Hey guys,
I know this is discussed a bit in the Security thread but I thought maybe I could make another thread for it which internet browser do you use? Why?
More specifically I am looking for the most secure internet browser. I currently use Mozilla Firefox.
Opinions?
Posts
I haven't had a single issue with the security of my computer with Opera.
The best way to safeguard your computer is to pay attention to where you're browsing though.
lynx is probably up there with "the most secure."
---
I've got a spare copy of Portal, if anyone wants it message me.
PSN: TheScrublet
The single most important thing you can do, rather than worry about this browser vs. that browser, is to make sure every single program is up to date, even the ones you normally wouldn't think are associated with your web browsing.
edit: I skipped the post right above mine. Carry on!
Pretty much this for me. I've been using Opera for about 10 years now, and the only virus issues I've ever had to deal with were not from normal browsing. And 10.5 seems to be working much, much better with Win7 now.
I would suspect that IE is actually a very secure browser. But because everyone uses everyone also targets it because you can reach a larger footprint of users it means that most exploits are built around IE.
Satans..... hints.....
Not many people use Macs (compared to PCs) so viruses don't get designed for them very often, so Mac users often tout their machines as being more secure, when in fact at least part of their virus-free reputation comes from security through obscurity.
Aren't a significant percentage of browser exploits based around Flash anyway, thus rendering which browser you use irrelevant?
Regardless, I use Firefox for its addons, primarily the Internet Usage addon, which is really very useful.
Clearly telnet is the more secure browser.
Telnet on a linux or sun system.
I'm in your interwebs, listening to your cleartexts
But seriously, your own browsing habits are possibly more important than browser or OS.
IE 8 on Vista/win7 is pretty secure but it's let down by a couple of things. Firstly after more than 3 tabs it goes back to a shared memory model for the tabs whereas Chrome it's a process for every single tab.
The second problem and this is the big one, the time between an exploit being found and being patched is still ridiculously long. MS seem to have their fingers in their ears on this one, it takes MS so long to release fixes to exploits that all the security they've built into IE8 is essentially nullified.
Mozilla and Google supposedly have the fastest turnaround of fixed within a week iirc.
Apple apparently is also pretty bad for releasing fixes too.
---
I've got a spare copy of Portal, if anyone wants it message me.
Apple would do well to take a more proactive approach regarding security and patches. From a practical, real-world standpoint Mac OS computers don't get exploited, but that can't possibly last forever. It would be horrible for public perception if Apple waited until significant numbers of systems were compromised in the wild before taking a strong security stance.
Opera is usually very fast at fixing flaws. Chrome is pretty quick too. Firefox is iffy, on critical things they seems to do a good job at the same times they've let other things go the normal length MS usually does.
If it's critical MS will issue out of cycle patches for items. Otherwise the monthly update works well enough. We'd all be better off if more companies update on schedule as MS does.
Apple is the slowest to the point that it's inexcusable. Most of the time they spend a week or two denying security issues let alone the time it takes to get things patched. Apple is the worst at Security, they'll only be able to piggy back off Unix for so long.
Alternatively, Chrome is probably the most secure right now thanks to fancy pants sandboxing.
IE had sand boxing first with IE7.
There are two differences, the fist is that Chrome blocks read only access while IE does not. The second difference is a technical trade from the first, IE is able to sandbox add-ons like Flash while Chrome does not.
It just uses those resources much more effectively than firefox.
Right now, a break down of unpatched security holes in browsers:
Firefox 3.6 - 0
IE 8 - 4
Opera 10.x - 0
Chrome 4.x - 0
Safari 4.x - 1
Just a note on the MS Tuesday update, the only good thing about that is that it's good for sysadmins (like myself) who can then plan out performing the update to all machines and also doing tests to make sure it doesn't affect anything.
However, for security it's the worst possible thing to do. The reason is because all the blackhats wait until patch tuesday and release their exploits immediately after so they can maximise the time the exploit is in the wild.
---
I've got a spare copy of Portal, if anyone wants it message me.
(Of course, plugins might or might not work properly, due to their expectations about what they can access.)
Personally, I think Chrome has the best security setup as the browser is completely sandboxed. I think IE8 is the other browser that is sandboxed, but I have less faith in Microsoft doing it right.
This is completely anecdotal, but IE8 crashing began to get out of control on my recently formatted Win 7 system and I finally said fuck off and installed Chrome.
PSN: TheScrublet
Opera Mini isn't a browser as such as you know it. What happens is that the page rendering is actually done on a server at opera, which then sends it to opera mini as a pre-processed simple text/page. Essentially think of opera mini as a thin client, all its really doing is rendering the image that it has been sent from opera.
It's how Opera has gotten around the rules of the app store.
EDIT: It has its advantages, like low resource usage (hence speed).. however because it all goes through opera any real pretence of personal privacy is a bit of a joke and quite often the search results on google etc are totally shit.
Google typically detects what region you are in (from your ip address) and delivers what it believes are the most relevant results, however.. because it sees the opera ip (for europe this is a german range i believe) it delivers content more tailored to germany. So, if I search on Google for "BBC" the first result is the least relevant for me. (It delivers some german site even though i'm in the UK)
EDIT2:
---
I've got a spare copy of Portal, if anyone wants it message me.
It's nice if you're in an area with an iffy connection, but the security is a complete joke.
There's no right answer 'out of the box', because just about every browser is vulnerable 'out of the box'. Why? Because the browser isn't so much the main vector anymore. A completely patched browser with no 'in the wild' security holes is still extremely vulnerable if you're letting Flash and Javascript run unchecked. And if you're letting PDFs open automatically and/or using an in-browser plugin for them? You may as well be inviting the bad guys inside.
So in the end, your choice of browser isn't nearly so critical as the way you configure it and harden it.
Except IE. Because, seriously, nuts to IE.
PSN: TheScrublet
http://arstechnica.com/microsoft/news/2010/03/firefox-may-never-hit-25-percent-market-share.ars
Robots Will Be Our Superiors (Blog)
http://michaelhermes.com
The weird thing is that they are trying to make IE better. The lousy reputation that IE has damages the Microsoft brand, and because of that IE 8 is a big step forward compared to previous versions. The built-in sandboxing mode and security features are actually pretty nice... on paper.
In practice, somehow, IE 8 has been consistently showing it's swiss cheese nature. Security flaws that cut to the heart beyond all other measures have cropped up repeatedly. Despite the attempts on Microsoft's part to make a better browser, they haven't really tightened things up.
PSN: TheScrublet
Honestly, MS needs to restart from scratch if they want to match Chrome. There is loads of legacy cruft in IE. (as well as in windows itself)
A prime example from a while back was the windows metafile exploit which dated back all the way to the windows 3.x days.
Essentially with a simple wmf file you could execute anything you liked as system privilege simply by using a wmf image, great eh?
For example, have a website with a WMF image on it, get a person using IE to visit it.. bam, owned.
---
I've got a spare copy of Portal, if anyone wants it message me.
I'd say, from a completely anecdotal point of view, that MS has come a long LONG LONG way with IE8, and IE9 looks even better. Rewriting would probably be the dumbest thing they could ever do. Heck, even the Chrome and Webkit teams weren't dumb enough to start from scratch. And they'd get ripped 1000 new assholes from every developer on the planet if they release yet another version of IE that's more fixing shit and still doesn't implement canvas tags or more CSS3 proposals.
Rewriting IE from scratch would be the best possible thing MS could do, making it independent of the OS would actually be beneficial too instead of being hooked into the OS all over the place.
MS when doing updates/patches to IE have to do a shit load of testing to make sure it doesn't break anything in the OS and with a multitude of IE legacy specific stuff. It's one of the reasons why it takes MS so long to patch flaws.
The reason why Chrome and Safari weren't totally built from scratch is because Google and Apple don't have a "not invented here" syndrome that MS does. They saw a relatively clean code base in KHTML and developed it into webkit from which Safari arose and from webkit Chrome also arose.
There have been many valid arguments made that MS should dump the IE code base and actually base a brand new IE on webkit. However, it'll never happen because of the institutional NIH at MS.
---
I've got a spare copy of Portal, if anyone wants it message me.
See how that works out?