Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Opinions on most secure web browser


  • Please log in to reply
17 replies to this topic

#1 MaryBet82

MaryBet82

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:01 PM

Posted 20 February 2015 - 07:43 PM

My sister has a new HP Win 8.1 laptop I'm trying to help her set up - but I can't read fast enough. We have both used firefox for years - but she got into trouble when she tried to download/install firefox. Must have gone to the wrong webpage. Now that she's deleted the quarantined files she's wondering if she should stick w/ firefox or maybe go with chrome.

 

I've been assuming that IE is still the security risk it has always been. Can the layman configure it securely in 8.1? Even with Firefox one has to add extensions like BetterPrivacy and NoScript and etc. Is Chrome a better choice security-wise?

 

Thanks for any help.


mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

BC AdBot (Login to Remove)

 


#2 Condobloke

Condobloke

    Outback Aussie @ 54.2101° N, 0.2906° W


  • Members
  • 5,939 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:01 AM

Posted 20 February 2015 - 07:45 PM

Firefox.

 

Simple

 

Easy to configure

 

Can be trusted.


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#3 a.h.h.10

a.h.h.10

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:01 PM

Posted 20 February 2015 - 07:54 PM

I've used Internet Explorer, Chrome, and Firefox.

 

I like Firefox the best. It seems to block things that the other two don't seem to do.

 

Chrome comes with the flash plug-in. You know about the security problems with Adobe flash, right? When it's necessary to use Chrome just for the flash plug-in, I use Chrome.

 

When you download Firefox (or anything), make sure you get it from the original website. https://www.mozilla.org

 

If you're like me and don't have flash installed on the computer, what you can do is have both Firefox and Chrome so that way you have a browser with flash and then one with no flash for security reasons.



#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:01 PM

Posted 20 February 2015 - 09:42 PM

Hello there,

Firefox or Google Chrome, it doesn't matter if the end user doesn't follow safe computing practices.

Before anything, give this to your sister and make sure she read it: How to keep your computer safe online.

I use Google Chrome, as it has a x64 native build and thus takes less resources (Firefox's x64 build is still in development).

And here are some suggestions you may find useful to enhance your browser's security:

- Always keep a resident AV running, and get additional AM protection via Malwarebytes Anti-Malware or Emsisoft Anti-Malware. Be noted that both do not offer real time protection in their free version, and thus you must manually do scans.

- Remove Java, Flash and Silverlight if you do not use them.

- Adblock Plus for Firefox: This will keep ads out of your surfing, and also reduces the chance that attackers will use malicious ads to infect your machine.

If she decides to use Chrome, get her uBlock instead as it is less resource intensive.

- NoScript for Firefox: This will allow you to block malicious scripts while allowing legit ones. It can take a while to learn which ones to allow or block, but once you got the hang of it then it becomes a very effective tool.

Chrome has a similar tool called ScriptSafe.

- Web of Trust: Gives you a general idea of what is good and bad via community feedback. Take it with a grain of salt however, as it is not always accurate. The addon is available to both browsers.

- Malwarebytes Anti-Exploit: This is a small app that prevents malware from using exploits - loopholes in apps that they can use - to infiltrate your machine. Just install the app and forget it, it'll do its job automatically.

- CryptoPrevent: This is an app that prevents the execution of crypto ransomware by placing software restrictions into places they are known to start from.

- HitmanPro.Alert: This is an offshoot of the AM scanner HitmanPro that monitors browsers and warns you if they are compromised by banking trojans. It also features the ability to neutralize active crypto ransomware and gives you the option to kill it with HitmanPro, and exploit mitigration similar to MBAE.

- Secunia Personal Software Inspector: This utility helps you in keeping your programs up-to-date by inspecting your machine for any outdated software.

If you have any questions, feel free to ask.

Regards,
Alex

#5 mainer21

mainer21

  • Members
  • 122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oregon
  • Local time:09:01 AM

Posted 21 February 2015 - 12:33 AM

That is a great list Alexstrasza.But you need to add one more piece of software to the that list. Heimdal checks and updates the following software,Adobe

Flash, Adobe Reader, Adobe Shockwave,Internet Explorer,Firefox,Java, Skype,Windows Media Player,
Apple Quicktime, Winzip, Microsoft
MDAC and Heimdal agent itself.


#6 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:01 PM

Posted 21 February 2015 - 12:40 AM

Hello there mainer21,

Secunia PSI already did what Heimdal do - and more, as Secunia checks all software an user have. Heimdal doesn't.

Alex

#7 rp88

rp88

  • Members
  • 3,016 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:01 PM

Posted 22 February 2015 - 08:28 PM

Firefox with Noscript and Adblockplus is the solution i swear by, also disabling any plugins you don't use is helpful and putting those you do on "click to play" or "ask to activate" not "run automatically" is useful. With this setup it is almost impossible to be infected by drive-by attacks except if you allow scripts from an unsafe page to run, the act of browsing should be safe on almost any sites, playing flash videos or enabling javascript for things like (some) forum logins is when the chances of infection become possible. Using this setup and being careful where you go (depite the excellent protection of scriptblocking) and what you download should keep you very safe. I should mention alos that a scriptblocker exists for chrome but i've never tested that one.
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#8 MaryBet82

MaryBet82
  • Topic Starter

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:01 PM

Posted 24 February 2015 - 09:56 PM

Wow. Thanks to everyone for their help.

 

My sister is trying out Chrome. I'll tell her about uBlock & ScripSafe if she sticks with that browser. I've been using NoScript in Firefox for years, but you have to do a lot of enabling whenever you go to a new web page. I also use Better Privacy & WOT. I'll check out those other suggestions for Firefox.

 

And no. I'm completely confused about java and javascript and flash. I've been off the web for a couple of years and I'm out of date plus I've forgotten a lot. Also I claim old age as an excuse. Currently my java & silverlight plugins are on "ask to activate" and silverlight needs to be updated. Like everything Microsoft it is a pain to update so I've been putting it off. I think I installed it because I have Word for Mac and needed it to access some features. I don't think I actually ever used it so I think I'll just uninstall it.

 

What is java used for? I have Shockwave flash installed and activated. I remember that there was a security problem w/ Adobe but isn't it necessary to access some info on the Web? I thought flash was necessary to run things like the videos on utube. I seem to remember there was some option other than Adobe reader but I can't remember what it was.

 

I hadn't heard of Heimdal or Secunia. Help keeping everything updated would be great.


mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

#9 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:01 PM

Posted 24 February 2015 - 10:12 PM

Hello there,

Java is required to run Javascripts on certain websites - you can try uninstalling Java and see if any webpages are impacted.
 

I have Shockwave flash installed and activated. I remember that there was a security problem w/ Adobe but isn't it necessary to access some info on the Web? I thought flash was necessary to run things like the videos on utube. I seem to remember there was some option other than Adobe reader but I can't remember what it was.

Flash is required for some activities on the Internet yes, but it's better to set to "Ask to Activate" if you decided to keep it.

Foxit Reader is a free non-editing alternative to Adobe Reader, but it has recently been brought to my attention that Foxit Reader is now bundling the adware SearchProtect with it. Should you choose to use Foxit Reader, be careful and uncheck all unnecessary options during the installation.

Regards,
Alex

#10 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,302 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:10:01 AM

Posted 24 February 2015 - 10:53 PM

As an alternative to Foxit. I used PDF-XChange Viewer, which is also free, for years. It has now been superseded by PDF-XChange Editor. Which is still free for personal use.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#11 yu gnomi

yu gnomi

  • Members
  • 532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago suburb
  • Local time:12:01 PM

Posted 24 February 2015 - 11:14 PM

Java is required to run Javascripts on certain websites - you can try uninstalling Java and see if any webpages are impacted.


just a minor correction to what otherwise is very sound advice you have offered- Java and Javascript are 2 different languages. Java is required to run Java applets that some websites use. Javascript is natively supported by browsers, but an extension like no-script (firefox) or scriptblock (chrome) can give the user control over when javascripts run.

#12 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:01 PM

Posted 24 February 2015 - 11:18 PM

just a minor correction to what otherwise is very sound advice you have offered- Java and Javascript are 2 different languages. Java is required to run Java applets that some websites use. Javascript is natively supported by browsers, but an extension like no-script (firefox) or scriptblock (chrome) can give the user control over when javascripts run.

Thank you for the correction :)

Alex

#13 rp88

rp88

  • Members
  • 3,016 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:01 PM

Posted 25 February 2015 - 11:35 AM

Personally i have chrome and firefox installed (and ofcourse IE came built into the system but i never open it). I use firefox for most browsing as i can have NoScript running in it for protection against drive-bys. I then use chrome for one or two sites which i know to be safe, and don't display adverts, where some flash videos don't run so easily through firefox. Chrome contains a built in flash player and a built in pdf reader, i would recommend having it on a machine alongside firefox, using firefox for most activity and chrome for the occcasions when flash player in firefox doesn't work quite right and also having chrome for viewing pdf files. In both browsers i always have each and every plugin either set to "ask to activate" or fully disabled. As far as java and silverlight are concerned, update silverlight immediately (it should be done through window update) and then deactivate it unless you often visit sites which use it. For java: turn off it's browser plugin component from within the java control panel http://www.howtogeek.com/134353/how-to-protect-yourself-from-java-security-problems-if-you-cant-uninstall-it/?PageSpeed=noscript or if you do not use it for any desktop programs then uninstall java entirely.
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#14 mainer21

mainer21

  • Members
  • 122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oregon
  • Local time:09:01 AM

Posted 26 February 2015 - 10:53 AM

Which Browser is Best for Security? Researchers from Accuvant discussed the results of a browser security comparison study at RSA Conference 2012 -- and the debate rages on.

http://***.esecurityplanet.com/browser-security/which-browser-is-best-for-security.html



#15 MaryBet82

MaryBet82
  • Topic Starter

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:01 PM

Posted 11 March 2015 - 06:39 PM

Thanks to everyone.

 

I like the idea of having chrome installed if it has a built in flash player and pdf reader. I tried using chrome on my sister's computer and It seemed very bare bones - I couldn't find bookmarks and such - but once I learn it maybe I can use it instead of firefox. I'm not crazy about the idea of trying to keep two web browsers and their plugins/extensions updated.

 

I found some instructions on how to uninstall java on a mac, but my applications folder doesn't have a javaappletplugin.plugin file to delete. It has a Java Preferences application. Do I delete that? I have a Java applet plugin 13.9.8 in firefox that I have set to never activate, but I don't see anyway to remove it. Everytime they update Firefox they rearrange everything and I have to relearn how to do everything. Old people don't like that. I didn't like that when I was young either.

 

I changed my Shockwave flash plugin in firefox to Ask to Activate.

 

I don't get how one is supposed to know if a website is safe or not. I use WOT for general browsing but it can't be 100% and sometimes I think it falsely accuses a site as being unsafe. Before downloading any software I go to McAfee site advisor first, but I don't know how one is supposed to stick to safe sites when following links for info or judge whether to activate flash or allow via NoScript a javascript to run. I remember well-known "safe" websites were getting hacked at some point and bad things put on their pages. When people say safe sites do they just mean to avoid file sharing/torrent sites where music/videos/software are shared illegally?

 

pr88 I don't understand about enabling javascript for some forum logins being unsafe? And a lot of news is in video form these days doesn't that require a flashplayer?


mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users