Slashdot Mirror
Ask Slashdot: Most Secure Browser In an Age of Surveillance?
An anonymous reader writes "With the discovery that the NSA may be gathering extensive amounts of data, and the evidence suggesting makers of some of the most popular browsers may be in on the action, I am more than a little wary of which web browser to use. Thus, I pose a question to the community: is there a 'most secure' browser in terms of avoiding personal data collection? Assuming we all know by know how to 'safely' browse the internet (don't click on that ad offering to free your computer of infections) what can the lay person do have a modicum of protection, or at least peace of mind?"
Pretty sure it there's no big difference in security/privacy between modern browsers when you take the usual steps. Y'know, disable the problemchild plugins, limit cookies, use privacy mode, and keep javascript on a white-list basis. Of course, you can still technically be tracked by behavior and server-side stuff, but those have bugger-all to do with the browser.
I read TFA and all I got was this lousy cookie
The EFF has provided an up to date list of privacy-enabling tools in the age of Prism. http://prism-break.org/
When the backbone is compromised, you're pretty much fucked unless you run strong encryption everywhere and obfuscate who you are talking to. Irrespective of whether your browser is open source - if it doesn't do the above, you're boned.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
They at least get early Zero-Day access. I'm guessing they have more.
http://arstechnica.com/security/2013/06/nsa-gets-early-access-to-zero-day-data-from-microsoft-others/
Well, we know that Microsoft and Google have apparently been giving a feed of data to the NSA for quite some time, now.
They make two of the three dominant browsers.
Anyway, the only thing you can do is utilize strong encryption. Nothing else matters, because everything you do goes through your ISP and can be (and probably is) picked up/tracked there. Unless you're encrypting, that's your weakest point.
Rising are a Chinese company listed as an anti-virus partner by Microsoft.
Ah.. an anti-ms troll still stick in 1999. _NSAKEY has nothing to do with backdoors. Its understandable that non-technical simpletons would mistake it as such.
http://www.schneier.com/crypto-gram-9909.html#NSAKeyinMicrosoftCryptoAPI
... the snooping is done on your ISP's backbone, and the browser you use makes little difference.
If you're just using a stock browser, this is somewhat true. But for privacy you wouldn't do that.
For instance, installing the HTTPS Everywhere extension will get you secure connections to as many sites as possible. That's a direct counter to pervasive snooping. I use it with Firefox and also NoScript, Ghostery, RefControl, and CookieMonster, and that set does a fairly decent job of having a more privacy-oriented (and faster) browsing experience. It also makes the NSA's eavesdropping more difficult, but that's just a nice side effect of not sharing your every move with the commercial trackers out there (I installed them all well before I'd ever heard of Snowden). The nice thing about solid security approaches is that they proactively defend against unknown attackers.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)