Ask Slashdot: Most Secure Browser In an Age of Surveillance?

← Back to Stories (view on slashdot.org)

Ask Slashdot: Most Secure Browser In an Age of Surveillance?

Posted by Soulskill on Saturday June 22, 2013 @06:19PM from the lynx-seems-pretty-safe dept.

An anonymous reader writes "With the discovery that the NSA may be gathering extensive amounts of data, and the evidence suggesting makers of some of the most popular browsers may be in on the action, I am more than a little wary of which web browser to use. Thus, I pose a question to the community: is there a 'most secure' browser in terms of avoiding personal data collection? Assuming we all know by know how to 'safely' browse the internet (don't click on that ad offering to free your computer of infections) what can the lay person do have a modicum of protection, or at least peace of mind?"

75 of 391 comments (clear)

Min score:

Reason:

Sort:

Internet Explorer by futuramasd · 2013-06-22 18:19 · Score: 5, Funny

IE10 and 11 are superb browses. They containing many very good tactics to secure the browser and computer, for example, true sandboxing and JIT hardening. Most other browsers don't come even close.

Secondly, the sandboxing means that IE is usually able to block an attack on plug-ins like the Flash Player and JAVA VM. This alone makes surfing with IE remarkably safe.

IE really is an different kind of beast in the sea of mediocre browsers. It has come long way and is aiming for the top.

- John Futura
Security Consultant
1. Re:Internet Explorer by NewtonsLaw · 2013-06-22 18:24 · Score: 5, Insightful
  
  Yes, but how do you know that MS hasn't inserted a nice big back-door for the spooks?
  From a "security" perspective, you'll have to go with an open-source browser -- but even that's not a guarantee.
  To be sure, you'll have to compile it yourself from a set of source files that you have gone through with a fine-toothed comb, checking each line for any chance of hidden functionality.
  Oh, come to think of it -- you'll also have to assemble all the libraries from similarly vetted sources -- oh, and that means you'll need to use a compiler you've built from vetted sources -- but hey, that would involve using another compiler that could already be compromised so...
  You'll have to hand-code (from source to binary) every bite of the compiler you use and then type it in through a BIOS that you've also hand coded -- entering the BIOS code through a set of toggle switches on the front panel.
  Bottom line -- you don't *know* for sure that *any* browser is going to be secure.
2. Re:Internet Explorer by Mitchell314 · 2013-06-22 18:26 · Score: 4, Informative
  
  Pretty sure it there's no big difference in security/privacy between modern browsers when you take the usual steps. Y'know, disable the problemchild plugins, limit cookies, use privacy mode, and keep javascript on a white-list basis. Of course, you can still technically be tracked by behavior and server-side stuff, but those have bugger-all to do with the browser.
  
  --
  I read TFA and all I got was this lousy cookie
3. Re:Internet Explorer by kthreadd · 2013-06-22 18:28 · Score: 2
  
  Have we actually heard anything that suggests that they put in back doors into software? All I've heard is that NSA has collected data going in and out of their datacenter, not individual customers.
4. Re:Internet Explorer by kthreadd · 2013-06-22 18:29 · Score: 2
  
  Of course there can be security, the problem is rather if you trust it.
5. Re:Internet Explorer by kthreadd · 2013-06-22 18:32 · Score: 5, Insightful
  
  Well he is technically correct. IE is as of version 10 actually a good browser. The only problem is that it's only available on Windows and the source code is not available under an open source license. If both of these were false I then I wouldn't mind running it.
6. Re:Internet Explorer by smash · 2013-06-22 18:39 · Score: 5, Informative
  
  When the backbone is compromised, you're pretty much fucked unless you run strong encryption everywhere and obfuscate who you are talking to. Irrespective of whether your browser is open source - if it doesn't do the above, you're boned.
  
  --
  I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
7. Re:Internet Explorer by smash · 2013-06-22 18:40 · Score: 2
  
  Agreed with the above. For all the crap I've said about Windows 8, IE10 is actually an acceptable browser. It's not 1999 anymore kids, Microsoft really have pulled their finger out with IE in the last couple of years, and credit to them where credit is due.
  
  --
  I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
8. Re:Internet Explorer by Anonymous Coward · 2013-06-22 18:44 · Score: 5, Informative
  
  They at least get early Zero-Day access. I'm guessing they have more.
  http://arstechnica.com/security/2013/06/nsa-gets-early-access-to-zero-day-data-from-microsoft-others/
9. Re:Internet Explorer by Anonymous Coward · 2013-06-22 18:56 · Score: 3, Funny
  
  You actually trust your hardware ???!!!!
  You have to start with a handful of diodes and a soldering iron you naive, easily deceived person.
10. Re:Internet Explorer by Yvanhoe · 2013-06-22 19:00 · Score: 4, Interesting
  
  Yes : the whole NSA key debacle. You are free to choose to believe Microsoft denegations that the item they called _NSAKEY is a key they gave to the NSA. This is not the kind of smoking guns Snowden provided, but I do think this qualifies as "something that suggests they put in back doors into software."
  
  --
  The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
11. Re:Internet Explorer by benjymouse · 2013-06-22 19:27 · Score: 4, Interesting
  
  They at least get early Zero-Day access. I'm guessing they have more.
  http://arstechnica.com/security/2013/06/nsa-gets-early-access-to-zero-day-data-from-microsoft-others/
  MS gives advance information about security patches to AV vendors. The intention is to allow those AV vendors to create scanning signatures which will enable AV products to pick up the attacks. Attackers have show a lazy tendency to just reverse engineer patches instead of finding vulnerabilities themselves. Less than 1% of attacks are zero-day attacks these days.
  Some of AV vendors that receive such vulnerability information are foreign companies. Yes. Some of those AV companies are Chinese.
  Is it not reasonable to afford the NSA the same advance warning? The advance warning is a few days before the patch is made public, around the same time that the public receive advance notification (with less details than the AV companies and NSA). It is not like they have months to exploit it.
  But tinfoil hatters and Microsoft haters always spin it as something nefarious. There is *nothing* to suggest that there are NSA backdoors in Windows or any other OS for that matter.
  
  --
  Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
12. Re:Internet Explorer by maxwell+demon · 2013-06-22 19:57 · Score: 3, Interesting
  
  Of course you can win. All you have do is to build up a massive surveillance system yourself. Then you know exactly who is trying to listen to you with which methods, and can enact appropriate counter measures. :-)
  
  --
  The Tao of math: The numbers you can count are not the real numbers.
13. Re:Internet Explorer by flyingfsck · 2013-06-22 20:29 · Score: 2
  
  No, no, Microsoft did not put the backdoor into Skype - Ebay did that. Microsoft just improve and maintain the backdoor.
  
  --
  Excuse me, but please get off my Pennisetum Clandestinum, eh!
14. Re:Internet Explorer by Bert64 · 2013-06-22 20:29 · Score: 4, Insightful
  
  That's what people said about IE5 & 6 at the time they were released and look how that turned out. Those who forget the lessons of history are doomed to repeat them.
  
  --
  http://spamdecoy.net - free throwaway anonymous email - avoid spam!
15. Re:Internet Explorer by jakimfett · 2013-06-22 20:30 · Score: 3, Interesting
  
  As a web developer, I have to disagree. Strongly. Not only does IE10 bring its own set of (annoying and visually breaking) problems, but it disables all the hacks we (used to) use to fix the appearance of things in previous browsers.
  
  That said...from a "standards compliance" perspective, IE has made some marginal improvements. Marginal. At best.
  
  --
  Bits of code, random ramblings: jakimfett.com
16. Re:Internet Explorer by cyssero · 2013-06-22 20:34 · Score: 5, Informative
  
  Rising are a Chinese company listed as an anti-virus partner by Microsoft.
17. Re:Internet Explorer by mwvdlee · 2013-06-22 20:38 · Score: 4, Interesting
  
  Not enough, apparently.
  Only two posts celebrating MS security since he's opened his account a few days ago is far too few.
  Even if those two are the only posts he's made as yet.
  
  --
  Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
18. Re:Internet Explorer by Anonymous Coward · 2013-06-22 21:26 · Score: 5, Informative
  
  Ah.. an anti-ms troll still stick in 1999. _NSAKEY has nothing to do with backdoors. Its understandable that non-technical simpletons would mistake it as such.
  http://www.schneier.com/crypto-gram-9909.html#NSAKeyinMicrosoftCryptoAPI
19. Re:Internet Explorer by smash · 2013-06-22 21:41 · Score: 4, Insightful
  
  When IE6 came out, it was competing with Netscape 4. I don't think i need to elaborate too much on that, those who were around back then can confirm how not great netscape 4 was.
  
  --
  I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
20. Re:Internet Explorer by Grashnak · 2013-06-22 22:02 · Score: 5, Insightful
  
  I always love how people simultaneously believe that the NSA is so technically brilliant that it can collect and analyze every message sent by every random person on earth, but also so stupid that they name their secret backdoor key _NSAKEY.
  
  --
  Life needs more saving throws.
21. Re:Internet Explorer by jones_supa · 2013-06-22 22:16 · Score: 3, Funny
  
  What? You're basically complaining that while IE is becoming more standard compliant, your crusty bubblegum hacks won't work anymore.
22. Re:Internet Explorer by Bert64 · 2013-06-22 22:23 · Score: 3, Insightful
  
  Which is exactly the point, if enough people start using IE again that competition is effectively eliminated they will almost certainly cease development while encouraging the creation of ie-only websites to lock users in. This is called "bad faith".
  Having experienced this in the past, i have no desire to experience it again and thus won't use any version of IE wether it's a decent browser or not.
  
  --
  http://spamdecoy.net - free throwaway anonymous email - avoid spam!
23. Re:Internet Explorer by benjymouse · 2013-06-22 22:32 · Score: 5, Insightful
  
  Some of those AV companies are Chinese.
  Care to list out the name of the AV companies which are owned and/or operated by the CHINESE ??
  I am interested in factual information, not fear mongering !!
  The MAPP program is public. You can find the list of MAPP partners at Microsoft Security Response Center
  Huawei is there, as well as several Beijing companies.
  My emphasis on Chinese was tongue-in-cheek. They get a few days advantage to develop scanning signatures. Yes, some of them may go rogue or (more likely) some of the employees. I would think that is why they only get a few days head start and not several months.
  
  --
  Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
24. Re:Internet Explorer by hairyfeet · 2013-06-22 22:40 · Score: 4, Insightful
  
  You are 100% right friend and for those that want a REAL education in what you are potentially up against I urge you all to go take a good hard look at the entries in the various obfuscated C contests and then realize this...you know for a FACT there is malware in those, yet it is DAMN HARD to spot it. Now think about how you have the endless budgets of governments wanting to spy on their citizens and each other and you have those that create malicious code as a business.
  At the end of the day all you can do is keep an eye on your browser and network traffic, see who it is hooking up to, when and why, because with THAT much money involved if a government or group with nefarious intent truly wanted to backdoor a program or even an OS they CAN do so without too much effort required. with the proprietary companies they can just flash a badge and get what they want and with a FOSS project or OS...how many of the projects are gonna turn down a highly skilled coder that volunteers?
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
25. Re:Internet Explorer by Monoman · 2013-06-23 00:16 · Score: 4, Funny
  
  Exactly. The key is actually _SETECASTRONOMY.
  
  --
  Keep the Classic Slashdot.
26. Re:Internet Explorer by ebno-10db · 2013-06-23 00:22 · Score: 4, Insightful
  
  You don't have to compile Firefox from source. If an open source product has an NSA backdoor, it only takes ONE user to bring down the entire product, or the Mozilla Foundation in the example, and shame them forever. This in itself is a guarantee.
  Assuming that it's clear that it's a backdoor, as opposed to something that appears to be an ordinary security bug.
27. Re:Internet Explorer by camperdave · 2013-06-23 01:31 · Score: 2
  
  Back in July 2010, Microsoft claimed that SmartScreen on Internet Explorer had already blocked over a billion attempts to access sites containing security risks.
  So... was that from virus infected machines attempting to access further malware, or is that a TSA style stat about how many "terrorists" they've stopped.
  
  --
  When our name is on the back of your car, we're behind you all the way!
28. Re:Internet Explorer by meustrus · 2013-06-23 02:01 · Score: 4, Funny
  
  You'll have to hand-code (from source to binary) every bite of the compiler you use and then type it in through a BIOS that you've also hand coded -- entering the BIOS code through a set of toggle switches on the front panel.
  So...you'll have to install Gentoo then?
  
  --
  I sometimes ask revealing, often ignorant-seeming questions. Maybe they're harder to answer than you think.
Well... by Anonymous Coward · 2013-06-22 18:24 · Score: 5, Insightful

I'll be uncharacteristically calm here, and ask that someone provide this, "evidence suggesting makers of some of the most popular browsers may be in on the action."
And in any case, let's be realistic. The NSA doesn't really need help from your browser if they're watching all your traffic. :p
No such thing by Anonymous Coward · 2013-06-22 18:26 · Score: 5, Insightful

Security should begin at the hardware level, the kernel should be inaccessible from a hardware perspective. The next best thing is a complete secure OS, so your options are limited to something like TAILS.
https://tails.boum.org/
I wouldn't say its 100% secure, its certainly not, but it does raise the bar a little and for them to use anything against you, they would need to admit to having the ability to break encryption. That's not going to happen. That said, always be careful as it will be used in other ways should it be required.
Other than that, there is no such thing as "safe".
1. Re:No such thing by UltraZelda64 · 2013-06-22 19:04 · Score: 5, Interesting
  
  I was thinking Incognito/TAILS, exactly. Those guys seem incredibly serious about privacy and security. I haven't messed a whole lot with it myself lack of memory, no discs to spare, runs like crap in a VM...), but I recall it even featured Tor and a Tor Firefox extension and it had strict rules about *not* allowing certain "convenience" features in the name of privacy (ie. swap partition). No doubt, with security features and precautions like those, its Firefox browser is probably locked tight as hell by default.
  Aside from this, I figure with all the extensions available and some additional services, you could help to protect yourself. You could start by doing the usual in your browser (disable third-party cookies, install the Adblock Plus, NoScript and DoNotTrackMe extensions, etc.). Reduce your reliance on American companies and/or servers. Example: Since Google's going to be killing off Talk/XMPP support, I decided to look around for alternatives, and chose many XMPP servers to test and decide which one to use. I originally was interested in performance and was going to choose one closest to me, in my own country if possible (the United States). Now, I am almost 100% certain my primary XMPP account will *not* be on an American server, unless I happen to decide to try my hand at setting up and maintaining my own XMPP server.
  And... services. Obviously Tor can work as in Incognito if you want to use that, but another option would be a VNC provider. Specifically, one that respects your privacy (ie. does not store any more log data than they need to operate), and possible more importantly--again--one that is not in the United States. I'm not sure of a good VNC provider, but I can say that it's pretty pathetic when you are forced to subscribe to and pay a foreign provider just to try to ensure your own privacy. But, well, it looks like the U.S. government has no end in sight when it comes to royally fucking up own economy.
  And last... you run Windows? Mac? Might want to change your operating system. It's already been discovered that various U.S. government agencies have deals with Microsoft to learn about zero-day exploits before anyone else in the world... who knows what other deals they might have, or what other American companies also have deals. Definite possibility of backdoors as well.
  The real problem is that PRISM works (from what I can understand) by splitting the signal in between, for example, Microsoft's or Google's servers and their respective ISPs (Steve Gibson brings some pretty good points in a recent episode of Security Now). This means they get *everything*, so if it's encrypted (https:// for example) the government *may* not be able to read the data itself as it's transferred for storage in their own top-secret storage rooms... but they can definitely look at the activity to find out what IP address communications are between at any given time (or... just ask the company running the servers who that user is).
Tor Browser Bundle (TBB) R/O system by Anonymous Coward · 2013-06-22 18:27 · Score: 5, Interesting

A LiveCD with TBB:
https://www.torproject.org/
for LiveDVD/USB preconfigured not to leak try TAILS:
https://tails.boum.org/
in both instances unplug your HDD(s) before use.
1. Re:Tor Browser Bundle (TBB) R/O system by flyingfsck · 2013-06-22 20:31 · Score: 2
  
  Tor is fine, except that most end points are likely run by the likes of the NSA and FBI...
  
  --
  Excuse me, but please get off my Pennisetum Clandestinum, eh!
2. Re:Tor Browser Bundle (TBB) R/O system by Nutria · 2013-06-22 20:53 · Score: 2
  
  most end points are likely run by the likes of the NSA and FBI...
  Then why isn't the FBI rounding up scads of drug buyers and paedophiles on a daily basis?
  Tin-foil Hat Boy says, "because they *are* drug pushers and paedophiles", but that's a stretch.
  
  --
  "I don't know, therefore Aliens" Wafflebox1
Lynx by Anonymous Coward · 2013-06-22 18:28 · Score: 5, Insightful

Face it, who's going to bother writing anything to exploit flaws in lynx? It just isn't worth it.
1. Re:Lynx by stox · 2013-06-22 18:31 · Score: 4, Insightful
  
  Not only that, but it lacks the features to exploit. Which is actually an important point in security, to only have the features you need and nothing else. Less surface area to attack.
  
  --
  "To those who are overly cautious, everything is impossible. "
2. Re:Lynx by kthreadd · 2013-06-22 18:36 · Score: 2
  
  Why not even go a step further and don't use the web at all?
3. Re: Lynx by Anonymous Coward · 2013-06-22 23:52 · Score: 2, Interesting
  
  Exactly what I was thinking. Which is why I would recommend netsurf. It's fast, functional, and can use frame buffer. It does not have flash or java script and uses its own rendering system.
Helpful guidelines from EFF by LoneHighway · 2013-06-22 18:28 · Score: 5, Informative

The EFF has provided an up to date list of privacy-enabling tools in the age of Prism. http://prism-break.org/
1. Re:Helpful guidelines from EFF by Anonymous Coward · 2013-06-22 22:10 · Score: 2, Informative
  
  "The EFF has provided an up to date list [...]"
  Why would you write that?
  That page is NOT from the EFF.
  It's created by Peng Zhong (from Nylira).
2. Re: Helpful guidelines from EFF by rvw · 2013-06-22 22:18 · Score: 2
  
  From what little I've seen of wordpress it seems to break the number one rule of web pages since 1992 and is full of absolute links, thus removing portablity and making it difficult to test before deploying. Is it all like that or did I just stumble upon a part written by an idiot?
  I just moved a wordpress installation from one domain to another. It's a two step process, and everything works without problem. (1) In the admin, you change the Wordpress and website address URL. Updating this results in an error because it expects another URL. (2) Move the installation to the new domain and/or rename the folder. It could be that a plugin stores an absolute path, but it isn't supposed to do that. Some plugins use file paths, but they will probably warn if that path is no longer available.
w3m / lynx by smash · 2013-06-22 18:33 · Score: 4, Funny

sacrifices may be required

--
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
actually it's pretty irrelevant by smash · 2013-06-22 18:35 · Score: 5, Insightful

... the snooping is done on your ISP's backbone, and the browser you use makes little difference. Government level snooping is a whole different kettle of fish to bad companies stealing info from you via tracking cookies.

--
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
1. Re:actually it's pretty irrelevant by Anonymous Coward · 2013-06-22 20:25 · Score: 5, Insightful
  
  It's best to leak as little info as possible, so Firefox + NoScript.
  What really should be done is making this Orwellian nightmare illegal. There is zero reason to wiretap EVERYBODY ALL THE TIME!
  Free speech is one of the most important principles of the USA. And no privacy means no free speech. This dystopia is unconstitutional.
2. Re:actually it's pretty irrelevant by Intrepid+imaginaut · 2013-06-22 21:20 · Score: 4, Insightful
  
  Bingo, the tech community is doing it all wrong. Fight back through educating politicians and voters. Make the government work for you.
3. Re:actually it's pretty irrelevant by bill_mcgonigle · 2013-06-22 23:50 · Score: 5, Informative
  
  ... the snooping is done on your ISP's backbone, and the browser you use makes little difference.
  If you're just using a stock browser, this is somewhat true. But for privacy you wouldn't do that.
  For instance, installing the HTTPS Everywhere extension will get you secure connections to as many sites as possible. That's a direct counter to pervasive snooping. I use it with Firefox and also NoScript, Ghostery, RefControl, and CookieMonster, and that set does a fairly decent job of having a more privacy-oriented (and faster) browsing experience. It also makes the NSA's eavesdropping more difficult, but that's just a nice side effect of not sharing your every move with the commercial trackers out there (I installed them all well before I'd ever heard of Snowden). The nice thing about solid security approaches is that they proactively defend against unknown attackers.
  
  --
  My God, it's Full of Source!
  OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
4. Re:actually it's pretty irrelevant by nullhero · 2013-06-23 02:25 · Score: 2
  
  ... I use it with Firefox and also NoScript, Ghostery, RefControl, and CookieMonster, and that set does a fairly decent job of having a more privacy-oriented (and faster) browsing experience.
  FYI: Ghostery is created and used by advertisors :
  
  ...Originally developed by David Cancel, Ghostery was acquired by the privacy technology company Evidon (previously named The Better Advertising Project) in January 2010. Currently, through the use of a reporting function named "GhostRank" that users can opt into, Ghostery provides reports to Evidon about advertisers and data collectors, which Evidon then provides to advertising industry groups including the Better Business Bureau (BBB) and the Direct Marketing Association, parts of the Digital Advertising Alliance (DAA).[3] These agencies then use those reports to monitor how Online Behavioral Advertisers operate and, when needed, refer them to the Federal Trade Commission.
  Source: wikipedia So they are still receiving tracking information.
  
  --
  Save Pangaea!! Stop Continental Drift!!
5. Re:actually it's pretty irrelevant by smash · 2013-06-23 03:01 · Score: 2
  
  HTTPS relies on the keys in use not being compromised or broken. It also doesn't do anything for detecting what sites you are looking at, it just encrypts the content. Logs can be subpoenaed from the host once they identify which sites you are hitting anyhow.
  
  --
  I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
hard to hide what sites you visit by Viking2054 · 2013-06-22 18:51 · Score: 5, Insightful

Considering that the internet transmits your public IP address in every header you send across the internet and also contains the IP address of the destination, there is no way for you to hide what sites you visit without going through a proxy server. As far as I know, Header information in every packet is plain text and there is no way to encrypt that because if it was encrypted then no router would be able to forward your packets onto the next step in its final destination. So your browser, e-mail program, or anything else that sends and receives data through the internet is going to leave a trail for the government to potentially record. It may not lead back to you specifically, but it will lead to someone in your household or in your neighborhood that is using your wi-fi for internet access, provided you haven't locked down your wi-fi. If you have locked down your wi-fi then the government can claim it was only you, someone in your household or someone you have given your wi-fi password to, which significantly lowers their potential suspects or targets.
If you send everything you do through a proxy server with a vpn connection to the proxy, then that has a very good chance of making you mostly anonymous. However, a warrant and the cooperation of the proxy service owner might make it possible for the government to still connect the dots back to you. Also, sending everything through a proxy server with all the non-routing information encrypted (via vpn) may actually lead to you being watched more closely then if you don't.
If what you are really after is encryption of the contents of what you see and do on the internet, your best bet is probably still a VPN through a proxy server. Especially since SSL and some of the other methods for encrypting data between two end points on the internet aren't as secure as they were once thought to be. I don't know of anyone that has come up with a replacement for SSL that has been adopted by very many content providers. And even if the web browsers may have adopted some new security encryption scheme, it won't be effective until most if not all content providers also adopt and implement it.
The only way to win is not to play at all by OzPeter · 2013-06-22 18:57 · Score: 4, Insightful

So you fix your browser .. are you also going to fix your ISP, whoever they buy their feed from etc etc until you get all the way to the actual web server? And how do you know to trust them?
Or are you going to build your own internet ,. with hookers and blackjack?

--
I am Slashdot. Are you Slashdot as well?
The browsers! by fustakrakich · 2013-06-22 18:57 · Score: 4, Funny

They do nothing!

--
“He’s not deformed, he’s just drunk!”
A stolen one... by Bob_Who · 2013-06-22 18:59 · Score: 2

Identity theft assures your privacy, so to speak. However, that would be illegal. Good thing they're looking for authentic criminals.
It's a political problem.. by Johann+Lau · 2013-06-22 19:03 · Score: 2

.. that can only be solved politically. If you want peace of mind, prepare for decades of serious struggle, and learn to be okay with that.
If your ISP and the websites you use hand over everything, if things gets collected at packet level wholesale; what does it even matter what browser you use? It doesn't, not one bit.
None of them by timmyf2371 · 2013-06-22 19:10 · Score: 5, Insightful

None of the browsers will protect you from surveillance.
Work on the basis that your ISP is compromised and that the web services you use have shared their databases with Government agencies. When you consider this, changing your browser is going to have little to no impact.
I think the only way you can really be secure from surveillance is to use the tor browser and only use web services which can't trace you. So, no Google, Apple, social networking or any of the cool stuff we take for granted these days.

--

Backup not found: (A)bort (R)etry (P)anic
1. Re:None of them by cheros · 2013-06-22 20:33 · Score: 2
  
  The OP is right insofar that a browser is only one part of the chain of events that ties an identity (and associated habits) to you. Even when you use something Firefox or Opera in so-called "private" mode, your traffic still originates from the same point, creating a common item between things that happen (and BTW, you should set your browser to be something else than the default "OS + browser ID").
  The expensive way to address that is to route your traffic via some privacy proxy. The expensive way to do this (used by most VIPs and privacy conscious celebrities) is to use specialist companies which map this traffic via VPNs to any part of the planet. The cheap way to do this is by using Tor, but it would be decent of you to then keep your Internet use as much as possible to text as other people are paying.
  
  --
  Insert .sig here. Send no money now. Owner may sue, contents will settle. Batteries not included.
Failure of Premise by mrbene · 2013-06-22 19:26 · Score: 5, Interesting
OP says "what browser should I use" I automatically add "for the Facebooks".
Here's the low-down:
1. If you install any software, it can identify your machine uniquely. This goes for apps, doubly.
2. If you use an ISP without TOR or other proxy, your ISP knows exactly what sites you're going to.
3. Even if you use obfuscation techniques (TOR, other proxy), the exit node knows where you're going. TOR is designed to prevent the exit node from knowing where you entered from, but this fails if you send unencrypted identifying data across the wire.
4. Additionally, using TOR obfuscates your country of origin, thereby giving NSA the freedom to retain your activity indefinitely.
5. If you authenticate anywhere, you've provided that party (and the NSA) with a unique ID for yourself.
6. If you authenticate and also provide actual information about yourself, a link to your physical self can be made. Remember, there's an 87% chance that your DOB, ZIP, and Gender are a unique combination. And if it isn't unique, you probably only share these with one or two other people.
That's just off the top of my head. The software you use to disclose the information isn't the problem - you are.
wget by Anonymous Coward · 2013-06-22 19:31 · Score: 2, Interesting

wget -m -k -K -E -l 1000 -t 3 -w 1 http://www.website.com/
Then after waiting a while (ok, maybe a long while), open the page/articles you *really* wanted to read in a text editor. Sure, the NSA might know which *site* you visited through normal spying means, but they'll never figure out which *page* you were really after.
Of course, they might think you read all the pages, and spend a few million dollars of taxpayer money trying to determine whether it's possible for someone to read 1 page per second and whether that implies terrorist connections, but they're clearly already misusing your tax dollars so you shouldn't really care if they misuse some more.
1. Re:wget by flyingfsck · 2013-06-22 20:59 · Score: 2
  
  Hmm, I think that you are onto something. One could make an obfuscating browser that sends out page requests to random sites to keep the network link full and defeat NSA traffic analysis. It should also log into sites like Slashdot, Al Jazeera and Facebook and post random comments...
  
  --
  Excuse me, but please get off my Pennisetum Clandestinum, eh!
Don't Bet On It by b4upoo · 2013-06-22 19:34 · Score: 2

You can bet that any browser worth its salt has had agents involved in its creation whether or not the people who built the product were aware of it at all. You can also bet that encryption products whether free or commercial often have back doors or keys built in. That is the very essence of intelligence gathering. Do not assume that physical or software products are free of snooping abilities.
I suppose your best chance might be a browser that was never popular or used by many people at all.
Think back a few years and recall the tunnel that we put under the Berlin Wall in order to tie into a major Soviet phone trunk line. We intercepted phone calls for years from that tunnel. If we could do that about 1968 or 1970 just imagine what could be done today. DARPA was the motive force behind the creation of the net. DARPA more than any other entity would have great reason to spy on communications. This is not a new issue.
Chrome phones home with ID code by Anonymous Coward · 2013-06-22 19:37 · Score: 4, Interesting

Except that Chrome phones home the first time you start it up to check for upgrades. This has the unfortunate 'effect' of informing Google of the browser ID at this IP address, and as a consequence it informs the NSA of the linkage of browser ID and IP address.
Post NSA, I try to avoid Google services. They try to grab data for themselves, but in the process grab it for the NSA, and if the choice is NSA+Google or no Google, then I go without Google.
I opt for Firefox with the 'check for updates' turned to manual checks.
It's a minor thing, but it helps in as much that the choice of browser can help (not much if you're in the USA, quite a bit if you're not and behind an ISP NAT).
1. Re:Chrome phones home with ID code by pentadecagon · 2013-06-22 21:37 · Score: 2
  
  Except that Chrome phones home the first time you start it up to check for upgrades.
  This hasn't been true for more than three years. In fact Google is very transparent about all privacy issues within Chrome.
2. Re:Chrome phones home with ID code by smash · 2013-06-22 21:37 · Score: 2
  
  If you think the NSA need your browser to phone home to identify you, you're in for a shock when you figure out how the NSA snooping really works.
  
  --
  I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
You'll just call attention to yourself by evilsofa · 2013-06-22 20:54 · Score: 4, Insightful

Doing what you prescribe will do the very thing that you are trying to avoid - get you on the NSA's list of people who are probably not American and must be up to something really interesting.

http://yro.slashdot.org/story/13/06/21/1443204/use-tor-get-targeted-by-the-nsa
1. Re:You'll just call attention to yourself by Lumpy · 2013-06-23 00:28 · Score: 2
  
  "So in other words: There is absolutely NOTHING AT ALL you can do? Any suggestions yourself, then?"
  Yes I do.
  1 - you MUST abandon any OS that does not give you complete control of the networking. Linux or BSD or it's derivatives is required.
  2 - you MUST never surf from home. Always use coffee shops and other places not attached to you
  3 - you MUST use non US VPN servers. to get your traffic outside the USA before it it's the internet unencrypted, Again use several of them.
  4 - Encrypted communications channels. refuse to use anything that is not encrypted. Better ones are NSA/CIA/FBI proof
  5 - realize that you really are not important at all. you posting photos of your cat is not of interest at all to the CIA.
  
  --
  Do not look at laser with remaining good eye.
2. Re:You'll just call attention to yourself by Clsid · 2013-06-23 02:18 · Score: 2
  
  This is my take on this issue, and I do believe not only that you can do a lot, but that the feds had to say that crap that if you do they will focus on you since they are worried a lot of people will think extra hard now to avoid them. It's like the Borg saying resistance is futile. Anyways, this is my list:
  -Install Hardened Gentoo. If you want to be extra paranoid download the source packages directly from the creators and compare hash keys.
  -Get a Linux VPS in a country that either has strong privacy laws like France, or from a country that is willing to fight off US foreign policy. Venezuela is geographically close and you can set up an account with the state company CANTV, but they only speak Spanish.
  -Install your own mail server on the VPS and install WebDAV to create your own "cloud" storage service.
  -Make sure they allow you to run the tun/tap kernel module so you can run OpenVPN with zero issues. Install Squid and OpenVPN. Keep in mind that a lot of things like certain YouTube stuff, Netflix and others might be blocked by regional distribution issues.
  -Use IceCat as your web browser. It has some extra privacy features. Make sure you disable Google Safe Browsing and any other similar systems that phone home back to Google. You can use Yandex Safe Browsing API but that takes extra work.
  -Think real hard what to do with your smartphone. Right now the only secure alternative is just using a dumb phone, but an Android device with Cyanogenmod and an alternate app store can do the trick. Especially since Cyanogen is working on a feature to really restrict what an app can do with your info by creating honeypots.
  -If the e-mail server setup is too painful, get an e-mail account with a Russian or a Chinese provider like Yandex.com (also in English) or 163.com (Chinese only). Needless to say, use GnuPG with your e-mails, as painful as that may be. Note that the subject and the From/To/CC fields are visible to anyone. Consider using an alternative to e-mail for secure communications.
  -Keep in mind that using something like Tor means that "Like all current low latency anonymity networks, Tor is vulnerable to traffic analysis from observers who can watch both ends of a user's connection." Also a malicious exit node could send modified code to identify who was doing the original requests.
  -If you truly have to use stuff like Facebook, or use websites that ask for birthdates or whatnot, provide as much false information as you can.
  -If you use services like Evernote, switch to Tomboy and get a Snowy backend.
  -Avoid using credit cards or electronic payments.
  -Play disc-based games on a console that is not connected to the internet, since playing games for Linux are a joke. If you have to do multiplayer go with local multiplayer either with LANs (a dying genre) or a console (party games, rock band, etc).
  I have done some of the stuff mentioned above and by far the coolest one is the VPN, since it also works wonders in places with restricted internet. But in general you have to strike a balance between convenience and security.
Don't need it by dbIII · 2013-06-22 21:09 · Score: 2

Since there is no encryption they don't need a backdoor. If the packets go through a bridge owned by the NSA at a telco they can just collect them and listen when they want to.
I think the thing people really need to worried about is all those "web accelerator" boxes that proxy encrypted data (very stupid idea IMHO) - if the NSA has a back door into any of those you have to hope that nobody associated with them has a gambling problem and decides to use your collected banking username and password - or of course dozens of other less mundane things that could go wrong.
Given what's already happened, if you are in competition with a large US military contractor (Boeing was the one caught last time), you'd better beware of a bit of industrial espionage on their behalf paid for by the taxpayer and be very careful of what gets out onto the net.
1. Re:Don't need it by multimediavt · 2013-06-23 03:10 · Score: 2
  
  Ummm, you don't need a back door when you have a few data centers the size of football fields that can be dedicated to breaking any encryption. Back doors are mostly Hollywood stuff these days, or was that Palm Springs?
Re:How ?? by smash · 2013-06-22 21:39 · Score: 2

Thats the million dollar question (what is considered "Strong encryption"), and yes, I'm not suggesting it is easy. Merely that securing your endpoint software is not enough by a long shot.

--
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
RMS by s1lverl0rd · 2013-06-22 21:50 · Score: 2

You could do what Richard Stallman does:

I generally do not connect to web sites from my own machine, aside from a few sites I have some special relationship with. I fetch web pages from other sites by sending mail to a program (see git://git.gnu.org/womb/hacks.git) that fetches them, much like wget, and then mails them back to me. Then I look at them using a web browser, unless it is easy to see the text in the HTML page directly. I usually try lynx first, then a graphical browser if the page needs it.
I also browse from other people's computers, with their permission. Since I don't identify myself to the sites I visit, this browsing can't be connected with me.
One consequence of this method is that most of the survellance methods used on the Internet can't see me.
It's not the most practical way to browse the Web I would think, but it's an interesting datapoint on the security-convenience scale.
NSA direct access to all servers by benjymouse · 2013-06-22 22:09 · Score: 2

Please be a bit precise here. What exactly is claimed have Microsoft and Google given to the NSA? And how exactly do we "know"?
Come on now. There's a powerpoint that proves it all.
It just needs a little imagination/fantasy and some extrapolation, then it is conclusive, irrefutable proof that the big companies have *all* of them given NSA direct electronic access to the companies' servers to perform any kind of snooping they desire with no judicial oversight.

--
Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
Re:Discovery by jones_supa · 2013-06-22 22:53 · Score: 2

you arrogant little turds ... fucks sake, no god damned shit ... based on unicorn farts ... little asshat turds
You'll get your point better across if you cut that childish angry cursing.
regression by __aaqvdr516 · 2013-06-23 01:26 · Score: 3, Insightful

Your "secure browser" can be compromised by the Operating System. The Operating System can be compromised by the hardware.
The safest way to do your computing is to make all your own chips, assemble it yourself, and write your own OS. Even then you're subject to Man-in-the-Middle attacks, so you're going to have to go lay all your own fiber and do it all over again for those on the other side.
none of the above... by acroyear · 2013-06-23 04:04 · Score: 2

Surveillance happens today at the server level: the Feds claim that, under the PATRIOT act, they can get the records of all visits and all 'cloud' data straight from the server - this is the "PRISM" project, but shades of it have been going for the past decade.
They don't need your client end. They get the server logs, they get the server history of visits, and reverse-lookup you and then collate all visits to as many web services as they can from the particular IP and MAC address, and that's how they put together your history.
Cookies, SSL, HTTPS, none of that matters. The only thing that would escape it is to route through anonymous proxies.

--
"But remember, most lynch mobs aren't this nice." (H.Simpson)
-- Joe
If WebGL isn't a standard, what is? by tepples · 2013-06-23 07:13 · Score: 2

Write for web standards and IE10 supports it pretty well.
What's the closest thing to "web standards" for a 3D view in a web application? Both Chrome and Firefox support WebGL on capable video cards, but Microsoft has refused, complaining about "security problems".