Sunday, May 04, 2008

Web Browsing Bits and Pieces

Broken then Fixed

Did anyone but me notice that this week's round Firefox 3.0 (Minefield) nightlies broke the "drag-n-drop" feature of bookmarking in this build?


Did on both my XP Home, XP Pro, and Vista systems.

Bookmarking worked, but I could no longer drag links from within a page, or as a "tab" onto my bookmark sidebar.

This Friday/Saturday's Minefield nightly update finally restored that ability.


More Firefox Add-On Goodies for the Safe and Secure

Firefox View Dependencies - Nice summary by gHacks blog about another tool to view and explore all the elements that get loaded off a page in Firefox.  This is a very valuable tool when you are doing research on a web-page. Particularly if you are hunting down sources of malware.  For more details check out the View Dependencies Add-on page.  Related: the Firebug Add-on.

Keeping Safe on the Web: 8 Firefox Addons for Privacy and Security - MakeUseOf blog provides a list of additional Firefox Add-ons for the security minded: NoScript, Foxy Proxy, Password Hasher, SafeCache, SafeHistory, CS Lite, and WebOfTrust (WOT). I've used some, knew about a few, and learned about some new ones.  MakeUseOf's post provides a brief summary of each one.

Of course, if you are really looking for the "Cat's Meow" of Firefox security and auditing Add-ons, you MUST go consult Security Database's FireCAT list.  This is a collection of the creme-de-la-creme of Firefox security auditing Add-on's.

Turning Firefox to an Ethical Hacking Platform - Intro post.

FireCAT (Firefox Catalog of Auditing exTensions) version 1.3 released - Newest items.

There is even a new FireCAT website: FireCAT - Firefox Catalog of Auditing exTensions

I was humbled to find myself still listed as a "Main contributor" on the site for submitting a few of my favorite Firefox Add-ons in this category to them, of which some were accepted.  Since then I've collected a few more that I need to submit to them soon.

Sing it Opera Style

In all the excitement over Apple's Safari tripling it's web-presence, and the ongoing march of Firefox, sadly, little-old Opera remains a blip to most web-users.

Current version is 9.27.

I really like the Opera web browser. There was a period when it was my browser of choice after Netscape became little better than bloatware and before it was respun as Mozilla/Firefox.

It remains very fast, has a fresh and very clean interface. And supports "modules" that can be added on to extend the browser's functions.

In fact, I use Opera Mini as my mobile web browser of choice on my BlackBerry unit.  I've not yet loaded on the new Opera Mini 4.1 beta but it looks ripe for testing soon by me.

In the post Hands on: Opera 9.5 beta 2 improves speed, adds features recently by Ars Technica, they walked away very impressed.

I generally stay away from "full-installs" whenever possible, and so far, haven't messed with trying to build a portable version of this newest beta release to test.

I do have and use Opera@USB build so I can keep a version of Opera handy on my systems and on my USB sticks. Lots to like here.

On the Web "Anonymously"

I've always kept at least one portable web-browser build handy that would allow me to surf the web "anonymously."  I use these to do recon-work on potentially malicious web-sites and to check web-links offered in the comments here to make sure they are legit and safe. I don't want any of my visitors getting caught up in bad malware by following a comment link, if I can help it. Nor do I feel like offering up my direct IP address on these research runs.

(Oh yeah, I run all these in a Virtual PC session as well.)

In the past I have used and recommended the xB Browser (XeroBank, formerly known as TorPark).  I still use this one as it is Firefox-based, but the connection times to establish the TOR network are horribly slow. They do offer a faster version for $. Also, they don't seem to update their Firefox core to the latest releases very fast, which provides some security concerns to me, especially since I am already using it to browse to potentially malicious sites.

There is also DemocraKey which is another anonymizing Firefox browser build.  The site hasn't been updated with new info since Feb 2007, and I don't think the Firefox core version has as well.

You can update them yourself from within the programs (I did so to bring my XB Browser build up to Firefox, but there's no guarantee that this might un-tweak one of the features that provides some of the anonymizing power.

Yes, the Internet Explorer wrapper Browzar (beta) is still kicking around. Now at version 1.5. I walked away from it skeptically in my previous examination on Grand Stream Dreams. Maybe this new version is a bit better.  I can't say.

What this is all leading to is the new (and USB portable!) OperaTor.  I REALLY like this one.  I have found it to be VERY fast at page loading.  Much more so than xB Browser.  Opera is quite fast and beautiful and I don't at all feel out of place in its GUI, even though it isn't Firefox.  That's something I still haven't gotten fully comfortable just yet with in Internet Explorer 7/8.

OperaTor does offer several version, which might be a bit confusing to some. There are Polipo and Privoxy versions.  According to the website, "...The advantage is that Polipo allows Tor to anonymize HTTPS pages and runs in a more transparent way."

Another nice thing is that OpraTor folks clearly try to inform users about the "relative anonymity" these services and tools provide: So I'm totally anonymous if I use Tor? as well as the following statement on their home page:


The only protocols which OperaTor anonymizes are HTTP (Privoxy and Polipo versions) and HTTPS (Polipo version only), thus if you want to stay anonymous you should avoid using other Opera features (e.g. Java, JavaScript, Bittorrent, integrated e-mail and IRC clients).

OperaTor comes with absolutely no warranty. It is the user's responsibility to test whether the connection is secure. Users should keep in mind that OperaTor relies on Tor (The Onion Router) and Privoxy and any security questions should be directed to their developers.

Like I said, I was really, really impressed with the OperaTor build I'm using.

So there you go.  The rest is up to you.


No comments: