Hey!
<snark>
Tell me more about your usecase. One can get pretty far, by installing
chromium on the raspberri pi, setting the "read only" physical switch on
your SD card to true, connecting to the PI via VNC, and rebooting the pi on
every page refresh. If you want to do "tabbed browsing" you can have a
stack of 5 or six Pi's on your desk, with one Pi per tab. How secure do you
need?
</snark>
Joking aside, chromium has a security model of putting each tab in it's own
user namespace. This should be pretty secure, though privilege escalation
attacks on Linux are far from unheard of. Firefox, on the other hand, has
many more security options in terms of "limiting attack surfaces". On
firefox you can "lock the browser down" by dissabling scripts, images,
multimedia, ect.
<snark>
Other good browsers, for the extremely paranoid, are the text based ones.
This comes from the ease with which one can do a practical version of my
previous Raspberi pi stacking joke, throw links or elinks(both browsers of
Czech heritage) into a VM running something light like busybox, and ssh in
to browse the web. Make sure your VMs are stateless(the same as having that
physical read only switch turned on on the raspberry pi) and that you
restart them every couple of minutes while web browsing. These text based
browsers have an advantage, for us brmlab members. If you choose to use,
say elinks, then you can personally go and beat the shit out of pasky if you
find a security flaw in it. This should motivate him to ensure high coding
standards, and not to waste time doing useless biolab research and other
time-wasters like sleeping.
While we're dealing with security, we have yet to discuss such security
methods as proxies and tor. Of course you don't want an attacker to gain
access to your system. One of the greatest threats is physical access. If
the police come to your house, break down your door, and steal your laptop
they may be able to access your bank account information. To limit these
risks, of course encrypted memory, and writing nothing to disk can help. I
like to make it an integral part of my houses alarm system, that if the door
is opened unexpectedly, my computer restarts, thus ensuring all my data
(which is held in an encrypted ram disk, is safely lost). However, there is
still risk. So in order to escape that risk, we use TOR and other services.
My recommendation is to not use TOR directly but through several layers of
proxy.
</snark>
Timothy
---------- Původní zpráva ----------
Od: Mario Lombardo <[email protected]>
Komu: Brmlab: Hackerspace Prague (main discussion) <[email protected]>
Datum: 14. 3. 2014 0:14:30
Předmět: [Brmlab] most secure web browser for a laptop/desktop computer
"Hi everybody.
I don't want to start a holy war, but what do you consider the most secure
web browser for a laptop/desktop OS? Academic replies are also welcome.
zatím
/mario
_______________________________________________
Brmlab mailing list
[email protected]
http://brmlab.cz/cgi-bin/mailman/listinfo/brmlab";
_______________________________________________
Brmlab mailing list
[email protected]
http://brmlab.cz/cgi-bin/mailman/listinfo/brmlab
