipPip
  • 594 posts
  • Joined 20-January 14
  • OS:ME
  • Country: Country Flag

Then I guess COMODO Dragon beats Seamonkey:

 

5mmqgo.jpg

 

Security - 16

Overall - 87

 

The king is dead!  Long live the king!  LOL

 

Cheers and Regards

 

Not if I can find some addons to level the field :P . In all seriousness though Chrome is a very good browser that I like a lot. I personally use Chromium over chrome for open source reasons. (doesn't change the fact that I still, prefer seamonkey for its stability though)


Seeker Of Truth by E. E. Cummings                                                                                           Quote (Me)

  • seeker of truth                                                 "If you want to reach and discover the true meaning of order; You must go through chaos first."            344d0f9.jpg
  • follow no path                                 
  • all paths lead where
  • truth is here
 

#21
bphlpt

bphlpt

    MSFN Addict

  • Member
  • PipPipPipPipPipPipPip
  • 1,798 posts
  • Joined 12-May 07
  • OS:none specified
  • Country: Country Flag

No problem.  I like Seamonkey as well. :)  As to which variant of Chrome I like, I used to use SRWare Iron, but now I use COMODO Dragon, that's what the above tests were based on.

 

Cheers and Regards


Posted Image


#22
vinifera

vinifera

    <°)))><

  • Member
  • PipPipPipPipPip
  • 967 posts
  • Joined 27-August 09
  • OS:Windows 7 x86
  • Country: Country Flag

this tests make no sense at all tho

 

ACID - just site style (css) - this shouldn't be security test

rich text - wtf... how is this security test ?

selectors API - again wtf... how is this security test ?

 

in fact

the only security thing should be based on JS, sandboxed/non-sandboxed plugins and specific known backdoors (whatever they are) and probably memory overflow

 

but behold the above huge scores based on what ?


Edited by vinifera, 09 April 2014 - 06:18 PM.

If you want true Windows user experience
try Longhorn builds: 3718, 4029, 4066

#23
Flasche

Flasche

    A bottled message!!

  • Member
  • PipPipPipPip
  • 594 posts
  • Joined 20-January 14
  • OS:ME
  • Country: Country Flag

this tests make no sense at all tho

 

ACID - just site style (css) - this shouldn't be security test

rich text - wtf... how is this security test ?

selectors API - again wtf... how is this security test ?

 

in fact

the only security thing should be based on JS, sandboxed/non-sandboxed plugins and specific known backdoors (whatever they are) and probably memory overflow

 

but behold the above huge scores based on what ?

 

Security has its own section. Browser scopes test all sections of a browser then gives it a score out off 100 so you can compare. Security included. If you want to see what the security test are here is a pic.

 

(I clicked the security tab to show the security tests the site does)

 

 

Attached File  Seamonkey3.JPG   78.7KB   0 downloads


Seeker Of Truth by E. E. Cummings                                                                                           Quote (Me)

  • seeker of truth                                                 "If you want to reach and discover the true meaning of order; You must go through chaos first."            344d0f9.jpg
  • follow no path                                 
  • all paths lead where
  • truth is here
 

#24
Flasche

Flasche

    A bottled message!!

  • Member
  • PipPipPipPip
  • 594 posts
  • Joined 20-January 14
  • OS:ME
  • Country: Country Flag

Thank you Lostinspace for sharing this bug with us. I'm cross cross posting your post here. http://www.msfn.org/...-users-at-risk/

 

 

Microsoft Corp is rushing to fix a bug in its widely used Internet Explorer web browser after a computer security firm disclosed the flaw over the weekend, saying hackers have already exploited it in attacks on some U.S. companies.

Microsoft disclosed on Saturday its plans to fix the bug, which targets Internet Explorer versions 9 through 11.

Those versions take up 26.25 percent of the browser market, according to FireEye, the cybersecurity software company that caught the bug.

The bug, however, reportedly affects versions 6 through 11. Together, those versions dominate desktop browsing, accounting for 55 percent of the PC browser market, according to tech research firm NetMarketShare.

PCs running Windows XP will not receive any updates fixing that bug when they are released, however, because Microsoft stopped supporting the 13-year-old operating system earlier this month.

Security firms estimate that between 15 and 25 percent of the world's PCs still run Windows XP.

FireEye Inc said that a sophisticated group of hackers have been exploiting the bug in a campaign dubbed 'Operation Clandestine Fox.'

FireEye, whose Mandiant division helps companies respond to cyber attacks, declined to name specific victims or identify the group of hackers, saying that an investigation into the matter is still active. It described the hackers as 'extremely proficient at lateral movement' and 'difficult to track.'

'It's a campaign of targeted attacks seemingly against U.S.-based firms, currently tied to defense and financial sectors,' FireEye spokesman Vitor De Souza said via email. 'It's unclear what the motives of this attack group are, at this point. It appears to be broad-spectrum intel gathering.'

He declined to elaborate, though he said one way to protect against them would be to switch to another browser.

Microsoft said in the advisory that the vulnerability could allow a hacker to take complete control of an affected system, then do things such as viewing changing, or deleting data, installing malicious programs, or creating accounts that would give hackers full user rights.

FireEye and Microsoft have not provided much information about the security flaw or the approach that hackers could use to figure out how to exploit it, said Aviv Raff, chief technology officer of cybersecurity firm Seculert.

Yet other groups of hackers are now racing to learn more about it so they can launch similar attacks before Microsoft prepares a security update, Raff said.

'Microsoft should move fast,' he said. 'This will snowball.'

Still, he cautioned that Windows XP users will not benefit from that update since Microsoft has just halted support for that product.

The software maker said in a statement to Reuters that it advises Windows XP users to upgrade to one of two most recently versions of its operating system, Windows 7 or 8.


Seeker Of Truth by E. E. Cummings                                                                                           Quote (Me)

  • seeker of truth                                                 "If you want to reach and discover the true meaning of order; You must go through chaos first."            344d0f9.jpg
  • follow no path                                 
  • all paths lead where
  • truth is here
 

#25
TELVM

TELVM

    Advanced Member

  • Member
  • PipPipPip
  • 303 posts
  • Joined 09-February 12
  • OS:Windows 7 x64
  • Country: Country Flag

Pale Moon 24.5.0 Portable, 16/17 :

 

Spoiler






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users