What browser do you use?

[roy]

When it comes to security, Chrome has far better security than Firefox. Firefox is actually one of the least secure browsers.

Based on my own research, expert opinions, and personal opinion, I would respectfully disagree.

While Chrome is certainly not an insecure browser, Firefox simply trumps it, specifically in terms of privacy. Chrome does receive security and privacy update patches more frequently than any other browser I am aware of, however, Firefox is overall more secure and focused on user privacy. The differences between Firefox and Chrome in terms of anti-phishing and malware protection is more or less negligible. Nevertheless, it is no secret Chrome (and more specifically Google) are infamous for tracking and invasions of privacy and recently several U.S. states launched investigations into Google over privacy concerns [and antitrust violations]¹. Meanwhile, Firefox is (as far as I am aware) the only popular web browser which is open source, thus giving it's users a sense of security that no malicious practices are going on within the browser without their knowledge. Moreover, Firefox offers Content Blocking, allowing users to prevent websites from tracking them and simultaneously blocking popups, external links, and generally enhancing the privacy and experience of users. Out of my own testing and that of research, Chrome is significantly slower than Firefox. Before posting this message, I ran a quick test and Chrome took 5.95 seconds to load mc-market.org while Firefox took just 3.09 seconds. Lastly, Firefox offers a whole host of password and privacy features such as built-in Two Factor Authentication, statistics for which sites are having content tracking blocked, automatic breach alerts for your stored emails and passwords, as well as compatibility with iOS for fingerprint and FaceID password protection.

I will conclude by referencing and privacy ranking article made by ExpressVPN where out of the nine most popular browsers (IE, Edge, Opera, Chrome, Chromium, Apple Safari, Brave, Firefox, and Tor), Chrome ranked 6th receiving 9/15 stars while Firefox ranked 2nd with 13.5/15 [with Tor being ranked 1st]².
--
¹ - https://www.nytimes.com/2019/09/09/technology/google-antitrust-investigation.html
² - https://www.expressvpn.com/blog/best-browsers-for-privacy/

 

[alice]

Brave and FF have great sync!

Privacy Possum has more active devs. As for Brave, not sure but Privacy Tools - ThePrivacyMachine and tons of threads on r/privacytools have it though.


So uhhhhh... every single place every disagrees with you and basically says that statement was written by a 90 year old grandma on steriods. Some sources for this? This one of the worst statements I've ever heard. (ly though)

Based on my own research, expert opinions, and personal opinion, I would respectfully disagree.

While Chrome is certainly not an insecure browser, Firefox simply trumps it, specifically in terms of privacy. Chrome does receive security and privacy update patches more frequently than any other browser I am aware of, however, Firefox is overall more secure and focused on user privacy. The differences between Firefox and Chrome in terms of anti-phishing and malware protection is more or less negligible. Nevertheless, it is no secret Chrome (and more specifically Google) are infamous for tracking and invasions of privacy and recently several U.S. states launched investigations into Google over privacy concerns [and antitrust violations]¹. Meanwhile, Firefox is (as far as I am aware) the only popular web browser which is open source, thus giving it's users a sense of security that no malicious practices are going on within the browser without their knowledge. Moreover, Firefox offers Content Blocking, allowing users to prevent websites from tracking them and simultaneously blocking popups, external links, and generally enhancing the privacy and experience of users. Out of my own testing and that of research, Chrome is significantly slower than Firefox. Before posting this message, I ran a quick test and Chrome took 5.95 seconds to load mc-market.org while Firefox took just 3.09 seconds. Lastly, Firefox offers a whole host of password and privacy features such as built-in Two Factor Authentication, statistics for which sites are having content tracking blocked, automatic breach alerts for your stored emails and passwords, as well as compatibility with iOS for fingerprint and FaceID password protection.

I will conclude by referencing and privacy ranking article made by ExpressVPN where out of the nine most popular browsers (IE, Edge, Opera, Chrome, Chromium, Apple Safari, Brave, Firefox, and Tor), Chrome ranked 6th receiving 9/15 stars while Firefox ranked 2nd with 13.5/15 [with Tor being ranked 1st]².
--
¹ - https://www.nytimes.com/2019/09/09/technology/google-antitrust-investigation.html
² - https://www.expressvpn.com/blog/best-browsers-for-privacy/

Quoting a security researcher from a 1 year old post:

"Chrome uses extensive sandboxing and privilege separation and has a very, very dedicated security team.

Firefox uses jemalloc (at least on Linux) which reduces the effectiveness of ASLR. It lacks sandboxing (and its current attempt at "sandboxing" is pretty sad, having very coarse-grained policies). It is multithreaded, not multiprocess (though it is trying to support multiprocess, it's still highly buggy). The code itself is low quality, being full of bad casts (whereas, say, Chromium makes all bad casts fatal in order to implement CFI). It does not sandbox the GPU and, if I recall, the developers said they would never sandbox the GPU...

It does not separate the page content (the DOM tree, JS, etc) from the process displaying the tab. It is full of undefined behavior (whereas Chromium is regularly compiled with UBSAN), some of which can be made easily exploitable. It uses XUL in its interface which is basically privileged JavaScript. The ESR version only fixes critical security bugs, intentionally leaving "moderate" bugs in the code. It has truly ancient extant bugs, many security-related and 7 years old or older (for example its SIGTERM handling on Linux, and the bug involving image tags and HTTP auth)

A neat analysis of its memory management was put on Phrack. It hasn't yet fixed the file:// vulnerability from months ago which allows proxy bypass (Tor Project had to rip that code out of the browser to even make it workable). They used to manually vet all extensions with a thorough security audit before permitting them, but have recently done away with that and do automated static analysis (leading to several malicious plugins being accepted). The only thing FF is good at is having a slow rate of development, which makes forking it simpler.")

Furthermore, Firefox fails miserably at Pwn2Own (browser hacking contest) every year and scores the lowest, while Chrome always comes out on top. In 2016, Firefox wasn't even in the contest because it would have been "too easy to hack".

 

[utaninja]

Quoting a security researcher from a 1 year old post:

"Chrome uses extensive sandboxing and privilege separation and has a very, very dedicated security team.

Firefox uses jemalloc (at least on Linux) which reduces the effectiveness of ASLR. It lacks sandboxing (and its current attempt at "sandboxing" is pretty sad, having very coarse-grained policies). It is multithreaded, not multiprocess (though it is trying to support multiprocess, it's still highly buggy). The code itself is low quality, being full of bad casts (whereas, say, Chromium makes all bad casts fatal in order to implement CFI). It does not sandbox the GPU and, if I recall, the developers said they would never sandbox the GPU...

It does not separate the page content (the DOM tree, JS, etc) from the process displaying the tab. It is full of undefined behavior (whereas Chromium is regularly compiled with UBSAN), some of which can be made easily exploitable. It uses XUL in its interface which is basically privileged JavaScript. The ESR version only fixes critical security bugs, intentionally leaving "moderate" bugs in the code. It has truly ancient extant bugs, many security-related and 7 years old or older (for example its SIGTERM handling on Linux, and the bug involving image tags and HTTP auth)

A neat analysis of its memory management was put on Phrack. It hasn't yet fixed the file:// vulnerability from months ago which allows proxy bypass (Tor Project had to rip that code out of the browser to even make it workable). They used to manually vet all extensions with a thorough security audit before permitting them, but have recently done away with that and do automated static analysis (leading to several malicious plugins being accepted). The only thing FF is good at is having a slow rate of development, which makes forking it simpler.")

Furthermore, Firefox fails miserably at Pwn2Own (browser hacking contest) every year and scores the lowest, while Chrome always comes out on top. In 2016, Firefox wasn't even in the contest because it would have been "too easy to hack".

You mention something from a year ago and from 2016. Have you checked out Firefox quantum? This is all a mis-communication. we're all talking about quantum, not the old FF

 

[alice]

You mention something from a year ago and from 2016. Have you checked out Firefox quantum? This is all a mis-communication. we're all talking about quantum, not the old FF

FF Quantum certainly looks like an improvement, but it still seems to have many of the same old issues security-wise.

 

[utaninja]

FF Quantum certainly looks like an improvement, but it still seems to have many of the same old issues security-wise.

Source for this? Every website I've checked says the opposite

 

[Niteburn]

Personally I like Chrome better because I am used to using Google for lots of things (search, email, docs, drive) and I like the design better than Firefox. I can see why people will use Firefox though for more privacy and stuff but all of that can also be achieved through chrome anyways from my understanding.

 

[alice]

Source for this? Every website I've checked says the opposite

You'll have to do the research yourself. Based on my quick research, the FF team is still in the process in rewriting and overhauling the browser, so it still has some remnants of the old browser. FF also uses Chromium sandbox (although with different settings), but I don't think it's any secret that Chrome's technologies and security standards have always been a step above, mainly because Chrome has always had a highly dedicated security team, whereas Firefox has only recently started to give a shit.

Tor literally is Firefox lol

Tor is not a browser.

 

[AlarminqAppeal]

Chrome on top baby

 

[one two three]

I can see why people will use Firefox though for more privacy and stuff but all of that can also be achieved through chrome anyways from my understanding.

Chrome phones home to Google, if you're using it, even in Incognito mode, expect zero privacy. i mean, if you want to really delve deep, technically Firefox does the same (with regards to Google Safe Browsing), but it's blockable (with Chrome it isn't).

Privacy Possum has more active devs.

source? github page says otherwise, unless master isn't the main branch, and the extension was last updated in July as well - https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/

I've heard that Brave uses shady business models and injects its own ads into the browser while blocking competitor ads.

mind sending me a source for this?

 

[utaninja]

Chrome phones home to Google, if you're using it, even in Incognito mode, expect zero privacy. i mean, if you want to really delve deep, technically Firefox does the same (with regards to Google Safe Browsing), but it's blockable (with Chrome it isn't).


source? github page says otherwise, unless master isn't the main branch, and the extension was last updated in July as well - https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/


mind sending me a source for this?

Don't worry, ally thinks Chrome has amazing security and is the best option out there. As for privacy possum, let me look.
As for the brave comment, he's probably referring to BAT

 

[root]

Have you tried swapping Chrome with other chromium-based browsers? This could eliminate chrome while solving your running things issues.
https://vivaldi.com/ - I don't like this one but it's reasonable privacy secured
https://brave.com/ - Best option in my opinion
https://www.opera.com/ - Chinese company but if you must
https://www.epicbrowser.com/ - No experience but apparently outdated

Changing to brave now It looks pretty good, especially with in-built tor private browsing.

 

[User]

used to use firefox, then switched to chrome, then switched to opera like 4 years ago and i've stuck with it since. vivaldi is garbage, i've never tried brave/epic, and i dislike tor's simplicity although if i ever decide to visit the darknet i'll be on tails + tor

 

[one two three]

It looks pretty good, especially with in-built tor private browsing.

DO NOT use Tor mode on Brave. its only purpose is to hide your IP address. Tor Browser Bundle (TBB ) is far better than Tor on Brave as it adds extra privacy protection and other Tor features, plus it's developed by the Tor Project.

 

[wild]

chrome firefox edge

 

[cts]

chrome ftw

 

[utaninja]

Tor literally is Firefox lol

Tor is literally not. That's like saying Opera literally is google chrome lol.

That's like saying you and I are literally the same because on a biological level we both have legs.

 

[alice]

yes it is
https://www.torproject.org/download/

No, it's not. Tor is a network.