Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Most Secure Browser In an Age of Surveillance?

Posted by Soulskill on from the lynx-seems-pretty-safe dept.

An anonymous reader writes "With the discovery that the NSA may be gathering extensive amounts of data, and the evidence suggesting makers of some of the most popular browsers may be in on the action, I am more than a little wary of which web browser to use. Thus, I pose a question to the community: is there a 'most secure' browser in terms of avoiding personal data collection? Assuming we all know by know how to 'safely' browse the internet (don't click on that ad offering to free your computer of infections) what can the lay person do have a modicum of protection, or at least peace of mind?"

3 of 391 comments (clear)

  1. Tor Browser Bundle (TBB) R/O system by Anonymous Coward · · Score: 5, Interesting

    A LiveCD with TBB:

    https://www.torproject.org/

    for LiveDVD/USB preconfigured not to leak try TAILS:

    https://tails.boum.org/

    in both instances unplug your HDD(s) before use.

  2. Re:No such thing by UltraZelda64 · · Score: 5, Interesting

    I was thinking Incognito/TAILS, exactly. Those guys seem incredibly serious about privacy and security. I haven't messed a whole lot with it myself lack of memory, no discs to spare, runs like crap in a VM...), but I recall it even featured Tor and a Tor Firefox extension and it had strict rules about *not* allowing certain "convenience" features in the name of privacy (ie. swap partition). No doubt, with security features and precautions like those, its Firefox browser is probably locked tight as hell by default.

    Aside from this, I figure with all the extensions available and some additional services, you could help to protect yourself. You could start by doing the usual in your browser (disable third-party cookies, install the Adblock Plus, NoScript and DoNotTrackMe extensions, etc.). Reduce your reliance on American companies and/or servers. Example: Since Google's going to be killing off Talk/XMPP support, I decided to look around for alternatives, and chose many XMPP servers to test and decide which one to use. I originally was interested in performance and was going to choose one closest to me, in my own country if possible (the United States). Now, I am almost 100% certain my primary XMPP account will *not* be on an American server, unless I happen to decide to try my hand at setting up and maintaining my own XMPP server.

    And... services. Obviously Tor can work as in Incognito if you want to use that, but another option would be a VNC provider. Specifically, one that respects your privacy (ie. does not store any more log data than they need to operate), and possible more importantly--again--one that is not in the United States. I'm not sure of a good VNC provider, but I can say that it's pretty pathetic when you are forced to subscribe to and pay a foreign provider just to try to ensure your own privacy. But, well, it looks like the U.S. government has no end in sight when it comes to royally fucking up own economy.

    And last... you run Windows? Mac? Might want to change your operating system. It's already been discovered that various U.S. government agencies have deals with Microsoft to learn about zero-day exploits before anyone else in the world... who knows what other deals they might have, or what other American companies also have deals. Definite possibility of backdoors as well.

    The real problem is that PRISM works (from what I can understand) by splitting the signal in between, for example, Microsoft's or Google's servers and their respective ISPs (Steve Gibson brings some pretty good points in a recent episode of Security Now). This means they get *everything*, so if it's encrypted (https:// for example) the government *may* not be able to read the data itself as it's transferred for storage in their own top-secret storage rooms... but they can definitely look at the activity to find out what IP address communications are between at any given time (or... just ask the company running the servers who that user is).

  3. Failure of Premise by mrbene · · Score: 5, Interesting

    OP says "what browser should I use" I automatically add "for the Facebooks".

    Here's the low-down:

    1. If you install any software, it can identify your machine uniquely. This goes for apps, doubly.
    2. If you use an ISP without TOR or other proxy, your ISP knows exactly what sites you're going to.
    3. Even if you use obfuscation techniques (TOR, other proxy), the exit node knows where you're going. TOR is designed to prevent the exit node from knowing where you entered from, but this fails if you send unencrypted identifying data across the wire.
    4. Additionally, using TOR obfuscates your country of origin, thereby giving NSA the freedom to retain your activity indefinitely.
    5. If you authenticate anywhere, you've provided that party (and the NSA) with a unique ID for yourself.
    6. If you authenticate and also provide actual information about yourself, a link to your physical self can be made. Remember, there's an 87% chance that your DOB, ZIP, and Gender are a unique combination. And if it isn't unique, you probably only share these with one or two other people.

    That's just off the top of my head. The software you use to disclose the information isn't the problem - you are.