Ask Slashdot: Most Secure Browser In an Age of Surveillance?

An anonymous reader writes "With the discovery that the NSA may be gathering extensive amounts of data, and the evidence suggesting makers of some of the most popular browsers may be in on the action, I am more than a little wary of which web browser to use. Thus, I pose a question to the community: is there a 'most secure' browser in terms of avoiding personal data collection? Assuming we all know by know how to 'safely' browse the internet (don't click on that ad offering to free your computer of infections) what can the lay person do have a modicum of protection, or at least peace of mind?"

Re:Internet Explorer

[Mitchell314]

Pretty sure it there's no big difference in security/privacy between modern browsers when you take the usual steps. Y'know, disable the problemchild plugins, limit cookies, use privacy mode, and keep javascript on a white-list basis. Of course, you can still technically be tracked by behavior and server-side stuff, but those have bugger-all to do with the browser.

Helpful guidelines from EFF

[LoneHighway]

The EFF has provided an up to date list of privacy-enabling tools in the age of Prism. http://prism-break.org/ [prism-break.org]

Re:Internet Explorer

[smash]

When the backbone is compromised, you're pretty much fucked unless you run strong encryption everywhere and obfuscate who you are talking to. Irrespective of whether your browser is open source - if it doesn't do the above, you're boned.

Re:Internet Explorer

[Anonymous Coward]

They at least get early Zero-Day access. I'm guessing they have more.

http://arstechnica.com/security/2013/06/nsa-gets-early-access-to-zero-day-data-from-microsoft-others/

Re:Well...

[Seumas]

Well, we know that Microsoft and Google have apparently been giving a feed of data to the NSA for quite some time, now.

They make two of the three dominant browsers.

Anyway, the only thing you can do is utilize strong encryption. Nothing else matters, because everything you do goes through your ISP and can be (and probably is) picked up/tracked there. Unless you're encrypting, that's your weakest point.

Re:Internet Explorer

[cyssero]

Rising [rising-global.com] are a Chinese company listed as an anti-virus partner by Microsoft [microsoft.com].

Re:Internet Explorer

[Anonymous Coward]

Ah.. an anti-ms troll still stick in 1999. _NSAKEY has nothing to do with backdoors. Its understandable that non-technical simpletons would mistake it as such.

http://www.schneier.com/crypto-gram-9909.html#NSAKeyinMicrosoftCryptoAPI [schneier.com]

Re:Helpful guidelines from EFF

[Anonymous Coward]

"The EFF has provided an up to date list [...]"

Why would you write that?
That page is NOT from the EFF.

It's created by Peng Zhong (from Nylira).

Re:actually it's pretty irrelevant

[bill_mcgonigle]

... the snooping is done on your ISP's backbone, and the browser you use makes little difference.

If you're just using a stock browser, this is somewhat true. But for privacy you wouldn't do that.

For instance, installing the HTTPS Everywhere extension will get you secure connections to as many sites as possible. That's a direct counter to pervasive snooping. I use it with Firefox and also NoScript, Ghostery, RefControl, and CookieMonster, and that set does a fairly decent job of having a more privacy-oriented (and faster) browsing experience. It also makes the NSA's eavesdropping more difficult, but that's just a nice side effect of not sharing your every move with the commercial trackers out there (I installed them all well before I'd ever heard of Snowden). The nice thing about solid security approaches is that they proactively defend against unknown attackers.