When and why to stray from Chrome, Edge, or Firefox, some programs and extensions to support your Internet experience, and the increasing complexity of the dangers of going online.
1. New and/or Obscure Web Browsers
(and related software)
RCSI
7pm 4/10/18
Slideshare.net/msz
Mark S. Zinzow
2. Web Browser Family Trees
https://www.granneman.com/webdev/browsers/
Trident*
KHTML / WebKit / Blink*
*
Browser Layout Engines
Gecko
Goanna
Servo*
3. Browser Layout Engines
https://en.wikipedia.org/wiki/Web_browser_engine
âA web browser engine, also called a layout engine, is a computer program that renders web
pages. It is not a stand-alone program but a core component of larger programs, primarily web
browsers.
âŠ
Trident is the layout engine of Internet Explorer, also used by Microsoft Outlook and other
Windows applications. Microsoft now uses the newer EdgeHTML engine in its Edge browser.
Gecko, the Mozilla project's layout engine, is used by the Firefox browser, the Thunderbird e-mail
client, and the SeaMonkey internet suite. Goanna is a fork of Gecko used by the Pale Moon
browser. [Firefox Quantum leverages the concurrency of Rust and high-performance components of Servo to
bring more parallelization and GPU offloading to Firefox.]
KDE created the KHTML engine for use in its Konqueror browser. Apple forked KHTML make the
WebKit engine for its Safari browser. Google originally used WebKit for its Chrome browser but
now uses its own fork called Blink. The Opera browser also uses Blink; previously, it used its own
Presto engine.â
[ https://wiki.mozilla.org
/Quantum]
5. Chromium Based Browsers
With Extra Features
https://www.raymond.cc/blog/chromium-browser-alternatives-with-extra-features/
https://www.smashingmagazine.com/2015/09/chrome-firefox-safari-opera-edge-impressive-web-
browser-alternatives/#the-browsers
Vivaldi - reintroduces many of the features (like tab stacking) and functions removed from Opera.
Yandex - DNSCrypt sends and receives encrypted requests from a DNS server,
Antishock blocks fraudulent or unpleasant ads and popups,
Ebook viewer can read epub, fb2, doc, docx, ppt, pptx, rtf as well as pdf.
Cent - QR code generator in address bar, download video/audio, Memory optimizations,
Custom stylesheet, Scrollable tab bar.
Opera - Built in ad blocker & VPN! Opera Turbo pre-compresses pages on Opera
servers, "Download Chrome Extension" Extension to use Chrome extensions.
Slimjet - Special version available for Windows XP and Vista users, ad blocker, video
downloader/Screencastify crippleware, tracking prevention with social network
javascript and Google ad blocking, Smart form filler, Auto refreshâŠ
UC - Often three or four major versions behind the current Chromium
(security risk), WiFi hotspot creator (FREE Tethering?), ad blocker, and download
manager, auto UI night mode.
Sleipnir - Quick security switcher, color coded tab groups, integrated Feed reader.
Brave - Ghostery like security/privacy panel blockchain micro payments
Epic - Built in US encrypted proxy, umbrella ad blocking and privacy on/off button.
Avant Ultimate - a triple engine browser, like Lunascape.
Citrio - Downloads manager supports torrents and magnet links, speed boost, and
resume failed connections.
6. Issues: Privacy, Security, Features
Why You Shouldnât Use (Most) Alternative Browsers Based on Google Chrome
https://www.howtogeek.com/108384/6-alternative-browsers-based-on-google-chrome/
Browserscope is a community-driven project for profiling web browsers.
http://www.browserscope.org/
Private or Incognito Windows aren't really private⊠Use a VPN!
https://thatoneprivacysite.net/vpn-comparison-chart/
https://www.ssllabs.com/ssltest/viewMyClient.html
https://tiptopsecurity.com/what-is-the-most-secure-web-browser/
10. Spectre & Meltdown
Security Vulnerabilities
https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)
âSpectre is a vulnerability that affects modern microprocessors that
perform branch prediction.[1][2][3] On most processors, the speculative
execution resulting from a branch misprediction may leave observable
side effects that may reveal private data to attackers. For example, if the
pattern of memory accesses performed by such speculative execution
depends on private data, the resulting state of the data cache constitutes a
side channel through which an attacker may be able to extract information
about the private data using a timing attack.â
https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)
âMeltdown is a hardware vulnerability
affecting Intel x86 microprocessors, IBM
POWER processors, and some ARM-
based microprocessors. It allows a rogue
process to read all memory, even when it is
not authorized to do so.â
11. Opera 50 Introduces Anti-Bitcoin Mining Tool
http://blogs.opera.com/desktop/2018/01/opera-50-introduces-anti-bitcoin-mining-tool/
Other Distributed Computing applications may be the next wave of online abuses!
12. Browser as Botnet, or the Coming War on Your Web Browser
https://medium.com/@brannondorsey/browser-as-botnet-or-the-coming-war-on-your-web-browser-be920c4f718
âDid you know that those pesky banner ads that follow you around the web are often iframes, a
special HTML element that allows you to embed web pages into other web pages? That sleazy
click-bait photo at the top of your favorite torrent site might not be the innocent .JPG you think it
is, but rather a web page in its own right, with the ability to deliver custom JavaScript code that
gets executed in your browser.â
â...there is nothing stopping a malicious actor from using hundreds of Gigabytes of network data
from your cell phone over an LTE connection and racking up a $10,000 phone bill in the
process.â
âRecent hubbub about the Meltdown and Spectre CPU vulnerabilities and their ability to be exploited via
JavaScript is haunting given the success of iframe Internet advertisements as a means of
distribution for malicious JavaScript code. Other reports of advertisements using browser form auto-fill
features to steal username, password, and credit card information from unsuspecting users scare the pants
off of me given what I now know about the scale and reach of these ad networks.â
13. Brannon Dorsey's Web Torrent bot
âThe ad ran for 24 hours reaching 180,175 browser clients from 127,755 unique IP addresses.
328.5 KB were uploaded every second by each browser on average, leading to a 702 Mbps
upload speed for the entire network.â
âClients had an average seed ratio of 2.24 (106.18 max) and uploaded 25 MB of data each
(69.28 GB max). The entire network seeded (uploaded) a whopping 3.15 TB of data in a
single day.
â⊠please, please, please BLOCK ADS. If youâve somehow made it all the way to 2018
without using an ad blocker, 1) wtf⊠and 2) start today. In all seriousness, I donât mean to
be patronizing. An ad blocker is a necessary tool to preserve your privacy and security on
the web and there is no shame in using one. Advertising networks have overstepped
their bounds and its time to show them that we wonât stand for it.â
â⊠it [WebRTC] also comes with some significant security concerns. Torrents can be
downloaded and uploaded in the background of web pages unbeknownst to users, which can
become particularly problematic if the content is illegal or otherwise unwelcome.â
15. Ad Blockers
âGet the anit-adblocker-killer, no more [will] sites tell you to turn off your adblocker, while it
still blocks the ads.â â https://github.com/reek/anti-adblock-killer
Test your ad blocker here â https://ads-blocker.com/testing/
âUntil the ultimate ad blocker is build [sic] we have to work with what we have. If you follow the steps on our website you will
be presented the best working top rated and most downloaded free ad blocker online that suits your browser!â
Best Ad Blockers of 2018 - Extensions for Chrome, Safari, Firefox and...
https://www.tomsguide.com/us/pictures-story/565-best-adblockers-privacy-extensions.html
10 Ad Blocking Extensions Tested for Best Performance
https://www.raymond.cc/blog/10-ad-blocking-extensions-tested-for-best-performance/
The Best Ad blocker apps for Android to block ads and How to stop pop ups
https://getandroidstuff.com/ad-blocker-android-best-apps/
31 Best Ad Blockers for Chrome, Firefox, Android and iOS in 2017
http://www.pingzic.net/best-ad-blocker-for-chrome-firefox-ios-and-android/
Google Has Started Removing Ad Blockers from the Play Store [sideloading available]
https://lifehacker.com/5990448/google-has-started-removing-ad-blockers-from-the-play-store
16. Script Blockers
âThe NoScript Firefox extension provides extra protection for
Firefox, Seamonkey and other mozilla-based browsers: this free,
open source add-on allows JavaScript, Java, Flash and other
plugins to be executed only by trusted web sites of your choice
(e.g. your online bank).â â https://noscript.net/
ScriptSafe - https://www.andryou.com/scriptsafe/
A Chrome [Firefox, Opera, Vivaldi, and Chromium derivatives] extension that gives users
control of the web and more secure browsing while emphasizing simplicity and intuitiveness.
uBlock â a lean and fast (Chrome, Safari, Firefox) blocker â https://www.ublock.org/
âYet another blocker for those who can't stand micromanaging rules etc., but are yearning for
something that doesn't eat away at their computer resourcesâ
https://www.wilderssecurity.com/threads/ublock-a-lean-and-fast-blocker.365273/
Umatrix â Definitely for advanced users â https://github.com/gorhill/uMatrix
âuMatrix offers offers a much more granular control of what you allow for a website. And it offers some
features - like cookie control, UA switcher, clearing the cache (to get rid of Etags), granular control of
behind-the-scene-requests - which uBlock simply doesn't have. On the
other hand, uBlock blocks things impossible to block with uMatrix.â
https://www.wilderssecurity.com/threads/ublock-a-lean-and-fast-blocker.365273/page-41
âŠ
https://alternativeto.net/software/umatrix/
There are many choices, and many reasons to choose different approaches.
18. Puffin Browser - Windows & Mobile
https://www.puffinbrowser.com/
âPuffin's JavaScript engine and cloud
computing technology use servers to
preprocess and compress web pages,
achieving loading times up to 5x faster
and saving up to 90% of your
bandwidth vs. regular web browsing.â
Smallest Memory
Footprint by an order of
magnitude on Windows!
19. âAll traffic from Puffin app to Puffin server are encrypted.
Itâs safe to use public insecure WiFi through Puffin.â https://www.puffinbrowser.com/windows/
âLog servers analyze the logs and generate reports. Afterwards, the logs are purged. The reports have
aggregated statistical data, which is insufficient to be cross-referenced to identify any individual user.â
https://www.puffinbrowser.com/privacy/privacy_policy.php
20. Brave Giving Away $5 USD
Grants in Tokens Per User on First Come, Time-Limited Basis
https://www.brave.com/brave-grants-300000-promotional-tokens-to-browser-users/
âAnnouncing a limited time promotion that grants Brave browser users utility tokens that can be
contributed directly to their favorite sites and YouTube channels. Brave browser users will
receive promotional Basic Attention Tokens (BAT), which must be used within 90 days, via their
Brave wallets after they opt into the offering. Brave users must use the latest desktop browser
release (0.19.105) to receive the promotional BAT.
The tokens will be released from the User Growth Pool (UGP), which was created during the
sale of the utility tokens in May 2017. The UGP consists of 300 million tokens set aside to
incentivize users to join the Brave platform. This initial promotion has a cap of 300,000 tokens
and it will be distributed to current and new Brave users over the next 30 days, as detailed
below (or until the cap is reached).
Each grantee will receive the rough equivalent of 5 USD in promotional BAT, which more than
covers the current minimum monthly budget of 25 BAT set in Brave Payments, the BAT-based
publisher contribution system. If promotional BAT arenât used within 90 days to support
publishers, they will automatically return to the UGP.â
21. Basilisk
https://www.basilisk-browser.org/
Basilisk is a free and Open Source XUL-based web browser, featuring the well-
known Firefox-style interface and operation. It is based on the Goanna layout
and rendering engine (a fork of Gecko) and builds on the Unified XUL Platform
(UXP), which in turn is a fork of the Mozilla code base without Servo or Rust.
Basilisk as an application is primarily a vessel for development of the XUL
platform it builds upon, and additionally a potential replacement for Firefox to
retain the use of Firefox Extensions.
https://www.ghacks.net/2017/11/17/pale-moon-team-releases-first-version-of-basilisk-browser/
The current development version of Basilisk is available for Windows and Linux. On Windows, all
versions of Windows starting with Windows 7 are supported. The developers recommend 1 Gigabyte
of RAM as a minimum (2 Gigabyte for heavy use scenarios), a modern processor and a dedicated
GPU.
On Linux, any modern Linux Distribution should do but you should check out the requirements page on
the Basilisk website for details on libraries that the browser requires.
It should not come as a surprise that Basiliskâs interface looks pretty similar to that of Firefox pre-
version 57. It features the same customization options and preferences as Firefox for the most part;
and all of these open exactly as they do in Firefox.
The browser supports legacy extensions, and you can head over to Mozillaâs AMO site to install them
right away in the browser. But the web browser supports WebExtensions as well. Support is
experimental right now, and some WebExtension APIs that are Mozilla-specific may not be supported
yet.
Still, it appears as if Basilisk will support legacy add-ons for Firefox and WebExtensions, and not one
or the other.
Extensions donât need to be signed to be installed in Basilisk.
22. Download Managers
11 Free Download Managers
https://www.lifewire.com/free-download-managers-4129266
https://sourceforge.net/directory/os:windows/?q=download+manager
413 to choose from as of 1/18/18
Xtreme Download Manager (XDM) â http://xdman.sourceforge.net/
uGet - Download Manager â https://sourceforge.net/projects/urlget/
23. Browser/Web Annoyances
Where have all the scroll bars gone?
Google Chrome Thin Scroll Bar - gHacks Tech News
https://www.ghacks.net/2011/05/25/google-chrome-thin-scroll-bar/
https://bugs.chromium.org/p/chromium/issues/detail?id=340916
Dancing scrollbars in chrome at contacts.google.com. Broken for 3 years!
https://chrome.google.com/webstore/detail/win7-scrollbars/cifcnoebhbpdndjendfkpehpfbglgfkc
https://github.com/davidofwatkins/rescroller/issues/3
https://chrome.google.com/webstore/detail/rescroller/ddehdnnhjimbggeeenghijehnpakijod
Top 10 Browser Extensions that Eliminate Web Annoyances
https://lifehacker.com/top-10-browser-extensions-that-eliminate-web-annoyances-1787371353
Comcast modifies web pages!
https://consumerist.com/2016/01/12/why-is-comcast-interrupting-my-web-browsing-to-
upsell-me-on-a-new-modem/
HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts your communications
with many major websites, making your browsing more secure.
Encrypt the web: Install HTTPS Everywhere today.
https://www.eff.org/https-everywhere
Your examples?
24. Thank You & Last Notes
UZBL Unix browser â https://www.uzbl.org/
https://www.computerworld.com/article/3219733/web-browsers/the-14-best-firefox-add-ons-of-2017.html
Support for Hello discontinued in Firefox 49 | Firefox Help [Alternative WebRTC video chats]
https://support.mozilla.org/kb/hello-status
RecordRTC | WebRTC Audio+Video+Screen Recording
https://www.webrtc-experiment.com/RecordRTC/
MediaStream Recording | Client-side WebRTC code samples
https://webrtc.github.io/samples/src/content/getusermedia/record/
âSeriously, it's uncool to save my search for "red polka dot underwear" and show me ads for them.â
Epic new tab
Notas do Editor
Web browsers are the life blood of the Internet, and Browser developers have the last say in how we experience the Internet. Fortunately, there are enough browsers to give us many choices!
Subtitle?
When and why to stray from Chrome, Edge, or Firefox, some programs and extensions to support your Internet experience, and the increasing complexity of the dangers of going online.
Since the last slide identifies browser families by layout engine, here is an obligatory description of what layout engines are.
Before we talk about the numerous Chromium Based Browsers, we should talk a bit about why this code base is so heavily built on.
The Chromium projects include Chromium and Chromium OS, the open-source projects behind the Google Chrome browser and Google Chrome OS, respectively. This site houses the documentation and code related to the Chromium projects and is intended for developers interested in learning about and contributing to the open-source projects.
Yandex Browser is a freeware web browser[4] developed by the Russian web search corporation Yandex that uses the Blink web browser engine and is based on the Chromium open source project.[5] The browser checks webpage security with the Yandex security system and checks downloaded files with Kaspersky anti-virus.[5][6] The browser also uses Opera Software's Turbo technology to speed web browsing on slow connections.
https://en.wikipedia.org/wiki/Yandex_Browser
Brannon Dorsey goes into great detail as to how WebRTC (a new protocol for peer-to-peer networking) can be exploited in scary ways!
Any web ad could drop a huge pirate file to be seeded by your browser, racking up a huge cellular data bill!
Just connecting to this web site turns your browser into a torrent seeder.
Memory footprint is a browser feature I really care about. This alternative to the Windows Task Manager is a great tool to see just how much of a memory hog your browser is!
They're not paying you to use their browser, but they are giving you money to pay the web sites you visit!