CIO

Secure web services

If there's one thing the Snowden leaks have shown us, it's that security and privacy are largely an illusion.
WhiteHat’s Aviator combines excellent features with the popular Disconnect plugin.

WhiteHat’s Aviator combines excellent features with the popular Disconnect plugin.

If there's one thing the Snowden leaks have shown us, it's that security and privacy are largely an illusion. Yet, it's still possible to make it harder not just for criminals and hackers but also questionable government agencies with the right tools. Unfortunately, one of the key programs we all use to interface with the net is also the one of the primary vectors of attack -- the humble web browser.

Beyond exploits in the browser itself, web browsers can inadvertently deliver malware through drive-by downloads, trick users to install software via social engineering, and build identifiable profiles of users via tracking, all of which are a threat to the business environment when these users are sitting behind your firewall and on your network.

So it's no surprise that, as a result -- and especially after the events of the past year -- browsers with a stronger focus on security and privacy are becoming more popular.

Secure browsers
It's telling the browsers like Firefox, Chrome, IE, and Safari will all do the same job in much the same way. A browser isn't chosen for how it renders pages anymore, instead it's about the other features it provides -- or in the case of trying to ensure security and protect privacy -- sometimes the features it doesn't provide.

On the whole the major players have made efforts in recent years to better secure their browsers and enable options on privacy for users, though the depth and breadth of these features differs between vendors. IE 10 for example enables Do No Track by default (see Microsoft's test page here to test your browser), Chrome integrates phishing and malware detection (and conversely buries its Do Not Track option in Advanced Settings and is disabled by default -- no surprise since this works against the business model), and Firefox sports a wealth of privacy features (with Mozilla boasting that it's 'The most trusted internet company for privacy').

But the big players aren't the only option. It's not common knowledge, but Google's popular Chrome browser is developed through an open-source project called Chromium. You can download Chromium builds for Windows, Linux and MacOS X and these are identical to Chrome builds with the following exceptions: there's no auto-update system, no integrated Flash, no communication to Google servers on usage statistics or search terms, and no RLZ tracking (used for promotional campaigns).

Its open-source nature also means others can take this base and build a new browser around it, which unsurprisingly is exactly what some of the following browsers we're about to cover have done.
So what are the alternatives and how do they differ? Lets take a look.

Secure browsers

Secure search

Page Break

WhiteHat Aviator

A relatively new browser and the new poster boy for security and privacy, WhiteHat Aviator is a derivative of Chromium that comes with a range of default security-focused presets, as well as some interesting changes and additions. For a start, settings like Do Not Track are enabled and navigation prediction disabled (as is any form of feedback to Google), while ads are automatically blocked and media files don't automatically play -- cutting off two popular avenues for malware infection.

Additionally, you need to activate any Flash elements on a page manually, which not only helps in avoiding annoying Flash, but also speeds page loading.

Tracking software used by marketing engines like Google Analytics and DoubleClick are also automatically blocked, as are HTTP referrers (which can potentially contain private information), with WhiteHat's position being to not allow the user to be tracked at all.

It also automatically prevents access to any local non-routable IP addresses, such as those belonging to local computers, tablets or printers, so even in the event a user's browser is compromised it can't be used to hop to another device.

To help safeguard search queries, the default search engine is DuckDuckGo, which does its best to remove any personally identifiable information while leveraging the power of multiple search engines (see Secure Search, below).

Not everything in Aviator may be to an admins liking, however, with the privacy features extending to not storing browsing history, cookies, or even the tabs that were open so you can't 'restore last session'. By the same token, it also won't keep users signed into websites between sessions.

Finally, Aviator bundles in the popular Disconnect plugin automatically, which helps the user see just how websites are tracking them and what type of information is being divulged by their browser. This includes analytics, advertising, social and third-party content requests, and allows users to block these sources from tracking them. Disconnect is an excellent plugin, and easily one of Aviator's best features though, as a Chrome plugin, this can be installed on any Chrome-based browser.

Being built on Chromium it otherwise has all the features and speed of Chrome, making it an excellent alternative to the same. If there's one complaint that's been levied against Aviator it's that, unlike Chromium upon which it is based, Aviator itself isn't open-sourced, and one of the staples in the security sphere is that open-source allows anyone to see just what a program is doing. While it's unlikely, the fact Aviator does so much for security and privacy doesn't preclude the fact its authors may be doing their own tracking and harvesting of information, for without the source there's no way to know this for sure.

Aviator is available for Windows and MacOS X.

WhiteHat’s Aviator combines excellent features with the popular Disconnect plugin.
WhiteHat’s Aviator combines excellent features with the popular Disconnect plugin.

Page Break

SRware iron

Like WhiteHat Aviator, SRWare Iron is based on Chromium source code, and claims to have all the advantages of Chrome with improved security and privacy. In practice, however, the bulk of these features come from being based on Chromium -- that is, it simply lacks the phone-home and basic tracking Google adds to Chromium to create Chrome.

The exception is the integration of an ad-blocker, and an ability to more easily change the user-agent string through a supplemental .ini file. Like Aviator it also defaults to using DuckDuckGo for secure search. Aside from this, it looks and feels just the same as Chrome, and you're probably just as well served downloading Chromium and adding your own ad-blocker via an extension.

It's worth noting that when we went to download Iron, the first download link we found on the website used an installer, much like Chrome does, to grab the latest version but instead turned out to be junkware containing Search Protect -- a known browser hijacker -- and Sizlsearch, a marketing and advertising engine. Subsequent attempts to download worked ok (look for the Portable version to trial if need to). However, the irony is not lost.

SRWare’s Iron is close enough to the Chromium base that you might as well just use Chromium.
SRWare’s Iron is close enough to the Chromium base that you might as well just use Chromium.

Page Break

Dooble

Dooble eschews the Chromium base some of the other browsers use and is in fact an original browser, built using the Qt interface and WebKit HTML rendering framework. For those unfamiliar, Qt is a cross-platform toolkit used heavily in the KDE Linux desktop, and WebKit itself originated with KDE as KHTML (which you can still see in user-agent strings, and was later appropriated by Apple for Safari, and Google for Chrome before forking it into its own version called Blink -- but enough history for now!).

This means a couple of things for Dooble: firstly, it has a range of interesting features unique to the browser, and that while fully-featured it isn't quite as streamlined as browsers like Chrome and Firefox. There are a lot of menu options and the style is looking dated now compared to the latest iterations of its popular counterparts, but if you look past this it's a highly-capable browser.

In terms of privacy and security you can create site exceptions for the cookies, web and disk cache; utilise different proxies for browsing and downloading; prioritise HTTPS connections; enable Do Not Track and suppress HTTP Redict and Referral headers; and fine-tune exactly what type of JavaScript functions are permitted, or force it to be disabled entirely, among other options.

It also requires you to set a passphrase if you wish to save and restore a session, which includes booksmarks, cache, cookies, history and other related data. All of this becomes encrypted with your choice of cipher and hash type to prevent anyone else but the user accessing their respective session data.

Dooble uses the Metager search engine by default (see below) and comes in flavours for Linux, Windows and MacOS X. If there's one fault for Dooble it's the distinct lack of documentation, making it hard for less computer literate users to understand some of the more advanced features that help to set it apart.

A genuinely innovative cross-platform browser, Dooble is a great alternative to Chrome or Firegox.
A genuinely innovative cross-platform browser, Dooble is a great alternative to Chrome or Firegox.

Page Break

Epic Privacy Browser

Epic is another Chromium-based browser that, like the others here, aims to improve security and privacy by enabling more secure default options and throwing in a few surprises of its own.

These include Search Protection, which activates automatically when visiting a search engine like Google. In this mode all requests are sent via a US-based IP to hide your own, however you can also toggle this on at any time with any website. It's also perennially in 'private' mode,  where no personally-identifiable data is saved locally from a browsing session, similar to WhiteHat Aviator (e.g, you can't save a session to restore next time).

And, as we've come to expect from security and privacy-focused browsers, any form of user-based tracking is automatically blocked as are third-party cookies to prevent tracking you between sessions, while HTTPS is the default preferred mode when available. However it also boasts an in-built ad-blocker based on AdblockPlus blacklists that are regularly updated, as well as allowing you to add your own lists.

As Epic's defaults are quite stringent it does come with an interesting addition we haven't seen in the other browsers: the ability to toggle various features right from the toolbar with the umbrella 'Unified Button'. This includes allowing plugins, encrypted data, ad networks and trackers, and adblocking, making it easy to get a site working as intended if Epic's protection turns out to be overbearing.

Finally, Epic defaults to using its own privacy-orientated search engine, epicsearch.in. Like similar search engines (see Secure Search), it proxies your searches to hide personally-identifiable information like your IP and uses HTTPS to encrypt all communication.

Sporting its own proxy service and ad-blocker, Epic aims to secure you from privacy breaches.
Sporting its own proxy service and ad-blocker, Epic aims to secure you from privacy breaches.

Page Break

Comodo Dragon

It's certainly good strategy for a company that makes firewall, anti-malware and internet security suites to have its own browser. But it's more than just a marketing tool, providing a highly customised version of Chromium with its own visual theme, improved security settings, and a collection of default extensions from Comodo itself.

Among the settings is the integration of what Comodo calls Secure DNS -- using its own network of DNS servers, Comodo claims it can improve security by detecting and blocking known malicious websites, reduce exposure to DNS Cache Provisioning attacks, and increase page load performance through DNS over its worldwide network. During installation, the user can elect to use Secure DNS system-wide for all applications, or just the Comodo Dragon browser. It's certainly a nice touch, though in a business environment some of these concerns should already be mitigated by other software.

Interestingly, the Do Not Track and disabling HTTP referrer tracking are not enabled by default, which is probably no surprise as Dragon appears to have an arrangement with Yahoo!, sporting it as default homepage and search engine.

The bundled extensions include the Web Inspector, which opens a new tab and analyses a webpage for malicious activity by testing for a wide range of exploits that cover everything from drive-by downloads and trojans through to phishing and suspicious code; and PrivDog, which works much like Disconnect to analyse a webpage and strip out or block known ad networks, trackers, third-party cookies, and analytics. It's worth noting, however, that the default configuration still allows 'Trusted ads' ads from AdTrustMedia, but can PrivDog can be configured to block all ad networks.

Two other extensions are included which allow you to easily share web pages via social networks with its Comodo Share Page Service, and easily download and save locally streaming media from sites like YouTube with one click using the Comodo Media Download. It also sports a plugin that allows you to drag-and-drop text either directly to share on social media, or to lookup using search engines or Wikipedia.

While Chrome and Chromium are cross-platform, Comodo Dragon is only available for Windows, and comes in an optional portable version to save data to its own directory instead of system-wide.
If you replace the default Yahoo! search engine with one of the more secure options we cover below, it's all round not a bad browser that comes with some nice additions in the security and privacy space.

Comodo’s Dragon is a polished Chrome alternative with all the bells and whistles.
Comodo’s Dragon is a polished Chrome alternative with all the bells and whistles.

Page Break

Comodo IceDragon

Yep, Comodo is definitely savvy on this one -- in order to appeal to the widest audience and include those who might not like Chrome as a browser, Comodo has also applied its security expertise to Firefox to produce IceDragon. It's good to see as the source code to Firefox is available just the same as Chromium, yet it's the only Firefox-based security spin we've seen here.

Firefox already has decent security and privacy features including blocking known malicious websites, but Comodo aims to improve on this by making small tweaks like removing Firefox's health reporting and again including its Comodo Secure DNS functionality, as well as a feature called Virtual Browsing that sandboxes IceDragon into its own environment -- which is about as secure as you can get to prevent any breaches into a local machine. However this does require the use of Comodo's Internet Security suite to be active on the same computer.

Do Not Track is again not enabled by default, and the drag and drop functionality for text sharing and searching is also included.

Still, kudos have to be given for not just compiling the default source with just a few options toggled. Just like Dragon, IceDragon has its own visual theme, and the integration of its own update system in addition to the tweaks to privacy and the extra functionality of Virtual Browsing and Secure DNS see it as a good alternative for lovers of Firefox who also don't mind trusting Comodo as a security brand.

The Firefox equivalent of Dragon sports a ‘virtual browser’ mode unique to this edition.
The Firefox equivalent of Dragon sports a ‘virtual browser’ mode unique to this edition.
Secure plugins

Beyond Disconnect , bundled with Aviator, and Privdog with Comodo Dragon, there are a few other plugins you can add to your current browser to improve security and privacy, or see just how much information your browser leaks when you do nothing more than read the morning news.

These include the EFF (Electronic Frontier Foundation) developed Privacy Badger that prevents third-party trackers and ad networks from learning about you; Ghostery (www.ghostery.com) which mixes tracking blocking with a click-to-play option for sources like media let you selectively participate; Lightbeam (Firefox only) which impressively demonstrates all the links to tracking sites that visiting a webpage generates, and allows you to block them; and Web Of Trust which leverages crowdsourcing to verify the security of websites to help users avoid known malware, scam and phishing sites.
---------------

Secure search
Searching, as Google has shown us, is big business. And as a search engine rises and falls on the relevancy of its results, so too its business model is usually reliant on the accuracy of tracking and recording user-searches to more accurately target advertising and sponsored links.

The selection of search engines that, by one means or another, are more 'secure' with little or no tracking features is less diverse than our selection of browsers. Still, there are a few out there that put users first, some of which still use advertising to make revenue -- just doing so without user tracking.

Page Break

DuckDuckGo

Memorable name, quirky logo, DuckDuckGo made its claim to fame by being one of the first engines that doesn't store or pass on user-identifiable information. Although partially still advertising supported, user-profiling is not involved. Search results draw from a variety of sources including Yahoo!, Bing, Yandex and WoflramAlpha as well as other sources like Wikipedia.

Core to its claim DuckDuckGo does not pass on personally identifiable information when collating results, nor passes on your search terms to a link you click on via the HTTP referrer header as most search engines do. Beyond not tracking, DuckDuckGo emphasises another advantage this provides over competition like Google: by effectively being anonymous when you search, your results aren't a result of a 'filter bubble' that supposedly represents your interests due to information collected about you.

Instead, the full scope of possible results are returned, making it more useful to find the information you actually need that user-profiling would otherwise think you don't.

There are a few other features that make DuckDuckGo interesting -- by default if will attempt HTTPS connections for any site that supports it, and rather than save your settings for the site in cookies on your browser, you can save them anonymously in DuckDuckGo's Cloud Save feature to allow you to use them from a variety of computers, or to setup a variety of settings, via saving them with a passphrase that generates a SHA-2 key. To change DuckDuckGo settings click on 'Learn More' at the bottom, then About and Tweak Settings.

One of the more popular secure search alternatives.
One of the more popular secure search alternatives.

Page Break

Metager

Metager is a German search engine that recently added an English translation. Like DuckDuckGo, it passes on search requests to a range of search engines and collates the data before presenting. Also as with DuckDuckGo a range of measures are taken to ensure a user's privacy.

These include not storing your IP address, cookies, or any user-tracking data; only allowing connections via HTTPS; and an optional search via a TOR-hidden service (The Onion Router network), though this requires you to be using the TOR browser first.

Metager also notes its servers are located only in Germany, where data protection laws are some of the strictest in the world, and that the service itself is funded by the non-profit organisation SUMA-EV, the Association for Free Access to Knowledge, and the Leibniz University of Hannover. Which is to say, it is not beholden to corporate or government (particular in light of US data gather programs) interests.

Currently the English version still presents some functions in German (such as its anonymised links) and it appears more cluttered than DuckDuckGo, but as with all search it's always good to have options and see what other engines return for any given search term, so give it a go and see.

Only text searching, but optionally supports TOR.
Only text searching, but optionally supports TOR.

Page Break

ixquick

Claiming to be the world's most private search engine, ixquick offers the same sort of features as DuckDuckGo and Metager, including not storing any personally-identifiable information like IP address or cookies, using HTTPS for communication, and the use of a proxy to anonymise the user when links are clicked on. It also collates results from a range of search engines contacted anonymously to return results.

Similar to Metager, ixquick also claims increased security through operating outside of the US (in this case, the Netherlands) and thereby not at threat by data collection programs and laws like those in the States. And, similar to DuckDuckGo's Cloud Save, your particular settings for the search engine can optionally be stored through a customised URL (meaning you can bookmark it or cut and paste that in a new browser to restore your settings), which itself can be obfuscated to hide the type of settings you prefer.

Unlike Metager ixquick provides text, video and image search as well as, interestingly, a phone directory search, though we couldn't get it return any useful information for Australia.

Fully-featured search without the user tracking.
Fully-featured search without the user tracking.
 

This article is brought to you by Enex TestLab, content directors for CSO Australia