Sign in to follow this  
Followers 0
Flasche

How secure is your browser?

26 posts in this topic

Hey y'all I'm just wondering what browser y'all use and how y'all would rank it in security (from 1-10). To start I use SeaMonkey 2.24 with ad-block plus. (Filters: All the Fanboy filters http://www.fanboy.co.nz/) I also have NoScript to prevent XSS and Clickjacking attacks. I'd rank my new secure browser somewhere between a 7-8 as since I do not want another Win 7 incident http://www.msfn.org/board/topic/170810-ok-ok-well-support-it-lol/page-5#entry1067128 , though I bet y'all can do better so tell us what you got and how would you rank it from 1-10 :), but please no 1s.

0

Share this post


Link to post
Share on other sites

(K-Meleon 1.5.4) - java disabled, javascript disabled, popup blocker turned on, image animation blocker turned on, remember passwords turned off, clear the cookies and history on every shutdown. I'd say it's a pretty secure browser. Never had any *noticeable* security problems. Then again, I don't put my credit card or social security numbers online using this computer. Overall score = 8. Minus two points for loss of functionality. Of course, my scoring is totally arbitrary. Who knows, my computer could be comprimised and I wouldn't even know it! However, I doubt it is infected because I have a total of 13 on-demand antivirus scanners/tools on this computer (or on hand). I'd say my paranoia is justified considering my computer's age.

(SeaMonkey 1.1.19) - the exact same options are disabled here as in the above browser. Again, zero problems with security. SeaMonkey doesn't have the option to clear cookies on shutdown, so I use CCleaner to wipe out all cookies when I boot my computer. Score = 8.

On another tangent... there is a criteria for determining your browser's uniqueness and how easy it would be for someone to track your digital footprint. Go here: https://panopticlick.eff.org/

I ran the test and here's my score: "Currently, we estimate that your browser has a fingerprint that conveys 19.88 bits of identifying information."

Edited by LostInSpace2012
0

Share this post


Link to post
Share on other sites

Heres a nice site with a list of tools to check security

http://www.techrepublic.com/blog/five-apps/five-tips-for-testing-web-browser-security/

I particularly used Browser scope http://www.browserscope.org/ and my setup for sea monkey (on vista) got a score of

---------------------___Score____Security__Rich Text____Selectors API__Network___Acid3_____JSKB
SeaMonkey 2.2.4___86/100___16/17___933/1308____100.0%_____11/16_____100/100___82

Results for security HTML: http://www.browserscope.org/?category=security&v=top&security_results=postMessage%20API=1,JSON.parse%20API=1,toStaticHTML%20API=1,httpOnly%20cookie%20API=1,Block%20location%20spoofing=1,Block%20JSON%20hijacking=1,Cross%20Origin%20Resource%20Sharing=1,Origin%20header=0,Sandbox%20attribute=1,X-Frame-Options=1,Content%20Security%20Policy=1,X-Content-Type-Options=1,Block%20cross-origin%20CSS%20attacks=1,Strict%20Transport%20Security=1,Block%20reflected%20XSS=1,Block%20XSS%20in%20CSS=1,Block%20visited%20link%20sniffing=1

Compare that to my windows me opera 10.63 which got a 8/17 http://www.browserscope.org/results?o=xhr&v=top&security_results=postMessage%20API=1,JSON.parse%20API=1,toStaticHTML%20API=0,httpOnly%20cookie%20API=1,Block%20location%20spoofing=1,Block%20JSON%20hijacking=1,Cross%20Origin%20Resource%20Sharing=0,Origin%20header=0,X-Frame-Options=1,Block%20reflected%20XSS=0,Sandbox%20attribute=0,Strict%20Transport%20Security=0,Block%20cross-origin%20CSS%20attacks=1,Content%20Security%20Policy=0,X-Content-Type-Options=0,Block%20XSS%20in%20CSS=1,Block%20visited%20link%20sniffing=0&category=security and my Me's firefox 3.6.28 which got a 12 or 13/17 test still says running for Strict Transport Security

Edited by Flasche
0

Share this post


Link to post
Share on other sites

I occasionally use Opera 10.63 and FF 3.6.28 with Kernelex....

It looks like security wise, SeaMonkey 2.2.4 did the best. I'm guessing that's probably because it's the newer, whereas Opera 10, which is the oldest, got the weakest score of the three. I guess that figures :-)

Edited by LostInSpace2012
0

Share this post


Link to post
Share on other sites

I occasionally use Opera 10.63 and FF 3.6.28 with Kernelex....

It looks like security wise, SeaMonkey 2.2.4 did the best. I'm guessing that's probably because it's the newer, whereas Opera 10, which is the oldest, got the weakest score of the three. I guess that figures :-)

No script also did effect the score.

0

Share this post


Link to post
Share on other sites

this is what it showed when I visited their webpage...

post-360209-0-09102200-1394949416_thumb.

Edited by LostInSpace2012
0

Share this post


Link to post
Share on other sites

On another tangent... there is a criteria for determining your browser's uniqueness and how easy it would be for someone to track your digital footprint. Go here: https://panopticlick.eff.org/

I ran the test and here's my score: "Currently, we estimate that your browser has a fingerprint that conveys 19.88 bits of identifying information."

That script read my entire, unique list of installed fonts via the Flash plugin for 21.92 "bits"! Removing Flash prevented that. The next list highest category was set of preferred languages. Having 3 on the list gave the same 21.92 "bit" count for that item. Clearing it out to leave on English, dropped the estimate to 8 "bits".
0

Share this post


Link to post
Share on other sites

this is what it showed when I visited their webpage...

Yes and it showed firefox was less secure, even if it was by one.

0

Share this post


Link to post
Share on other sites

this is what it showed when I visited their webpage...

My apologies. I didn't realize that you were testing SeaMonkey. I thought that you were comparing Firefox and internet explorer. That is interesting indeed. do you have no script installed. did you tweak the browser.

0

Share this post


Link to post
Share on other sites

Howdy... I always surf with javascript turned off. No "noscript" or anything, just plain turned off :-)

0

Share this post


Link to post
Share on other sites

I've personally never encountered insecure browser except when I used IE below version 7

for past few years I'm on Opera 11.52

and the only thing that got me was via Java plugin

removing that made it all safe back again

I use custom hosts file and I never have any problems ...

0

Share this post


Link to post
Share on other sites

I've personally never encountered insecure browser except when I used IE below version 7

for past few years I'm on Opera 11.52

and the only thing that got me was via Java plugin

removing that made it all safe back again

I use custom hosts file and I never have any problems ...

That is very good to know. :w00t: Do you have a 98 or windows me Virtual machine, and if you do how well does it run. I use opera 12.02, but don't like how I cant add to the speed dial.

0

Share this post


Link to post
Share on other sites

Howdy... I always surf with javascript turned off. No "noscript" or anything, just plain turned off :-)

You most certainly beat my Firefox 3.2.68 setup. I think I'm download the latest 1.xx SeaMonkey to try it out.

0

Share this post


Link to post
Share on other sites

Firefox Nightly x64 builds.

I've always found the Fanboy filters to be far too overly aggressive. They also used to block a lot of images and other things that were totally safe on websites (recommended/affiliate websites - basically friend type websites).

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.