Besides clicking on links in malicious e-mails or opening dubious attachments, browsing to the wrong webpage is the second major way of getting your laptop, your account and your data compromised. One click on the wrong link, just one malicious URL, and your laptop gets infected, your password exposed, your data encrypted or stolen… Remembering to STOP – THINK – DON’T CLICK prior to opening a link is the conscious, responsible way to protect yourself. And a good choice of well-secured web browser can provide you with a second way of keeping your digital life in your own hands!
Indeed, think of your laptop – leaving aside your smartphone for a moment – as one of the digital centres of your life. If an attacker takes over your laptop (or smartphone), he or she owns your data; can use your embedded webcam to watch you (even at night!); can use the embedded microphone to listen to your conversations; can access all locally stored documents, photos and films; can spy on your keyboard and extract the passwords you type on it – and hence, write your Tweets, make your Facebook posts, buy stuff on Amazon and access your Internet banking. Frightening? Indeed it is (see our Bulletin article entitled “Protect your Family” for more on this).
The best way to protect your web access – your browsing of the World Wide Web – is to use a well-supported and up-to-date web browser like Chrome, Edge or Firefox. From the security perspective, Google’s implementation of Chrome clearly separates every individual website you access and thus follows best security practice. Mozilla’s Firefox Quantum has also started to employ a similar functionality, while Microsoft’s Edge browser does not (and never will). Especially if you have the default auto-update mechanism enabled, both Chrome and Firefox can be considered to be the most secure browsers currently on the market (as well as some variations of them like Brave). Firefox might well have a slight advantage thanks to a feature being added in the upcoming version 67: it will actively block the misuse of your laptop for unauthorised crypto-currency mining as well as stopping services that track your online activity.
So what about the privacy side? Both Chrome and Firefox come with a plethora of plugins making your browsing experience more secure (“HTTPS everywhere”) and more private (“Ghostery”, “uBlock Origin”, “DuckDuckGo Privacy”, “Privacy Badger”, “Privacy Possum”). You just need to install them via “chrome://extensions” or “about:addons” respectively. And, of course, permanently engaging the “Incognito” or “Privacy” mode makes your browsing more stealthy (but beware, not 100% stealthy; you would need to use, for example, TOR’s “Onion” browser for much better anonymity). However, the major difference between Chrome and Firefox is that the former is a closed-source product of one of the world’s biggest data aggregators and the latter is an open-source browser maintained centrally by a community foundation. Out of the box, Mozilla’s Firefox is a much more privacy-preserving alternative to Google’s Chrome browser. Google operates an extensive data-collection ecosystem in which its search engine and a vast array of other products and services are used to build a profile of a person’s interests by tracking users’ online activities. Red pill or blue pill. Take your pick. But choose wisely.
Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report. For further information, questions or help, check our website or contact us at Computer.Security@cern.ch.