Linked by Thom Holwerda on Fri 28th Aug 2009 12:42 UTC
Internet & Networking Another instalment of Ask OSNews. A reader sent us in a question about browser security and privacy. "Could you please advise me and your readers on what you consider to be the safest web browser? I am considering the term 'safe' from both a privacy and security stand point."
Permalink for comment 381276
To read all comments associated with this story, please click here.
Virtual machine
by avih on Fri 28th Aug 2009 15:57 UTC
avih
Member since:
2006-03-16

Joining the common opinion about the closeness of Opera/Safary (and also due to their relatively low market share), I can only comment about Firefox/Chrom/ium.

There are two aspects to consider:

Privacy:

While both projects are OSS, I'd say Firefox has a better chance to keep your privacy since Mozilla has no inherent interest in collecting user info/data, at least not to the same extent that Google has, almost by definition. It's not an accusation of Chrome, merely a Google interest to collect data.

One can also turn off the geo-location services on Firefox, turn off pishing detection (double edged sword since it undermines the security aspect) because it send every page one visits to Google (on both Firefox and Chrome), and disable search term completion (again, it sends Google every character you type into the search box even without executing the search).

Other than that, both have good privacy modes ("Porn mode"), which is easier to invoke on Chrome IMHO, and both allow the user to clear private data pretty easily and with good resolution.

Bottom line, I'd go with Firefox on the privacy front, but it only wins for my by a small margin.


Security:

I'd say that Chrome's process isolation is currently the leader in generic preventive measures within browsers. One can also turn on the NX-flag at the OS level (DEP on Windows) which further helps preventing execution of code that resides on non-code segments.

Both projects seem to respond pretty fast with security updates, so that front is covered nicely.

An interesting aspect to consider, both from Browser and OS perspective, is that the larger the market share of the product, the more attractive it is as a target for malicious software. From this perspective, BSD/Linux/OSX/Win32 is probably the order of attack chance, in increasing probability order. From a browser perspective it's probably Opera/Safari/Chrom/Firefox/IE, again, in increasing order of chance to be attacked. As for guest OS, go with what you feel comfortable.

Bottom line on security: Chrom/ium on windows should do pretty good IMHO. If you're on *nix, just make sure to use the browser as a non-root account.

Another option to consider if one is really concerned about security, is to run the browser inside a virtual machine, possibly while re-installing the OS once in a while or just boot a VM of a Live-CD (many of them can save user data/bookmarks/etc between reboots to HD/Disk-on-key/etc). Current VMs are pretty effective on modern computers, and the performance penalty is reasonable (read: pretty small on a modern PC).

The most common solutions today are probably VirtualBox which is Freeware (including a good enough OSS variant) and the commercial VMWare. Some solutions include desktop integration which can be pretty useful on our scenario.

If one's concerned about resource usage of the host, there are many small Linux distros to choose from which require little memory allocation for the VM. Puppy Linux is one such options, although there are many.

Personally I use Firefox on XP/SP3 with geolocation/pishing/search-completion turned off but without automatic script blocking. It's not perfect, but thus far I've managed to keep my PC 100% clean during many years of extensive usage and browsing.

YMMV.

Edited 2009-08-28 16:15 UTC

Reply Score: 1