/cyber/ - Cyberpunk & Science Fiction

>>47424

You are looking for stuff that does not exist.

To narrow down your search, what do you mean by "securely browse"? What would you want it to mean?

I would suggest finding a live cd/usb (linux) distribution that you can live with, and use that.

Try Tails, and if that is too much, check Ubuntu/Lubuntu first and go from there and if you can work with them, you are set. Wikipedia has a long list of live distributions to check and try. Then just burn(?) a USB key (/cd/dvd?) for your choice of things, and use that for browsing.

And if you have few hundred bobs extra to spend, buy one of them cheapo laptops (without Intel ME, good luck with that for new hardware), wipe the harddrive on the moment you receive them, and then use your live USB distro on them. So your "browsing" never touches the actual computer you use for your… "stuff"… makes it more… "secure".

If you want to browse securely on top of your Mac/Wingaze, by just installing another "app"… through your own cable connection, through your own/work ISP… keep on dreaming.

>>47426

To clarify, I'm not talking about a secure connection or a secure OS, I'm just talking about browser applications. Doesn't have to be bulletproof, but I'm looking for an application that's not spyware like chrome.

Here you go mate https://www.srware.net/en/software_srware_iron.php

Unfortunately higher security projects like xombroro are no longer developed.

O P E R A

>>47436

Using closed source OS, then talking about a "secure browser" is just… not relevant? In my personal opinion it is not.

I would use Firefox ESR with a set of extensions before "Epic", QupZilla and so forth, but what is it that you want to do with your browser?

If you do personal banking on the browser, do you trust the browser is one thing to ask. Do you trust the underlying OS is another.

If convenience is the most imporant thing, then all this is just another wothless jive…

Take a step back, and learn to make a live USB to boot from, then put some real tools on that. You can't build a secure platform on an insecure one.

>>47454

>Using closed source OS, then talking about a "secure browser" is just… not relevant? In my personal opinion it is not.

Depends on your threat model. If you do not consider pervasive mass surveillance by government(s) a threat, and consider microsoft/adobe trusted parties, it can be meaningful to talk about a secure browser on top of Windows.

Of course, I cannot imagine any /cyber/ poster being down with pervasive mass surveillance, which makes all closed source code suspect.

I like SRware Iron. All the usual extensions are needed tho (ublock origin, https everywhere, random user agen switcher.

>>47424

Do you spoof or not spoof user agent?

I like the idea of the political advocacy that comes with telling service providers "I use *nix".

>protprietary pajeet chrome clone focused on "privacy"

>srware iron

>opera

Woah, we're reaching larp levels neither of lainchans achieved.

Here's a serious advice: start using Tor Browser and learn how it's designed, then pick a bare Soros/Firefox and tweak it for normal usage by removing home phoning but try not to fall into full placebo pit like Adnauseam/User Agent Switcher users do. Learn how websites identify and track you, learn how you can be infected or deanonymized through browser.

Stop visiting websites that break too much when you disable scripts or add lists to your firewall/adblock, there is 99% probability of those websites being shit and not having any meaningful information to gather from.

If you just need low attack surface, use simple HTML rendering browsers with no built-in javascript support like Dillo, w3m, Links. For videos, I'd assume you mean YouTube and the likes. Because simple embedded videos can be downloaded with right click.

Happily, a program called youtube-dl exists. It supports lots of websites to download from, it can even run live streams and you can send it's output to video player software. Should I say, you can also use it over Tor and still get reasonable speeds?

When you say secure you have to have a threat model.

If your threat model includes only an ordinary attacker using conventional methods (like say a pentester), simply having up to date software might be good enough. You can increase security margin by reducing attack surface: Limiting plugins installed, setting plugins click to play, limiting javscript, blocking unwanted third party content. Using corrective security measures like sand-boxing, or virtualization might be considered extreme (Qubes temporary VMs are awesome here). Detective measures like anti-virus, or HIPS might be useful as well.

If your threat model includes advertisers you might want to add to the above blackholing known addnetworks, disabling 3rd party cookies, periodically clearing cookies, possibly vpn/tor use . You also need to ask yourself if you trust your software vendors to do the right thing here. Consult the EFFs prism break guide. Operational security measures might be useful here as well.

If your threat model includes governments then do not use proprietary software.