Nice looking icons. Thanks again TNT!
Seemed like a good idea at first but not sure anyone will want to type the path to password evertime one is needed. Stoped using it myself.
pass qubes -c path/to/some/password
Removed maintainer template since this is “default support level”.
Created and added:
https://www.whonix.org/wiki/Template:SecBrowser_Supported_Platforms_Icons
Also added at the very top small platform icons and the free symbol.
[[File:Windows_logo_-_2012.svg.png|30px|link=SecBrowser/Windows]] [[File:rsz_osx.png|30px|link=SecBrowser/macOS]] [[File:Tux.png|30px|link=SecBrowser/Debian]] [[File:qubes-logo-blue.png|30px|link=SecBrowser/Qubes]] {{#widget:Free}}
to illustrate what platforms are supported and being free of charge.
improved exploit protection through selfrando
It seems like selfrando was removed from the Tor Browser a while ago.
I’m not sure what advantage it would have over ASLR anyway.
Full RELRO
Full RELRO is also dependent on the distro, not Firefox. For example, Fedora and Arch enable it for Firefox by default.
So, I don’t really consider these as TBB security improvements over ordinary Firefox.
Wondering if we should disable letterboxing in SecBrowser by default.
I think it would be a good idea. It’s only useful for fingerprinting protection which isn’t SecBrowser’s goal and it causes a lot of confusion.
If Secbrowser is the defacto Torless browser we will use for Zeronet/I2P/Freenet then no I don’t think we should as we still want the privacy protections intact but not have the traffic forced thru Tor by default.
SecBrowser is hidden by default in Whonix to avoid confusion. Documented as clearnet browser only.
SecBrowser ™: A Security-hardened, Non-anonymous Browser
Therefore no guarantees about Zeronet/I2P/Freenet.
We might want to set network.IDN_show_punycode to true by default to fix very hard to notice Phishing Scam - Firefox / Tor Browser URL not showing real Domain Name - Homograph attack (Punycode). Waiting to see if any arguments come up against that in near future.
That’s kinda leading into modifying Tor.
It’d probably be best to wait until the Tor Project enables it.
Applies to Tor Browser. Offtopic here.
Does not apply to SecBrowser. There we have full flexibility to optimize for clearnet, security, non-Whonix.
For history purposes, it’s archived.
- https://web.archive.org/web/20191116075907/https://www.whonix.org/wiki/Tor_Browser_without_Tor
- https://web.archive.org/web/20191116075929/https://www.whonix.org/w/index.php?title=Tor_Browser_without_Tor&action=history
- https://web.archive.org/web/20191116080115/https://www.whonix.org/w/index.php?title=Tor_Browser_without_Tor&oldid=30298
Redirecting SecBrowser ™ has been deprecated! to SecBrowser ™ has been deprecated! since that page pops up in google results, is outdated and could be confusing. Wiki history is still there in case you like to archive something extra.
Yay! SecBrowser ™ has been deprecated! was recently updated by anonymous (have my theories who that was, though :)). Motivated me to add some updates on top. All recent changes:
Without any customization, SecBrowser ™ default configuration offers better security than Firefox, Google Chrome or Microsoft Edge.
This isn’t true. Chrome has far better security than Firefox due to having a much stronger sandbox [1], strict site isolation [2], hardened memory allocator [3], control flow integrity [4] etc. SecBrowser can’t add any of this.
Just look at what experts like Daniel Micay [5] or thegrugq [6] say. Also see this (although dated) study http://files.accuvant.com/web/files/AccuvantBrowserSecCompar_FINAL.pdf
In no way am I recommending chrome though (since it’s spyware), but we should at least stay factual.
[1]: Chromium Docs - Sandbox
[2]: Site Isolation
[3]: PartitionAlloc Design
[4]: Control Flow Integrity
[5]: Usage guide | GrapheneOS
[6]: Tor and its Discontents. Problems with Tor usage as panacea | by thaddeus t. grugq | Medium
Your sources are outdated. Modern Firefox has significantly improved it’s security.