PS: I don't actually know to what extent the LSO issues apply to OpenBSD, as there is only limited Flash compatibility, but anyway.
2009/12/18 ropers <rop...@gmail.com>: > 2009/12/18 Brad Tilley <misc@openbsd.org>: >> On Fri, 18 Dec 2009 19:25 +0000, "nixlists" <nixmli...@gmail.com> wrote: >>> Hi. People on this list are security-conscious. I wonder what browsers >>> they use? >>> What browsers do you consider more secure than others? >>> Granted, they're all full of all kinds of holes, but what do you do to >>> tighten their security? >> >> I like Firefox with noscript and adblock to stop the javascript. > > Some people wouldn't consider these strictly *security* features, but > if you're using Firefox it helps to be aware of > firefox -ProfileManager > and use that to keep stuff separate. Additionally, you can also use > -no-remote and -P <profilename> to concurrently run two or more > firefox instances with different profiles. Cf.: > http://kb.mozillazine.org/Command_line_arguments > > Also be aware that even after you've deleted all traditional cookies, > so-called "Flash cookies" (LSOs) may still persist, and sneaky sites > do use those to track you as well. > One add-on that you can use to kill those is this; > http://netticat.ath.cx/BetterPrivacy/BetterPrivacy.htm > (And even after deleting all cookies and LSOs, sites can still tell > what other places on the web you've been to, due to CSS leaking that > info, which may be unfixable, cf. e.g. > http://www.amirharel.com/2009/09/20/css-privacy/ ) > > Finally, if you use Adblock Plus, you owe it to yourself to also use > Element Hiding Helper. > > This will not necessarily make Firefox "more secure than others", and > there are lots of things about Firefox that suck ass, but the above > will, "tighten [its] security", at least for some value of security. > > --regards, > ropers
