Which web browser is the most private and secure

A month ago I set out to find the browser that best protects your privacy online and offers the best security. There are over 25 available browsers out there for Mac. Some are well known, others are not. Some have features others don’t have and some are more secure than others. There’s a lot to consider when picking a good browser and everyone has their own definition of what makes a browser the best. For me, the number one priority is security and privacy. I started eliminating browsers from the list, first by looking at the latest release date and update history. Browsers that had not been updated in a long time and/or show long periods of time between updates were eliminated as these are most likely outdated when it comes to features and the latest security and privacy implementations. This narrowed the list down to 11.

Chrome
Chromium
Dooble
Konqueror
Maxthon
Midori
Mozilla Firefox
Opera
QupZilla
Safari
SeaMonkey

The 11 remaining browsers were checked for basic features that anyone would expect to be present in a browser. Search engine toolbar, private browsing, download manager, tabbed browsing, pop-up blocking, html5 support, password management, easy to obtain and install and etc. The list was narrowed down to 7.
Chrome
Dooble
Maxthon
Mozilla Firefox
Opera
QupZilla
Safari

And after a few other features and tests like IPv6 support, most common plugins support, most common protocol support, Acid test scores, javascript benchmark test, HTML5 test, flash playback etc. two more browsers were lost.
Chrome
Maxthon
Mozilla Firefox
Opera
Safari

Time to start checking for security and privacy features. These include per-site security configuration, auto updater or update notifications, sandboxing, SSL, availability of security & privacy extensions, privacy policy, how often and for what a browser “phones home” etc.
Mozilla Firefox
Opera
Safari

We are left with just a few browsers and it becomes clear why these are the most known and/or used browsers. So which one is the best in terms of security and privacy?
Safari has always been my browser of choice. It looks good, acts reasonably snappy, fully integrates with the OS and iCloud but I’m looking at this review from just the security and privacy perspective and I must say that Mozilla’s Firefox is the best. Both when it comes to “out of the box” features and available add-ons.

Here are some of the Firefox features that won me over:
– Password manager can be secured with a master password.
– Proxy settings in Firefox itself, no OS tweaks needed.
– It’s much easier to set a preferred search engine.
– Excellent control over cookies.
– Their latest version (23 at the time of writing) includes mixed-content blocking.
– As there are a lot of add-ons available for Firefox there is a potential for installing malicious add-ons. Firefox’s Blocklist Feature will disable any add-on that is known to have vulnerabilities, bugs etc.
– Transparency in everything they do.
– More frequent updates.
– Page info/inspector/dev tools (available in Safari through Developer menu)
– A separate window for my downloads! Not security or privacy related but something I’ve missed in Safari ever since it was taken out.

I’d like to see more use of sandboxing for the app itself and plugins like Flash in the future.

I switched to Firefox when version 23 was released during the course of writing this article and must say I feel better just by being able to completely block cookies I don’t want rather than have them auto-delete when I quit the app. Google, Facebook, Yahoo etc. cookies don’t spend a second on my system anymore and this prevents them from tracking my browsing habits. The level of control Firefox gives me over cookies is just one of the features I like but it’s a big one for me.

I’ve never used Safari’s “remember the password for this site” feature as I could not set a master password, something Firefox (and Opera) can do. Safari will prompt you for the account password whereas Firefox allows you to set a separate password. Of course you want to secure your system with a screensaver password and disk encryption either way but a master password in the browser itself is just added piece of mind for me in the event my account password is ever compromised.

The ability to set whatever search engine I like (Startpage.com) without the need to install 3rd party software is something I definitely like too.

Between Opera and Safari I found small advantages one had over the other in different areas, both are good browsers. In the end it may all come down to preference. I found that the availability of add-ons/plugins/extensions made all the difference between a good browser and a great browser.

The usual suspects I’ve mentioned in this blog before are available for Firefox too. AdBlock Plus Edge, DoNotTrackMe and if you like Safari’s reader feature that can be added to Firefox as well through an add-on called Reader. A new add-on I found was Block.it which allows me to block domains I specify. By adding google.com and facebook.com to the BlockSite list and with the strict cookie control on top of that I feel great browsing the web knowing I’ve made a huge dent in their ability to track me. In the rare occasion I need to visit a Google or Facebook page I now use Safari so that these visits (and their cookies etc) are isolated.

firefox-new-logo-2013-large-640x645You can read Mozilla’s mission here and you can go here for their Manifesto. Their principles can be found here and the privacy policy specific to Firefox can be read here. Finally you can get the latest version of Mozilla Firefox right here (English) or other system and language versions here. All the URL’s you need!

The articles I’ve written in the past will be adjusted to include information about Firefox as well and going forward, whenever applicable, I’ll provide options for both browsers. Firefox because it is, in my opinion, the best browser and Safari because it is part of OS X and still the most used browser today. Opera, while a good browser, will not be discussed as it is not widely used.

If you have been using Firefox or have decided to switch, check out my follow-up article on how to configure Firefox here.

What’s your browser of choice and why? Comments and feedback welcome!

Posted in Security Tagged with: , ,
30 comments on “Which web browser is the most private and secure
  1. Jennifer Majors says:

    Realistically, if privacy is that much of an issue, none of these browsers are any good. For real privacy something like the tor browser is needed. On the other hand, the torch browser has a site unblocker and an incognito mode making it pretty decent for privacy too without having to go to the dark net. But there is no real privacy with standard web browsers, it doesn’t exist.

    • Jay says:

      I’ve had serious doubts about the Tor network for a long time. The old and outdated version of Firefox it uses in the browser bundle for example is a big concern (an old vulnerability was recently exploited on the Tor network). I’ll recommend a good VPN over Tor any day. Choosing the right browser is just part of the solution, security comes in layers so a proxy/VPN combined with properly configuring the browser will get you pretty close to being as private as possible. I had not heard of Torch before, will check it out and add to this article if needed, thanks for the heads up.

      • Jay says:

        Just testing the Torch browser which is based on Chrome. Immediately after launching it attempts to contact at least 6 google domains, a facebook domain and twitter domain. And it keeps pinging them until it gets a connection. Definitely not what I look for in a private browser. Even when configured (as much as it lets me) to not contact any 3rd party services it constantly phones home to Google. This alone would have gotten Torch excluded really quick. When privacy is a concern, this is a browser I would stay far away from.

  2. OLDPCguy says:

    If people really knew how deeply Chrome intrudes their system and connects itself to various processes, they would never download it. Did you know that if Chrome is set to default web browser when it is uninstalled, it will greatly affect your system in a negative way and slow browsing process of the pc greatly. And it takes a bit of a fix to correct it after that. Chrome also competes for default browser, and just try and keep Google updater from running!

  3. flakefrost says:

    I believe Google Chrome is the best for desktop because it feels snappier and includes a great layout. I do most of my Web Browsing on my iPad with Mobile Safari and it’s extremely fast, plus it offers great HTML5 support. I think Mobile Safari was one of the first browsers to have full HTML5 support. This was Apple’s way of reducing the need for Flash Player by offering a new and somewhat better way to connect. I deffinitely prefer browsing with multitouch and iOS offers fairly robust security over Windows due to the many thousands of exploit vunerabilities out there.

    • Jay says:

      Chrome is not the best when it comes to privacy and security but it is slightly faster than Firefox. Privacy on an iPad or any other iOS device is virtually non-existent. No way to block companies like google, facebook or yahoo at all. On iOS the StartPage app is a good way to perform searches but when it comes to browsing and leaking information an iOS device is something you definitely do not want to use if you want privacy.

    • smileslow says:

      We have the whole community confirmed that Chrome tends to corrupt every bigger file download, including big images, and installations for some main mmorpg games.

  4. Lyon says:

    In terms of security and features, Firefox is the king and is light-years ahead of the others – Chrome, Opera, Safari, IE.

    However, even with Firefox, your are completely insecure on the net. If someone creates malware and wants to spread it on the entire net, you are not safe with either one, much less with tor or VPN.

    “Good” malware already has code to bypass all browsers, and to and VPNs… Nowadays malware is built to consider everything it will encounter.

    It does not matter which browser you use. It matters what internet security or specific security tools you use, especially a firewall, but you can be hacked as well, it just takes more time.

    Computers are 99% insecure all the time, even the most secure ones.

    The best is to save confidential stuff in paper nowadays!

  5. Robert says:

    I’ve been using Firefox for years. It does have good security features and the user interface and addons are excellent. I’ve encountered one reoccurring problem that may be a deal breaker for some users. Firefox occasionally looses all your bookmarks. Sometimes the bookmarks are recoverable, sometimes not. The problem has been around for years with no permanent resolution. The Firefox website documents numerous bookmark recovery procedures that frequently work.

  6. zolar1 says:

    Be aware that firefox now comes with extra geolocation settings you don’t normally see.
    It seems Mozilla is partnering with the governments and Google to locate you via not only your wifi information but the wifi information of those around you that you can detect.
    Armed with information like that they can pinpoint your exact location pretty easily.

    Go to about:config and type in geo
    Double click on geolocation to make it false and for the wifi geolocation double click on it and type in http://127.0.0.1

    And those two are a small fraction of the security things you need to do.
    LSO (AKA Flash) cookies are another way to track you. You need to get better privacy extension to block/delete ALL of them before and after each browser session.
    Additionally, when using more than one tab or window at a time the others can track what you do on other tabs.
    Best is to open different browsers to prevent this problem.
    Example: open firefox.
    If you need to go to a different site while leaving that open, open Opera and manually go there to the second site.
    Privacy is getting nearly impossible to have any more and yet that is a basic human right.
    Oh, and watch out for reverse proxies. Those are known for spoofing security certificates to trick you into a false sense of security. I have caught several doing this.
    If you cannot use tracert, ping, or traceroute, chances are you are behind a reverse proxy.
    Other ways to protect yourself is with a virtual machine. Launch it, point the connection to a proxy and you can at least isolate your hardware ID’s. And yes, they track you with those too.
    Spoofing hardware ID’s, especially UUID’s, is VERY difficult.
    Google will be using AdID soon and there is almost no way to escape it.
    Why does everyone want to know who you are, what you are doing, and your exact location???
    Something isn’t right with this picture…

    • Jay says:

      Thanks for the feedback. I have included the geolocation bit in the follow-up post about configuring firefox: http://securityspread.com/2013/08/13/configuring-browser-privacy-security-firefox/

      As the browser (most or all of them) have one central location to store cookies and caches it makes sense that multiple tabs or windows can know something about each other. If one site loads Google ads and the other site does that too, Google knows something about both tabs. It was pointed out to me that loading one window in normal browsing mode and another in Private browsing mode will cause firefox to have two different locations for cookies and caches, window 1 will not be able to access the cookies for private window 2 for example. This is a small workaround that may help.

      • Kris says:

        I always end up adding ghostery and adblock plus (I’ll have to try edge) in chromium, iron, ice dragon or firefox. Has anyone tried much of dragon or ice dragon? It seems they are just forks of chrome and firefox by comodo which is supposed to be a pretty secured dns and ssl certificate group. I have tried ice dragon myself and liked it, It has a few things that are a bit odd, and has a facebook button which can be disabled. I kind of liked the ability to use secured dns though.

        I have only tried ice dragon so far. I am curious to try dragon.

        Oh yeah, If you aren’t a big fan of chrome due to it calling home srware iron is a pretty elegant fix for that.

  7. Kevin says:

    Thanks for sharing your research on secure browers. Glad to see Firefox, my long-time favourite, highly recommended. Irrespective of security, I will not trade a slight increase in speed for the convenience FF provides, like the wonderful search bar and cool add-ons. I read the post about geo-location with some interest but it doesn’t concern me at all because I’m sure it’s meant to catch bad guys, not spy on boring folk like me. In fact I’m actually glad it’s there.

    Anyway, I was in search of a browser for times when I feel I need extra tight security (such as when I’m on a public network in a country rife with hackers and scam artists). I came across a Chrome based browser called Comodo Dragon. It promotes itself as being extra secure and private. It states it has “privacy enhancements that surpass Chromium technology”, some kind of domain validation technology, etc.

    I didn’t see this on your list and was wondering if you or anyone else had thoughts on this one.

  8. Rob says:

    I wouldn’t trust Firefox, it seems like just like the other major players in the browser world, they are becoming more about the corporation and less about true respect for privacy and tolerance for all viewpoints. Search for Brendan Eich, whether you agree with the guy or not, his personal matters, especially when they are certainly not even remotely criminal and arguably quite the contrary, should not be used against him for the sake of the “corporate image” and political correctness. As for my personal choice, I say better to stick with the devil you know than the one you don’t know, so back to Safari it is for me, bye bye Firefox.

    • Jay says:

      The whole Firefox hype over the past few days/weeks is nonsense imo. I truly don’t care what the CEO’s personal preferences are as long as the product is good, and it is. Choosing a less secure browser over a more secure one because the CEO (or their response to public pressure in this case) is not to your liking is a bad move.

      • Kim says:

        Any company that fires an employee because of their political views, is not a company I will ever do business with again. We have enough socialism going on in this country these days. And, it’s a shame, because I’ve been a huge fan of Firefox for several years now. But, they’re gone from my computers now.

        • Bill says:

          Mine too!

          • TB says:

            Mine too! Kudos! I switched to Opera b/c it wasn’t MS, Apple, or Google. Comparatively speaking, am trying to support the “least worst offender”.

        • jesse says:

          LOL. How is firing over political views a “socialist” thing? I have no idea what the connection is. I have lived in many countries, none less socialist than the US, and frankly I don’t get the “socialist” fear mongering in the US. If anything the amount of money that influences politics, the military industrial complex that persists, not to mention the prison industrial complex (really, you all as a nation believe you possess 25% of the world’s bad people?) is evidence that the the private sector, as business entities, control the US government. This is evidence that the US suffers from out of control capitalism, if anything. I think you are equating communism with socialism. They are two completely different things. In practice, communism is a dictatorship. It has no actual linkage to socialism in practice. But with all the talk of free market values, and “freedom” won with guns and bombs, the US is coming a pretty close runner up as a dictatorship with fewer and fewer rich people actually controlling the government.

          • Brisas says:

            the “socialist” thing is a a typical, right-wing, conservative clue terminology.

            Nothing new there, except that firing employees because of political views is a capitalist thing. Communist and socialists, the radical types will jail or deport you for similar “sins”. But, some people don’t want you to know or undersstand the difference.

    • Phil says:

      This is why I’m stepping away from Firefox – if they’ll do that to their CEO for his personal views, what reasonable expectation do I have that they will show any respect for me? I’ll be checking out Opera and Safari, thanx for the the great review!

  9. david jernberg says:

    check out white hat aviator browser
    set up by a security company white hat
    and use ixquick.com or startpage.com for search engines
    they are in holland and do NOT track what you search

    • Corby says:

      Great suggestions, mate! Making habit adjustments to use WhiteHat Browser. Still can’t find a good current browser with scroll arrows, but that’s not a security thing.

  10. duncan says:

    Just like to comment on safe browsers. Up to the last few days I have been using Yandex and Comodo I have used in the past opera/chrome etc, along with ABP/Ghostery .I do realise they take note of your whereabouts but as David said above for the past 3 days I have been using Aviator and so far it beats the lot in security although in my version Yandex is used along with Duck Duck Go not ixquick/Startpage although my other browsers use both. .Having said that you still require ABP as it will not remove all ads even with the plug in Disconnect.

  11. ED says:

    Jay, Looks like you are learning more about Politics than you wanted. :-)
    What about QTWeb Internet Browser. I heard about this browser and checked-out their site http://www.qtweb.net. There’s a thorough comparison tab that shows some powerful computing. They don’t support Active X or Java – is this a problem in your opinion? Keep up the good work

    • Jay says:

      ;) I’ll check it out. This article might be due for a re-write soon as browsers and technologies change so fast. I appreciate all the feedback, definitely enough to go on for the next article!

  12. Unimportant says:

    What about tor? Tor has the basic functions that a browser should have and it’s pretty darn secure.

  13. MB says:

    Great article.
    How about another on mobile browsers?

  14. Varun Sharma says:

    Biggest client of Firefox is Google. And guess what can they share and how firefox is changing.

6 Pings/Trackbacks for "Which web browser is the most private and secure"
  1. […] that I’ve replaced Safari with Firefox, my new browser of choice, it’s time to cover it’s configuration for best privacy and performance. I’ve […]

  2. […] Which web browser is the most private and secure http://t.co/YSP1ZqILZa via @zite […]

  3. […] which I consider to be the most private and secure web browser, released version 26 today. The update includes several security patches, click-to-play […]

  4. […] giving up support for Snow Leopard, users of that OS X version are recommended to switch browsers. Firefox would be an excellent choice as it’s latest versions support OS X 10.6 and up so even older OS versions will benefit from […]

  5. […] also released an update putting their awesome browser at version 27. If you already use Firefox, the most private and secure web browser, you can go to the Firefox menu > About Firefox and the update will start downloading. You can […]

  6. […] updated iOS device for web browsing. • You can also use Chrome as it is also not affected but I will always recommend Firefox over Chrome. • Use webmail in Firefox, not Apple Mail. Or use your updated iOS device to send and […]

Leave a Reply

Your email address will not be published. Required fields are marked *

*


*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Malware Detection Rate Results

Last updated:
Sunday October 5th, 6:40PM EST
436 Samples, 44 Applications
#1 Avast
#2 Intego
#3 Norman
Get it here.