What is the most secure web browser,

[secureot <secureot () yahoo com>]

Hi all,
Thanks for the feedback. To elaborate more on what I
am asking the list. I will add. Yes I am asking about
the most secure “graphical” browsers.
I do not know how to define minimum functionality but
will try to give more info. I’m aware that the
security of the browser can be defined within the
browser itself or by restricting the sites the users
visit.
I am just wondering if there is a browser that:
 A) Installs securely by default install.
 B) Maybe runs a code integrity checker in the
background that warns you on a malicious sites or at
least gives you a heads up before you negative action
is about to happen.
 C) Supports the 3rd party software vendors (e.g.
Macromedia)
 D) Disable certain bugs by event correlation (I think
it will still be worth it even if it misses once in a
while).
 E) Ties into a virus protection engine that checks
files that are downloaded maybe in a “virtual secure
space” before execution of the files
 F) Enhances capability in to other M$ office suite
applications and other popular software.  

I am aware of the none-patchable bugs that are
released almost daily and am wondering if this thought
was ever addressed. The security community has created
Antivirus, Firewalls, IDS/PDS, Keyloggers and more
products. Has there never been a thought of opening up
a project for the secure graphical browser. That would
guard you at least from the basic cross-site scripting
and other malicious code out there?
I know you can block or define where users “visit” but
I believe that has negative affects on productivity. I
also believe we all should be able to experience the
cloud with everything that it consists off.
I know you may not have the answer, neither do I, but
am interested in other peoples take on the matter….
Maybe I am just vocalizing a pipe dream but isn’t this
how ideas come to fruition?
Any feedback is very much appreciated,
O

--- Chris Ess <azarin () tokimi net> wrote:
> > I have been researching these security lists for a
> > while, and am still puzzled and would like some
> > feedback…
> > There have been several recent vulnerabilities in
> the
> > past few weeks alone on IE, that prove that it is
> > obviously not the secure web browser of choice.
> > My question to the list, is what is the most
> secure
> > browser that will not get manipulated like IE?
> > Is the programming languages and protocols at
> fault or
> > $pecific vendors?
> > I don’t think that continuous, almost daily
> patching
> > is realistic or even close to a resolution. I also
> do
> > not believe that Lynx is an answer.
> > Any input would be appreciated…
>
> I think you need to specify more clearly what the
> minimum functionality
> you're looking for is.  Without knowing that, we may
> not be able to answer
> the exact question you're asking.
>
> The term 'web browser' suggests that the program
> renders the HTML on a
> page, so suggesting a telnet to port 80 on the
> client host (or using the
> GET utility which comes with libwww-perl) would not
> be of use.
>
> I wonder why you say that lynx is not an answer,
> especially since in my
> mind and experience it's one of the more (if not the
> most) secure browsers
> out there.  (I don't think I've heard of a security
> bug in lynx, but that
> doesn't mean there aren't any.)  Other suggestions
> for more secure
> browsers are links and w3m, but these are also
> text-only browsers.  I
> suspect that you are really asking about the most
> secure 'graphical' web
> browser.
>
> I have not really dealt with web browsers outside of
> the 'big three' --
> IE, Mozilla/Netscape, and Opera.  However,
> alternatives e.g. Galeon and
> Konqueror do exist.
>
> We hear about issues with IE all the time and in
> Opera to a lesser degree.
> Mozilla/Netscape bugs are comparitively rare but not
> uncommon.  I know of
> at least one Konqueror security bug report and I
> don't think I've seen any
> for Galeon.
>
> For general web use, I would probably suggest
> Mozilla or Firebird based
> on my experience.  There may be more secure
> alternatives I'm not aware
> of or have not used.
>
> Even  then, though, this will only cover security
> for the web browser
> itself.  If malicious content is loaded by a plugin
> or separate program,
> e.g. Macromedia Flash Player, and exploits a bug in
> said program, your
> choice in browser won't save you.
>
> I'd be interested in hearing more about security
> benefits and drawbacks of
> the 'alternative' browsers.
>
> Sincerely,
>
>
> Chris Ess
> System Administrator / CDTT (Certified Duct Tape
Technician)


__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com

---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------