Firefox & Chrome!

Hi,

In terms of security, should I use Google Chrome instead of Firefox with add-ons : AdBlock Plus, NoScript, BetterPrivacy, LastPass, HTTPS EveryWhere, HTTPS Finder, WOT?

Also does using add-ons in Chrome reduce it's security protection capability to any extent?

Are the add-ons mentioned above for Firefox also available for Chrome?

Best Wishes,
ams963

 

This very topic has been discussed quite a lot here on Wilders.

In a nutshell it always boils down to Firefox plus NoScript vs Chrome (which has no equivalent as effective or advanced as NoScript) & its 'sandbox'.

No doubt the learned 'pundits' will advise you one way or another. I reckon that there is very little in it. My personal preference is for Firefox + NoScript (& RequestPolicy).

ABP works on both, but regardless of recent improvements with ABP for Chrome, it is still better on Firefox IMO. Abine's DNT+ works better on Chrome in my experience.

You downloads yer freeware & yer takes yer pick ...

*Runs & hides behind flameproof wall*

 

You have Adblock Plus for Chrome as well; there's a similar extension to NoScript, there's also Lastpass (if I'm not mistaken), HTTPS Everywhere, WOT, but no HTTP Finder equivalent extension, to the best of my knowledge.

 

there's ScriptNo on Chrome.

it's quite decent but not as polished as NoScript.

 

There have been so so so so so many topics about this. I don't even ever say this but just use the search on this one, there is really nothing new to consider.

 

You can use either of the two. Since you have Sandboxie, you are pretty safe with either browser.

 

All add-ons have the risk of reducing security. If you're running under Sandboxie, browser security will matter little though. As it stands, Chrome is safest. Just pick the browser that works best for you and then worry about securing it. Chrome is the safest browser, but once again it fails me with persistent issues, so safety or not, it got the boot.

As far as ScriptNo, it's basically a dead project and you're likely to cause more harm using it now than the benefit you would have gotten before the developer tossed in the towel. As has been said though, search the forum for "best browser", and try to navigate through it all without losing your mind

 

Yeah after Hungry Man said I have been searching all morning and I'm going banana! There are just too many things to read. I'm glad some things got past my thick skull. Fortunately, I also have friends like you who will post and help me no matter how many times the same questions been asked.

 

Thanks guys. I really appreciate it. I think I'm gonna go with Firefox.

 

I have Adblock Plus, BetterPrivacy, HTTPS Finder, HTTPS Everywhere, Keyscrambler, LastPass, NoSctipt and WOT. Will adding RequestPolicy be an overkill or cause a conflict, especially with NoScript?

 

I am using RequestPolicy, it complements NoScript. You must have a lot of patience though. Because of NoScript and RequestPolicy, I dropped Adblock Plus. I only see very few ads because of the 2.

 

Thank you very much. Then should I also drop AdBlock Plus? Is it redundant?

 

It's up to you. You can still take advantage of blocking ads in Adblock Plus. I dropped it because I want to keep my Firefox have less add-on. . There is a user that use all three and doesn't have any problems. It's not on Wilders though, I think he's at NoScript forums.

 

Ah! Okay. But they each works in a different way and works for different purposes, right? I'm tired of conflicts. I even had removed Webroot secureanywhere because of conflict. I don't want any more conflict, overlapping.

 

Also what settings do you have in requestpolicy- Miscellaneous, Link Prefetching and DNS Prefetching? Also what do you choose as strictness under General tab?

 

RequestPolicy compliments NoScript & can fine tune it so to speak. I use it on Firefox & SeaMonkey. If used well it really can make either browser very safe from clickjackers & buffer overflow/drive-by attacks. My whole approach to security is primarily browser hardening combined with the utilisation of a light AV (& an auxiliary on-demand scanner).

I think overkill is a matter of personal preference. I also used Ghostery as well, but as it started to get way overcomplicated, I uninstalled it.

 

I disabled Link Prefetching and DNS Prefetching (I didn't notice any speed improvements with both enabled.) Just use the defaults and you'll be fine. The one you should worry about is what sites will you whitelist.

 

Link and DNS Prefetchings are disabled by default in my requestpolicy. But what do they do if enabled?

 

A speed improvement I suppose. But some disabled it because of privacy issues.
EDIT: You can read the issue of prefetching here -https://calomel.org/firefox_ssl_validation.html
NOTE: As I said, I disabled it because I really don't notice any speed improvements.

 

I think the same way and completely agree with you hence I started this topic. I wanted to start hardening and securing the primary approach to security- my browser.

Does Ghostery complement NoScript, RequestPolicy and AdBlock Plus? Or overlap?

 

IMO this is the Achilles' heel of both NoScript & RequestPolicy (& anything relying on whitelisting).

 

Then I guess I should leave them disabled. We use RequestPolicy for security and privacy, right? If those options pose a threat to privacy then why are they implemented in RequestPolicy in the first place? For a supposedly increase in speed?

 

Yup, but I guess that's the reason he included it. To have an easier method to turn the prefetching off without going to about:config. If a user want's it, he could easily enable it through RequestPolicy.

 

It's difficult to say, Ghostery is primarily a tracker-blocker. I just thought it had become a bit redundant using NoScript & RequestPolicy together. It's a good tool to teach you what feeds are useful & which are potentially either harmful or a security/privacy issue. There's also Abine DNT+, although it's simpler than Ghostery & probably not as efficient in finding trackers. Also, if you install DNT+ on Firefox, don't move or reposition the (rather large) icon on the GUI as it seems to interfere with its operating functionality, & in fact it can break it. Apart from on one portable I don't use Ghostery or Abine any more (I use Abine on Chrome). I used to really like Ghostery & it was a standard part of my defence approach. Unfortunately, IMO it got too complex & seemed to update every five minutes & needed to tell me about it. I know it's fashionable now for applications to feel the need to flag everything from simple updates to what time to put the kettle on to make a cup of tea, but I'd rather they concentrated on doing their job quietly & not bug me LOL.

 

There is a setting to disable notifications.