BrowserAudit - How secure is your browser?

Discussion in 'other software & services' started by Mr.X, Jan 30, 2018.

  1. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    I snap researched it today. Its antique, no contest and no use to bother with it of the last windows 5+ version.
     
  2. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    10,239
    Location:
    Lloegyr
    QuickTime was good on Windows as well.
     
  3. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    How to fix this one single CRITICAL


    cookie set by JavaScript should not be sent over HTTP

    This critical test executed in ≈265ms and failed for the following reason: The cookie was sent to the server.



     
  4. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,418
    Location:
    Slovakia
    It must be a bug, when I click on the link it automatically opens https. Considering I have port 80 blocked, it is not possible. Edge most likely switches to https and the test just checks, if the cookie was sent or not.
     
  5. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    It's gotta be since I not been able to scratch that one display no matter what.

    Really of no definite concern since safe browsing is the priority and rarely venture away to potential murky sites.
     
  6. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
  7. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    1,910
    Location:
    North of the 38th parallel.
    https://browseraudit.com/ IP: 146.169.2.218 - Many other domain name variations match this IP address but seem to redirect to the same browseraudit software. (Reverse DNS: browseraudit.doc.ic.ac.uk)
    Code:
    365,18,1,20 Microsoft Edge 98.0.1108.56 (Official build) (arm64) All Extensions Disabled.
    
    354,29,1,20 Google Chrome 98.0.4758.102 (Official Build) (arm64) All Extensions Disabled.
    
    374,10,0,20 Mozilla Firefox 97.0.1 (64-bit) Safe Mode.
    
    359,21,0,24 Apple Safari 15.3 17612.4.9.1.8 No Extensions Installed.
    
    363,18,0,23 Tor Browser 11.0.6 (based on Mozilla Firefox 91.6.0esr) (64-bit) As Installed.
    
    Tested on a macOS 12.2.1 (21D62) Monterey - M1 Pro/ARM64 MBP18,1 platform.

    Reference: BrowserAudit: Automated Testing of Browser Security Features

    Last Edit Date: 17-February-2022, Updated Firefox & Edge.
     
    Last edited: Feb 17, 2022
  8. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
    Seems to be a bug

    https://github.com/brave/brave-browser/issues/14149#issuecomment-781136005
     
  9. korben

    korben Registered Member

    Joined:
    Nov 5, 2009
    Posts:
    917
  10. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    Edge browser. Not great.
     

    Attached Files:

  11. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    1,910
    Location:
    North of the 38th parallel.
    Code:
    361,22,1,20 Google Chrome 98.0.4758.109 (Official Build) (arm64) All Extensions Disabled.
    Reference: BrowserAudit - How secure is your browser?

    Last Edit Date: 22-February-2022, Updated Google Chrome.
     
  12. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    1,910
    Location:
    North of the 38th parallel.
    FWIW:
    Code:
    365,18,1,20 Google Chrome Version 99.0.4844.51 (Official Build) (arm64) All extensions disabled.
    Last Edit Date: 1-March-2022, Updated Google Chrome.
     
  13. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    1,910
    Location:
    North of the 38th parallel.
    Code:
    374,10.0.20 Mozilla Firefox 97.0.2 (64-bit) Safe Mode.
    Last Edit Date: 4-March-2022, Updated Mozilla Firefox.
     
  14. IvoShoen

    IvoShoen Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    849
    373,11,0,20 Firefox 98 non safe mode
     
  15. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    1,910
    Location:
    North of the 38th parallel.
    Hello @IvoShoen

    Although your result had to be the product of a Firefox beta (98.0b9 ?), I hope Mozilla's release version won't have lost any of it security.

    It would be no easy task to see if the BrowserAudit developers update their code as they don't seem very chatty...

    As Mozilla's Firefox is my browser of choice, I do appreciate your post.
     
  16. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    Brave Browser test.
    upload_2022-3-6_13-38-17.png
     
  17. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    Here is Firefox 97.0.2--unsandboxed. Four warnings related to "WebSocket connecting...." and the rest were kind of scattered around.

    I'm pretty satisfied with these results. :)

    browseraudit 3620222.PNG
     
  18. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,101
    Latest stable version of vivaldi.
    2022-03-06 19.31.25 browseraudit.com b856d0742cca.png
     
  19. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    This test can provide guidance, but should NOT be considered as "non plus ultra".
    If I am not mistaken, it is still 7 years old.
    In addition, still considering the year 2015, some safety issues are not taken into account:


    Source:

    https://331.cybersec.fun/browseraudit.pdf
     
    Last edited: Mar 7, 2022
  20. IvoShoen

    IvoShoen Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    849
    And if you block their cookies the test fails nearly everything.
     
  21. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    Well, OK, so we can't place the same value on any results as we could 7 years ago, but can any value be placed at all? Speaking for myself, I would have no clue as to what is still relevant today upon looking at the individual test components.
     
  22. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    If I remember correctly, there are 400 tests, so it is a bit difficult to say which of them are more representative today than 7 years ago.
    Personally I think today security is quite related to privacy.
    Probably 7 years ago they were two concepts more divergent than today.
    Personally I think it's fundamental in browsers to reduce the exposure to insecure cipher suites.
    I would like to recommend that W. members take the test:

    https://browserleaks.com/ssl

    A test like BrowserAudit won't consider this trick.
    Can BrowserAudit detect whether my Edge at IL appcontainer in a Windows OS is more secure than another Edge at higher IL?
    Etc.....etc...
     
  23. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    Thanks for the reply. It's enough to where I can no longer have confidence in BrowserAudit. The browserleaks link did show a similar and good result. I'll just keep Firefox rigorously updated and make sure my uBO lists are up to date as well; that should be enough.
     
  24. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    I have reduced in my Edge the Insecure Chiper Suites to 1:

    1.jpg

    With Firefox it is much easier to do this.
    Of course you have to check if all the websites you visit are reachable.
     
  25. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Is this Browser Audit still pretty relevant? I specifically mean not so much EDGE but straight on Chrome-Firefox etc
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.