Which 3rd-party browser has best security features?
- Thread starter shmu26
- Start date
- Jul 3, 2015
- 8,153
Can people please dig up the bad stuff on Yandex browser? (Not on the search engine -- it's for Russian speakers.)
I couldn't find dirt.
Security-wise I think Yandex (like Chrome/FF) is great
But privacy-wise I think they sucks. You download and read the below article just on Safe Browsing comparison between Google/Yandex/Mozilla. At least Mozilla minimizes user tracking when using its (Google) Safe Browsing
https://hal.inria.fr/hal-01120186v3/document
Last edited:
- Jul 3, 2015
- 8,153
Here's some dirt on Yandex, about how a vulnerability was discovered and they were super lazy about fixing it
CSRF Vulnerability in Yandex Browser Allows Attackers to Steal Victim's Browsing Data
CSRF Vulnerability in Yandex Browser Allows Attackers to Steal Victim's Browsing Data
- Jul 3, 2015
- 8,153
But the prob was eventually patched, and anyways, I think that security-conscious users generally avoid saving sensitive passwords in their browser, because of this very issue.
- Sep 26, 2014
- 2,973
As @Prorootect mentioned Cent has many security settings.
SlimJet in my opinion is also a good choice and Yandex.
These browsers offer quite a few security settings.
But if someone really needs to feel safe then i suggest to strengthen his/her security config.
When i do some risky browsing i always have Shadow Defender enabled.
Personally i choose a browser first on it's performance and second for it's security settings.
At the moment Cent has the best performance on my system.
SlimJet in my opinion is also a good choice and Yandex.
These browsers offer quite a few security settings.
But if someone really needs to feel safe then i suggest to strengthen his/her security config.
When i do some risky browsing i always have Shadow Defender enabled.
Personally i choose a browser first on it's performance and second for it's security settings.
At the moment Cent has the best performance on my system.
- Nov 5, 2011
- 5,855
NOT "chinese", please, but Americains of chinese origin, BIG difference.
- developed by "UltraReach Internet Corp. U.S.A."
Ultrareach Internet Corp., was founded in 2001 by a small group of Silicon Valley engineers dedicated to the promotion of the free exchange of information. In 2002, we launched Ultrasurf, one of the world’s most popular anti-censorship, pro-privacy software. Ultrasurf enables internet users to protect their security and anonymity online while bypassing internet censorship, and is free to users.
The tool was originally designed for internet users in Mainland China, where the internet is heavily censored and internet users’ activities monitored. With the advent of Ultrasurf and other circumvention tools, these internet users are provided a lifeline to access and share information freely. After nearly a decade of development, our technology has proven extremely resilient and adaptable in the face of increasingly advanced censorship techniques and aggressive blocking attempts.
Our success in helping Internet users in China surf the web in freedom and safety has attracted the attention of internet users beyond China’s borders. Today, Ultrareach has millions of users from over 180 countries.
Ultrasurf also helps internet users to encrypt their communications, and protect their IP address from the websites visited; it is recommended in particular for use at wireless hotspots and public WiFi networks.
- it's from Ultrasurf/About page: About Ultrasurf and Ultrareach - Internet Freedom, Privacy, and Security
From your Wikipedia link to read:
"UltraSurf is a freeware Internet censorship circumvention product created by UltraReach Internet Corporation. The software enables its users to bypass Internet censorship and firewalls using an HTTP proxy server, and employs encryptionprotocols for privacy.
The software was developed by Chinese dissidents as a means of allowing internet users to bypass the Great Firewall of China. It currently boasts as many as 11 million users worldwide. The tool has been lauded as "one of the most important free-speech tools on the Internet" by Wired, and as the "best performing" circumvention tool by Harvard University in a 2007 study; a 2011 study by Freedom House ranked it fourth..."
The "definitive review" by Jacob Appelbaum from Tor - is very objectionable article, nasty. It's a a loss of time, reading such senseless skies, from a competitive company......
Protect your fan and CPU cycles, that's all.
Generally, I agree with this assessment and I am a pretty good example of it in action. If I cannot fully secure a network from all known and unknown threats then it is incredibly unlikely anyone else can. I'm not bragging, but it's my specialty, it's my engineering degree, it's my engineering certifications and it's 2 decades of training in it. If they do want in, they'll eventually get in. If not initially, then they will patiently await your next mistake and be ready to exploit it.
The first and primary method is to probe your network, gather information and utilize that intelligence to formulate an attack plan. They'll find a vector of attack, if not immediately, they'll find one shortly or an up and coming one you neglected to consider. Most of the off-the-shelf stuff amounts to playing security theater in the end IMO. Generally, you are dealing with entities that have virtually unlimited resources. They can throw millions at a company that owns the software you use if they need to. Your security theater amounts to speed bumps for the eventuality you'll be compromised, slow them down, make things difficult, sure and good job but - all speed bumps in the end.
They'll go after your weakest commodity. The kids, the wife, the uncle that visits every couple of weeks. Your weakest link will be the vector of attack. They won't start with you because you are smart, you are crafty, you know counter intelligence and know how to secure your personal machine. It's Uncle Bill or your child that is the doorway into further information gathering and surveillance. You likely don't have the time or energy to secure everyone around you, nor do you want to deal with the headaches involved or the inconveniences to those people with a severely locked down lifestyle.
Now the question is - will they expend the effort? Probably not in the majority of cases. But if you detect them, then stop it, they'll wonder why you are worried about it or what you are hiding and it will escalate the matter. Once escalated, if you continue to present hardships and roadblocks, it will escalate it further along and suddenly assets and money will be pushed into your direction. A cold war develops and continues to escalate. At which point you need to decide, continue to play the game, give up, or perhaps use your own counter intelligence and start feeding them fake information or make it appear like you made mistakes and they are seeing 'everything' when they really aren't? In all of those cases they'll eventually unlatch from you and revert back to passive surveillance.
It is fully possible to secure your personal information from virtually all forms of spying/intrusion. We know this. It is virtually impossible to fully secure your network from all possible intrusion methods. We also know this. So you must find balance.. Secure your most sensitive information in ways you can virtually guarantee it will be safe, that'll keep kiddies, under funded actors, well funded actors and targeted surveillance out of your loot.. Secure your network using accepted practices, that'll keep the kiddies and under funded state actors out, but accept the inevitable that no network can be totally secured from all vectors from well funded state actors.
Carry on.
It can't be doing what it is doing without controlling what other running programs can do, which it is only going to achieve what it is via injecting code & setting hooks to control various APIs (probably NTDLL) or a kernel-mode driver for patching/callbacks. It will just filter to only detect attacks on the browser and nothing else but doing these things can still conflict with some AVs depending on situation if it is trying to hook the same routine but if it took the driver route it should be less likely to have issues because callbacks can be used by multiple software at the same time (it'll just pass to each one in an order based on altitude)
The single process for the protection feature will just be there to handle communications to and from the monitored clients (processes) or the kernel-mode driver. My guess would be named pipes, ports and/or shared memory
I can't test it out because I cannot get it on my Virtual Environment. I've gone through all the guides and the feature doesn't exist for me, and multiple re-installations. I think it might be available depending on your region but I never saw anything about FR restrictions...
If I can get access to the feature then I'll be able to check how it does what it does
- Jul 3, 2015
- 8,153
The feature was unavailable to me at first. Then I switched to admin user account, and it said unavailable because OS is not supported (win10 x64 RS3). Later, magically, it started working all by itself.
- Feb 10, 2012
- 585
All are crap 1 by 1 dont trust any one, put all them in to the condom
Sandbox and Virtualization + SRP all by way d[-,-]b
Try Isolate and block acess(read/write) to other files which dont need.
Sandbox and Virtualization + SRP all by way d[-,-]b
Try Isolate and block acess(read/write) to other files which dont need.
- Aug 21, 2013
- 90
chrome and edge/ie use appcontainer
others i don't know
appcontainer integrity level is the best. so no appcontainer=no good
others i don't know
appcontainer integrity level is the best. so no appcontainer=no good
- Nov 9, 2012
- 363
Really liked the line and the option "All the major browsers are secure enough". True enough 
Of course, we all go deep here (in terms of security, experience and common-sense), but nicely thought to put this option there too
Of course, we all go deep here (in terms of security, experience and common-sense), but nicely thought to put this option there too
- Jul 3, 2015
- 8,153
Thanks!Really liked the line and the option "All the major browsers are secure enough". True enough
- Jul 6, 2017
- 2,392
Similar threads
