Safest and most functional browser

Discussion in 'other security issues & news' started by Seishin, Sep 24, 2006.

Thread Status:
Not open for further replies.
  1. Seishin

    Seishin Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    204
    I have tried the following so far:

    1. Opera. Safe but don't like it.

    2. Firefox. Love its fucntionality but is not as safe as it used to be. It's number two target after IE if not number one lately.

    3. Maxthon. Safe but not as functional as Firefox and a bit messy. I didn't like its EULA either.

    4. Avant. Didn't install it because of the EULA. That thing about keeping bookmarks and saved passwords in its server smells! Heard is very safe but what about privacy, hey?

    5. K-Meleon. I really liked this one but I wasn't sure how safety it was, especially when Secunia doesn't even include it in its testing procedure. Also it lacks some functionality which can be supplemented with Proxo in excess anyway. If someone in this forum tellsme that is 99.5% secure then I would use it again.

    Note: Haven't tried IE7 because is still in Beta.


    Anything else I should know?


    Cheers.
     
  2. Cameltoe

    Cameltoe Registered Member

    Joined:
    May 14, 2006
    Posts:
    7
    What is it exactly that u don't like about Opera?

    It is my primary browser while using Firefox occasionally.
     
  3. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Yes, Firefox is the very best and being the safest browser is a matter of dates. :)
     
  4. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
  5. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Wow..that sounds bad...passwords on external server... :eek:

    What do you mean by safe? What is your point on view on safety in a browser? Have you had any experience you self where your browser have failed you? Or are you refering to articles on browser vulnerability? personally I have yet to find any sites that breaches Firefox and Noscript extension.

    I think Firefox is as safe as it can be (even in a admin acount), for the time being. And if new threats appear they are fixed quite fast. Even IE can be configured to be safe. There are ways to run IE as a restricted user even if you log in to windows as an admn. you can disable java and javascripts. Or this little utility that I´ve just heard of: Quick set Internet Zone http://www.terabyteunlimited.com/utilities.html if you dont want to dig into the setting of IE.
     
  6. theflamingbush

    theflamingbush Registered Member

    Joined:
    Sep 17, 2006
    Posts:
    25
    firefox is pretty safe in a sandbox! ;)
     
  7. Seishin

    Seishin Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    204
    I got infected by visiting this site (openwares.org).

    I went there to take a screenshot and let users know about Foxie being malware itself as this browser is linked to this website. It's a long story.

    Well, I was running Mozilla with NoScript, AV, Fully patched XP, Router, FW with outbound and Limited account. It doesn't matter as sites like this are fully loaded. I also realised about the mess I was in when right after that site's page opened up a quick pop-up came up with the message of "loading." I thought, that's it! I screwed up big time.

    I turned off my machine and that was it, after reboot it went blank with the old message of "Boot Sector Virus...", yadda, yadda, yadda.

    I spent all afternoon cleaning up the mess and installing software.

    I have decided to use Opera as Firefox has an issue with certain extensions.

    I believe malware got through ForecastFox as it's not the first time this extension has given me strange signs (last time I got infected accuweather showed up in my machine for no reason).

    So no more FF for me a big welcome to Opera.


    Regards.



    Note: Don't visit that site unless you have virtualisation, sandbox or roll-back software. Highly dangerous!.
     
  8. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    Uhhh, I went there with firefox combined with noscript and adblock and nothing happened, the Please Loading message stays there since the page needs some javascript to load. I went through the sandbox, and nothing unusual happened and no new files occured anywhere. However, I didn't download anything, and maybe SSM blocked whatever was supposed to happen, but who knows (whatever did happen was erased by the good ol' Gutmann pass :D)? Anyways, I am not recommending downloading anything from the website, but merely visiting the website will not get you a boot sector virus, especially in a limited account. Maybe your infection vector was somewhere else?

    As to the most functional and secure browser, I would definately say opera is the one. However, just disable javascript, java, and flash and almost any browser is pretty darn secure. I would avoid browsers based off the IE6 (like Maxthon and avant) unless you know how to properly secure them.

    Alphalutra1
     
  9. Londonbeat

    Londonbeat Registered Member

    Joined:
    Sep 21, 2006
    Posts:
    350

    Hi gesc

    Do you know the name of the virus?
    Regards

    P.S. I have just visited that site's homepage using firefox without any add-ons and have not been infected.
     
  10. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    IMHO the _safest_ , if there is one, browser is in the moment Opera. Firefox lacks of a lot of security holes. I use Opera 99% and sometimes IE in case Opera isn't able to show some webpages correctly.
     
  11. Davidpr

    Davidpr Registered Member

    Joined:
    May 24, 2006
    Posts:
    92
    Give IE7 a try. It is stable and I like it.
     
  12. herbalist

    herbalist Guest

    gesc,
    You're in a tradeoff situation. Not including exploits specific to each browser, and they exist in all of them, the more functional the browser, the more potential exploits. Using Javascript opens you up to more problems as does using Java. Exploits in java affect any browser using it and have to be fixed in the Java code itself. You'll notice Java has seen a lot of updating. ActiveX is a security nightmare.
    Your best approach is to use the browser of your choice, with tightened settings, and make use of whatever "zone" features it has. Limit full functionality to sites you know and trust. Remove them from the internet zone. IE6 has this built in. Plug-ins for FireFox can add this ability. Don't know how Opera deals with it, but there's bound to be something similar. Just disable Java, Javascript, and ActiveX on sites you don't know.
    You can also get around the problem with good imaging or backup software. If something gets past, restore to the previous clean system.
    Rick
     
  13. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    Likewise, I visited the site - nothing happens. If you view pages in pure html, there's no way anything can happen. Firefox is the most convenient browser that allows you to play with java / javascript / flash and other plugins, toggling your security per site. So, I say Firefox.

    Thread starter, your infection might have happened if you were not using Firefox properly, like allowing scripts globally or such. Furthermore, your system might not have been fully patched. Further still, I don't think you got infected the way you presented it.
    Mrk
     
  14. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Thanks for sharing gesc.

    I tried that site with Firefox and nothing happend with noscript on. Even when I disabled noscript I couldnt notice anything, which is a bit strange imo o_O .
    Well, anyway I then fired up IE and:
    1. allowed the popup for funcards.
    2. i didnt allow the activex to load though, since the blow mentioned trojan was enough proof for a bad site for me :)
    3. Clicked where they wanted to and then I got this warning from Drweb:

    I wonder why your firefox and noscript failed... I presume that you didnt have noscript globally allowed of course.

    And i think herbalist sums up everything pretty good :)
     
  15. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Just to be clear, is openwares.org a malicious site?
     
  16. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    I don't think so. I visited this site and i got _not_ infected and no popup. Are you sure that it was this webpage?

    I had a look at the source. There are no unusual Javascript embedded in this side, exept a script from google which could give you perhaps a false alert.
     
  17. Londonbeat

    Londonbeat Registered Member

    Joined:
    Sep 21, 2006
    Posts:
    350
    You can't get infected just by visiting the homepage, however, several of the downloads on there contain what Kaspersky calls Adware.win32.Agent.o, so I would not download anything from there.

    Siteadvisor says this about it:
    http://www.siteadvisor.com/sites/openwares.org
     
    Last edited: Sep 24, 2006
  18. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    I have seen any note about browser Flock. You might want to give it a try.
     
  19. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Thanks Tommy and Londonbeat.

    At the very least they don't check the files they offer for malware.
    If they were alerted to the malware and still do nothing, then I would call them malicious by negligence.
    Either way, I won't be downloading anything from them.

    _______________________________________________

    As for the browsers, Opera has a lot going for it.
    It is refined and has a lot of well designed functionality built in.
    What I don't like is the clumsy Java/JavaScript/Plug-ins white list (contained in Edit Site Preferences).
    I was able to workaround this awkward oversight and make a keyboard macro to compensate.
    Still they should make this feature more accessible like NoScript in Firefox.
    Opera should have buttons on the interface to directly control these whitelists on a site by site basis.
    RoboForm doesn't work with Opera, but Opera has it's own "Wand" form filler. Not sure how well they compare yet on a practical basis.
    Opera is a good browser.

    Firefox is the king of customization and is still my main browser.
     
  20. Bob D

    Bob D Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    1,150
    Location:
    Mass., USA
    In that it uses the Mozilla engine, in theory, it should have same strengths (and any weaknesses) as Firefox / Mozilla.
    Can't argue with that. ANY browser should be virtually bulletproof in a sandbox.
    Myself, I've recently gotten into the habit of running my K-mel in Sandboxie.
     
  21. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    K-meleon and Firefox use the self-same Mozilla/Gecko browser engines, but implement it with different coding. Therefore, they are ~equal in safety, except that K-meleon has a *slight* edge because of obscurity (if you buy into that theory).

    I use K-meleon with DropMyRights (DMR)-- plus my other security stuff of course. K-mel+DMR is very safe, but I wouldn't even hazard a guess as to what percent safe it is.
     
  22. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    My Firefox is running on maximum security and I still don't trust it.
    I didn't install Firefox for security reason, but because Firefox is a very functional browser.
    Firefox isn't a security software, it's an internet browser.
    Just put Firefox in a secured environment, like any other browser, including Opera.
     
  23. chrisjackson1985

    chrisjackson1985 Former Poster

    Joined:
    Sep 23, 2006
    Posts:
    68
    i use opera 9.02 , great browser.

    gives a larger browsing screen, has built in transfer thing and built in torrent client aswell, tabbed browsing, and if or when it shuts down, when you load it back up, all your pages that you had open, remain open, even if you have 5 or 6 tabs.

    definatly my choice of browser over the rest. :thumb:
     
  24. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    I'm trying all the major browsers in the last years, and these are my thoughts:

    Maxthon: Excellent, with great features, but use IE Kernel with all the issues that we know... The version 2 is being developed and will be a great upgrade over the current version in all the items...

    Firefox: Very good engine. The default package is very simple and could not be compared with Maxthon and Opera. A lot of extensions add a lot of features to it, but sometimes that extensions contains a lot of bugs and put the browser unstable and slowly. The last Gecko engines fixed thousand of bugs, and this is very good...

    Opera: Best browser on earth! All in front on the browser technology, supports more standard than the others, very fast and stable...
    The newest version benefits from the fact that a lot of webmaster are trying to give support for Firefox, and this reduce a lot the issues that Opera add in the past...
     
  25. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    My thoughts:

    Opera - more security and has lots of built-in functionality.

    Firefox - not as secure as Opera but extensions give it far more flexibility and functionality.
     
Loading...
Thread Status:
Not open for further replies.