Best web browser in terms of security?

Hi everyone,

I'd really appreciate your input on which web browser I should consider using for best security at this moment in time?

Do I stick to FireFox or perhaps consider an alternative?


Thank you

 

Firefox, or a hardened gecko-based browser (Firefox's engine), such as floorp or librewolf would be your best bet in terms of security. However, you might be sacrificing usability for security. Maybe. I think gecko browsers are dead. Like it or not, I do not, but the web is written for Chrome-based browsers now. Try brave also. See what works best for you.

 

It does not really matter, they all offer the same security features, they just call them differently, like firefox has container abs, chromium browsers have isolated tabs.
It really depends on setup though, in this case LibreWolf is nice, because it has removed "bad" settings, so the default is pretty OK and it can not be setup wrong.
But the most important thing, whether that browser is updated swiftly. Some browsers are months behind their parent, making them more vulnerable to exploits.

 

Edge has a nice feature called 'Enhanced security mode'. It can be enabled for less frequently visited sites (Balanced), or across all sites (Secure).

 

The one with JavaScript disabled

 

Depending on the OS and if one can utilize its built-in security, then any browser can be secure.



Of course if sandboxing is available in the browser, that can help too.




To take things to another level, no extensions added in this case either.

 

According to this site, Firefox seems to have less holes than Chromium, not sure what to think about this. But it doesn't matter that much as long as you use security tools (AV, anti-exploit, adblockers) that can tackle exploits/malware that is launched via browser. Also, you almost never see browser exploits that are geared to consumers anymore, most exploits are reserved for high profile attacks.

https://www.cvedetails.com/product/3264/Mozilla-Firefox.html?vendor_id=452
https://www.cvedetails.com/product/15031/Google-Chrome.html?vendor_id=1224

 

I would say that it is pretty much like security in Linux vs Windows. Firefox is being used less and less and out of 10 users on Windows, 9 use chromium based browsers. So in theory using less used browser might result in less exploits.

 

And use as less browserextensions as possible. They are a potential security risk. A browser is as safe as its extensions are. View this interesting thread:
https://www.wilderssecurity.com/thr...ent-looking-extensions-hold-for-users.446756/

 

Actually on second thought, it's perhaps not true what I said. If you look at the total amount of code execution bugs (which is often used to load malware on the system) Firefox had 185 and Chrome 79 in the last 10 years. Which would mean that Chrome is safer. Not to forget that Firefox was the only browser where hackers could escape from the sandbox in the latest Pwn2Own hacking contest, see link.

https://www.wilderssecurity.com/thr...iner-security-to-pwn2own.453556/#post-3193810

 

No, the 10 years include a period when Firefox didn't have a sandbox and critical parts written in Rust yet. Since they habe been implemented the buffer overflow figures are much lower. The memory corruption figures are still relatively high but much lower than the ones in Chrome.

So? Chrome was affected in previous Pwn2Own contest as well. And it had 4 zero day vulnerabilities with an "high" CVE entry exploited in the wild only in the past 2 weeks.

 

any browser which is part of this procedure is tested.
but to answer the question. currently i think that edge is more secure than other browsers. and this is independant of windows defender which is checking any files from the web, either downloads or cache. i think that smart screen is better than the safe list in chrome or firefox. i still talk about default settings. privacy is a complete different conversation.
what i know that any origin browser creator is fixing issues very fast, google and mozilla to say - other browsers are forks, no exception. edge, brave, opera - libre, pale, other are so much dependant of its origins - no exception!

but - user can raise security when using a decent adblocker - ONE, not more, makes no sense, au contraire.

if you feel comfortable with firefox then stick with it. i am a long time user since phoenix and Netscape Navigator before. after this one with a long distance: Edge. i am sick and tired of chrome, opera and others. bust thats only my personal (deeper) view.

 

Good point, forgot about that.

True, it doesn't mean that Firefox is less secure per say, but it's still worth to note that they couldn't find a new ''zero day'' sandbox escape in Chrome, while they did in Firefox. But the next contest it could be the other way round, who knows.

 

I won't use Edge as I'M on Linux. Nevertheless -is there any evidence that Smart Screen is better than the other lists?

That said, the hagezi lists are quite good particularly if combined with the Threat Intelligence Feeds. They can be easily added to uBO. On the other hand, with Dynamic Filtering in medium or hard mode this is not really necessary.

 

dont know, thats why i wrote "i think" - i did not find any comparison.

you are not forced to use it i guess ?
same for me on android, no edge because of firefox (default browser)
firefox can use more customizations (means: extensions) as any other browser.

ancient views
"sandbox" means "system sandbox", for chrome, edge, firefox and more. it's the "integrity flag" which means "untrusted" or "low" for child processes. depending of its purpose.
one criteria of pwn2own is to break this OS sandbox behavior, whatever OS is used.

edit
https://www.reddit.com/r/privacytoo...gle_safe_browsing_and_smart_screen_on_or_off/

sorry, only one result

 

I use Chrome with JShelter and Ghostery

 

Hey everyone,
Which one would you pick and why?

Complete List of ALL Browsers for all Devices, OS's, and Ages. Top Browser Tips!
"Tony SkyUpdatedec 24, 2024"

* Ghostery
* Mullvad
* Tempest
* Whonix Browser

https://
Website: discover.hubpages.com/technology/All-Browser-Downloads

 

What are the best private browser in 2024.

No. 93
Open-source tests of web browser privacy.
Updated 2024-12-28

Website:
By https:// privacytests.org/

 

While this site looks useful at first glance it's actually rather problematic as it compares apples with oranges. For example, Brave comes with a built-in adblocker, and Librewolf and Mullvad come with uBlock Origin installed by default - while Firefox does not. But if you add uBO to it, the results in "Tracking query parameter tests" and "Tracker content blocking tests" are as good as for the 2 other browsers. Similarly, Firefox uses Enhanced Tracking Protection in Standard Mode, while Librewolf and Mullvad use it in Strict Mode. Both measures can be easily adjusted.

If it comes to fingerprinting protection, both Librewolf and Mullvad use Resist Fingerprinting (RFP) like the Tor browser, but it has its downsides as it can break a lot of websites which is why it's not used in Firefox by default (but you can enable it). In Firefox you can alternatively use FFP (Fingerprinting Protection) by setting privacy.fingerprintingProtection = true in about:config. This randomizes Canvas and Fontmetrics fingerprints.

These are examples which illustrate that this site shows that the standard settings concerning privacy in those browsers are not equally strong. But it fails to show that a stronger protection can be easily achieved, e.g., in Firefox. And it fails to reveal that stronger protections have their downsides which a user must be aware of. Hence, I think that this site simply scratches the surface and is even misleading unless the user is willing to dig deeper.

 

get prepped to deal with a lot of issues, and hopeless reloading of malworking pages.
this is the worst setting in firefox ever.

 

privacy.fingerprintingProtection = true in about:config, isn't that what Firefox Enhanced Tracking Protection does if set to Strict (or Custom), to block known and suspected fingerprinters?
I have Firefox ETP Custom set to block known fingerprinters and suspected fingerprinters in all windows, and in about:config I see the preference is set as privacy.fingerprintingProtection = true.
I cannot say that I see issues like reloading of malfunctioning pages. Only for perhaps 1 in 500 or 1000 websites, I need to disable Firefox ETP to get it working correctly.

 

ETP is NOT (anti) fingerprinting, thats another feature.

but a lot of other users had. i dont wrote for nothing that this is the worst setting in firefox.

one problem is that it sets your user agent to esr. wait, 128 esr? no, even worse: 115 esr.
oauth is not working, getting extensions - not possible. only few exceptional failures, a lot more in background. it fakes also the viewport settings, means - monitor width/heights are wrong.

the list is so long, very very long, use "searchfox" for dependencies.

i only can tell you about failures. native users are not able to see, technically spoken, if a website works in total, or not. keyword is "in total", not "page".

 

In Firefox Settings, Privacy & Security, blocking fingerprinters is part of Enhanced Tracking Protection.

 

Hi

i'm a firefox user . and sadly yes , I think it won't work in the future

I never trusted in chrome and brave even i have installed brave on my phone for ublock origin extension
even many users say it's very slow , it pretty snappy and faster than firefox on my phones

may i ask is chrominim developed by google?

in short ready for monopoly , chrominim

and can i ask all of them are pretty safe under linux .right?

 

hi
but mostly all site need javascript enabled , and about ghostery is more effective than ublock and adguard?