Most Secure Browser: FF, Chrome, Edge?

Discussion in 'sandboxing & virtualization' started by HempOil, Dec 15, 2017.

  1. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,966
    Location:
    The Netherlands
  2. HempOil

    HempOil Registered Member

    Joined:
    Jun 15, 2015
    Posts:
    225
    Location:
    Canada
    From the Chromium folks...

    Post-Spectre Threat Model Re-Think

    In light of Spectre/Meltdown, we needed to re-think our threat model and defenses for Chrome renderer processes. Spectre is a new class of hardware side-channel attack that affects (among many other targets) web browsers. This document describes the impact of these side-channel attacks and our approach to mitigating them.
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    172,264
    Location:
    Texas
    Bye, Chrome: Why I’m switching to Firefox and you should too

     
  4. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,556
  5. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,300
    Trooper, what, who, where?
    Mrk
     
  6. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    545
    Uh... so?
     
  7. Fizbin

    Fizbin Registered Member

    Joined:
    Feb 28, 2011
    Posts:
    46
    I've been using Chrome and Sandboxie for years but I'm just about done with this browser because of Chrome's insidious Software Reporter Tool. It's supposed to look for undesirable software that can conflict with Chrome but it's WAY too invasive, IMO.

    Today I had Chrome sandboxed and I was using a screen writing program unsandboxed. Suddenly, the Software Reporter Tool kicked in. I could tell because my PC fans suddenly ramped up. Checking task manager confirmed it. I had three instances of the Software Reporter Tool suckling away at my CPU. The part that worries me is that my external hard drive (which I use to store my screen writing files) was powered down. But when the Software Reporter Tool started up my external hard drive (which is blocked in Sandboxie Control) kicked in like it was being accessed. There are other Windows events that can cause the usb drive to come out of sleep so it's probably nothing but it's still very troublesome.

    The scary thing is I deleted the SwReporter folder and it still didn't stop it from running. Ending it in task manager did. I've also changed the permissions of the SwReporter folder and that didn't stop it either. The only thing that can stop it is to add *\SwReporter* in Sandboxie's resource access / file access / blocked access. I can confirm that it does work.

    So I'm thinking about switching to Firefox but now I find out that there's a bug with security.sandbox.content.level value having to be lowered for it to work properly. Grrr!
     
  8. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,660
    Location:
    Under a bushel ...
    Last edited: Aug 1, 2018
  9. Fizbin

    Fizbin Registered Member

    Joined:
    Feb 28, 2011
    Posts:
    46
  10. HempOil

    HempOil Registered Member

    Joined:
    Jun 15, 2015
    Posts:
    225
    Location:
    Canada
    Perhaps, you could consider using another Chromium-based browser. There are several out there, and other than not updating as fast as Chrome, they should support the strict site isolation feature. And, as an added bonus, they shouldn't phone home to Google.
     
  11. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,900
    Location:
    Slovenia, EU
    iFrame clickjacking countermeasures appear in Chrome source code. And it only took *checks calendar* three years
    https://www.theregister.co.uk/2019/08/19/clickjacking_countermeasures_chrome/
     
  12. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    6,180
    technically i think i have understood - dynamically moving iframes, either direct by css or javascript injecting css by event.
    basically iframes are not allowed here (ublock/umatrix) but i could also hit me when the source page was hacked/infected.
     
  13. HempOil

    HempOil Registered Member

    Joined:
    Jun 15, 2015
    Posts:
    225
    Location:
    Canada
  14. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    545
  15. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    2,225
    They are doing that! It's done under the Project Fission. More details and links here. You can already enable it in the nightlies. More info on this site.
     
  16. Quassar

    Quassar Registered Member

    Joined:
    Oct 19, 2011
    Posts:
    256
    Location:
    Poland
    I dont have favorit, dont trust them all.... restric access and izolate from rest (+ monitor actvity with HIPS or similar)
     
  17. jclarkw

    jclarkw Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    103
    Location:
    USA
    Dear Fizbin (or anyone) -- I've been down this road too, but I'm very glad to see your solution through Sandboxie, previously unknown to me, which I will try immediately!

    I had been using Chrome in Sandboxie as a means of using those many sites that don't work right in Firefox, at least with NoScript! installed. (For example, any site that requires CAPTCHA will not run on my Firefox setup.) But now, every time I use Chrome, my computer gets bogged down with its "Software Reporter Tool," which is apparently also an excuse for Google to snoop into your computer.

    Obviously I'm using Firefox now as my primary browser, but I was about to remove Chrome and search for an alternative. I came hear first to see if there was a solution through Sandboxie. Thanks for this tip! -- jclarkw
     
  18. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,195
    Location:
    Nicaragua
    I haven't needed to solve any CAPTCHA's in a long time, but most of the time (just about every time) in the past when I had one, all that was needed was to allow google.com. So, next time you get a CAPTCHA, if google.com appears in the NoScript menu, allow it temporarily.

    Bo
     
  19. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    1,167
    Location:
    usa
    Usually/Regularly, I'm getting those CAPTCHA requests while using any VPN add-on/proxy with ANY browser. And, probably, 100% of those Captchas are required by Google; therefore, I've started using (not as good) Bing, but NO CAPTCHAS.
    LOL.
     
  20. henryg1

    henryg1 Registered Member

    Joined:
    Jun 14, 2020
    Posts:
    424
    Location:
    uk
    Use duckduckgo?
     
  21. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    1,167
    Location:
    usa
    Yes, duckduckgo is also a good candidate.
     
  22. HempOil

    HempOil Registered Member

    Joined:
    Jun 15, 2015
    Posts:
    225
    Location:
    Canada
    With the addition of site isolation and RLBox sandboxing, is Firefox 95 close to achieving security parity with Chrome?
     
  23. Melionix

    Melionix Registered Member

    Joined:
    Jun 22, 2020
    Posts:
    111
    Location:
    Earth
    I doubt it. There is still no counterpart to the Chromium sandbox on Android from what I can tell.
     
  24. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    6,180
    when implementing rlbox mozilla made a real big jump in comparison to google. David succeded again vs goliath ;)
    (nice done for a very small team in comparison to googles big machinery)
     
  25. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,101
    Finding there are performance issues for me while using firefox..Slimjet is running quite smoothly though.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.