Hi everyone, I'd really appreciate your input on which web browser I should consider using for best security at this moment in time? Do I stick to FireFox or perhaps consider an alternative? Thank you
Firefox, or a hardened gecko-based browser (Firefox's engine), such as floorp or librewolf would be your best bet in terms of security. However, you might be sacrificing usability for security. Maybe. I think gecko browsers are dead. Like it or not, I do not, but the web is written for Chrome-based browsers now. Try brave also. See what works best for you.
It does not really matter, they all offer the same security features, they just call them differently, like firefox has container abs, chromium browsers have isolated tabs. It really depends on setup though, in this case LibreWolf is nice, because it has removed "bad" settings, so the default is pretty OK and it can not be setup wrong. But the most important thing, whether that browser is updated swiftly. Some browsers are months behind their parent, making them more vulnerable to exploits.
Edge has a nice feature called 'Enhanced security mode'. It can be enabled for less frequently visited sites (Balanced), or across all sites (Secure).
Depending on the OS and if one can utilize its built-in security, then any browser can be secure. Of course if sandboxing is available in the browser, that can help too. To take things to another level, no extensions added in this case either.
According to this site, Firefox seems to have less holes than Chromium, not sure what to think about this. But it doesn't matter that much as long as you use security tools (AV, anti-exploit, adblockers) that can tackle exploits/malware that is launched via browser. Also, you almost never see browser exploits that are geared to consumers anymore, most exploits are reserved for high profile attacks. https://www.cvedetails.com/product/3264/Mozilla-Firefox.html?vendor_id=452 https://www.cvedetails.com/product/15031/Google-Chrome.html?vendor_id=1224
I would say that it is pretty much like security in Linux vs Windows. Firefox is being used less and less and out of 10 users on Windows, 9 use chromium based browsers. So in theory using less used browser might result in less exploits.
And use as less browserextensions as possible. They are a potential security risk. A browser is as safe as its extensions are. View this interesting thread: https://www.wilderssecurity.com/thr...ent-looking-extensions-hold-for-users.446756/
Actually on second thought, it's perhaps not true what I said. If you look at the total amount of code execution bugs (which is often used to load malware on the system) Firefox had 185 and Chrome 79 in the last 10 years. Which would mean that Chrome is safer. Not to forget that Firefox was the only browser where hackers could escape from the sandbox in the latest Pwn2Own hacking contest, see link. https://www.wilderssecurity.com/thr...iner-security-to-pwn2own.453556/#post-3193810
No, the 10 years include a period when Firefox didn't have a sandbox and critical parts written in Rust yet. Since they habe been implemented the buffer overflow figures are much lower. The memory corruption figures are still relatively high but much lower than the ones in Chrome. So? Chrome was affected in previous Pwn2Own contest as well. And it had 4 zero day vulnerabilities with an "high" CVE entry exploited in the wild only in the past 2 weeks.
any browser which is part of this procedure is tested. but to answer the question. currently i think that edge is more secure than other browsers. and this is independant of windows defender which is checking any files from the web, either downloads or cache. i think that smart screen is better than the safe list in chrome or firefox. i still talk about default settings. privacy is a complete different conversation. what i know that any origin browser creator is fixing issues very fast, google and mozilla to say - other browsers are forks, no exception. edge, brave, opera - libre, pale, other are so much dependant of its origins - no exception! but - user can raise security when using a decent adblocker - ONE, not more, makes no sense, au contraire. if you feel comfortable with firefox then stick with it. i am a long time user since phoenix and Netscape Navigator before. after this one with a long distance: Edge. i am sick and tired of chrome, opera and others. bust thats only my personal (deeper) view.
Good point, forgot about that. True, it doesn't mean that Firefox is less secure per say, but it's still worth to note that they couldn't find a new ''zero day'' sandbox escape in Chrome, while they did in Firefox. But the next contest it could be the other way round, who knows.
I won't use Edge as I'M on Linux. Nevertheless -is there any evidence that Smart Screen is better than the other lists? That said, the hagezi lists are quite good particularly if combined with the Threat Intelligence Feeds. They can be easily added to uBO. On the other hand, with Dynamic Filtering in medium or hard mode this is not really necessary.
dont know, thats why i wrote "i think" - i did not find any comparison. you are not forced to use it i guess ? same for me on android, no edge because of firefox (default browser) firefox can use more customizations (means: extensions) as any other browser. ancient views "sandbox" means "system sandbox", for chrome, edge, firefox and more. it's the "integrity flag" which means "untrusted" or "low" for child processes. depending of its purpose. one criteria of pwn2own is to break this OS sandbox behavior, whatever OS is used. edit https://www.reddit.com/r/privacytoo...gle_safe_browsing_and_smart_screen_on_or_off/ sorry, only one result
