Gizmos Freeware Reviews  

Go Back   Gizmo's Freeware Forum > Debating Chamber > Internet, Web Apps and Networking

Reply
 
Thread Tools Display Modes
Old 27. Jul 2010, 04:01 PM   #1 (permalink)
Super Moderator
 
Anupam's Avatar
 
Join Date: Jul 2008
Location: India
Posts: 15,296
Default Some sites to test browser security

Came across this article today on MakeUseOf, which list some sites where you can test your browser for security. Two of these are PCFlank and ShieldsUP which are more useful for firewalls. Other known site is Firefox Plugin Test, which now tests other browsers besides Firefox too.

All in all, a good list.

http://www.makeuseof.com/tag/7-brows...ploit-attacks/
__________________
Anupam
Anupam is offline   Reply With Quote
Old 27. Jul 2010, 04:28 PM   #2 (permalink)
Super Moderator
 
Anupam's Avatar
 
Join Date: Jul 2008
Location: India
Posts: 15,296
Default

Its a good list of sites.

I took the ScanIt test, which tries to crash your browser with vulnerabilities. I am using the latest Firefox 3.6.8, and it passed all tests .

Have not taken Qualsys Browser Test yet, as it requires a plugin to be installed on the browser.

BrowserScope is a good one too. Its more of a browser comparison rather than a security test, but its still interesting. In terms of security, Firefox here got 7/13 , whereas Chrome has the highest score of 12/13.

I took the Panopticlick test, but could not quite understand the result. Will have to read its help file.

Interesting tests. I think the most useful is ScanIt.
__________________
Anupam
Anupam is offline   Reply With Quote
Old 27. Jul 2010, 07:15 PM   #3 (permalink)
Senior Member
 
Join Date: Nov 2009
Posts: 445
Default

Hi,

Indeed, good list of sites for browser testing - I didn't know of Qualys Browser Check, but if it requires a plugin installation I won't try it out.
The tests on Browserscope won't run if Javascript is disabled.

My favorite is also ScanIt which I run every time Firefox updates.

Panopticlick is a privacy risk test .The more rare your browser configuration is, based on the info it transmits while you surf, the more uniquely identifiable you are on the Internet.
This is a rather weak side of Firefox as it tends to reveal a lot of info.
For example, if you open Help>About, the info in the User Agent string you see, is always transmitted, including your OS, the languages of your browser, even the exact release date of the major version you're using.
If you mess with that info in about:config, updates for Firefox itself, add-ons, themes and plugins won't work properly.
__________________
26Dolphins
26Dolphins is offline   Reply With Quote
Old 28. Jul 2010, 10:04 AM   #4 (permalink)
Super Moderator
 
Anupam's Avatar
 
Join Date: Jul 2008
Location: India
Posts: 15,296
Default

Thanks for the information.

I think the User Agent String is transmitted by all browsers?

Which information do the other browser transmit, or don't transmit, that Firefox does?
__________________
Anupam
Anupam is offline   Reply With Quote
Old 28. Jul 2010, 04:15 PM   #5 (permalink)
Senior Member
 
Join Date: Nov 2009
Posts: 445
Default

Hi Anupam,
Quote:
Which information do the other browser transmit, or don't transmit, that Firefox does?
I can't answer with specific data, as it depends on how & with what data the User Agent String of its browser is constructed. If I'm not mistaken it's engine dependant though.
I'd have to do some research and I don't really have the time for this at the moment. If it doesn't fall to oblivion, I'll look more into it at a more convinient time, ok?
__________________
26Dolphins
26Dolphins is offline   Reply With Quote
Old 28. Jul 2010, 05:12 PM   #6 (permalink)
Super Moderator
 
Anupam's Avatar
 
Join Date: Jul 2008
Location: India
Posts: 15,296
Default

That's OK 26Dolphins ... I thought you would know the answer, so you can tell. Its not a big problem. I will try to find out some myself, when I have time too .
__________________
Anupam
Anupam is offline   Reply With Quote
Old 28. Jul 2010, 08:41 PM   #7 (permalink)
Site Manager
 
MidnightCowboy's Avatar
 
Join Date: Aug 2008
Location: South American Banana Republic, third bunch from the left
Posts: 15,219
Default

I tried all 18 tests with IE8 and it passed in both open and sandboxed modes. I received one alert from MSE and several for permission to run addons from WinPatrol in open mode, but when using Sandboxie I only received the alert from MSE. So, it seems that both Sandboxie and WinPatrol are doing their jobs correctly.
Attachment 643
__________________
Buy a Hoover and prove technology sucks.

Last edited by MidnightCowboy; 05. Oct 2010 at 10:24 PM.
MidnightCowboy is offline   Reply With Quote
Old 31. Jul 2010, 08:55 AM   #8 (permalink)
Senior Member
 
Concerned User's Avatar
 
Join Date: Apr 2010
Location: இந்தியா, सिन्धु, India
Posts: 486
Default

I got a "83/100" in the browserscope test maybe due to addons like noscript, cslite and no referrer (firefox)?

Last edited by Concerned User; 31. Jul 2010 at 09:02 AM.
Concerned User is offline   Reply With Quote
Old 31. Jul 2010, 02:54 PM   #9 (permalink)
Senior Member
 
Join Date: Nov 2009
Posts: 445
Default

Hi,
@Concerned User
How did you manage to run browserscope with Firefox with these add-ons and get a score?

I get to the page with the stethoscope and it stays there for ever. If I enable scripts for browserscope.org, a few more sites come up which need to run scripts as well as cross-site requests to them which are blocked by Request Policy and NoScript (default setting).
So, maybe the test can't run properly and finish?
__________________
26Dolphins
26Dolphins is offline   Reply With Quote
Old 31. Jul 2010, 05:52 PM   #10 (permalink)
Senior Member
 
Concerned User's Avatar
 
Join Date: Apr 2010
Location: இந்தியா, सिन्धु, India
Posts: 486
Default

Quote:
Originally Posted by 26Dolphins View Post
Hi,
@Concerned User
How did you manage to run browserscope with Firefox with these add-ons and get a score?

I get to the page with the stethoscope and it stays there for ever. If I enable scripts for browserscope.org, a few more sites come up which need to run scripts as well as cross-site requests to them which are blocked by Request Policy and NoScript (default setting).
So, maybe the test can't run properly and finish?
Yes I also got to the stethoscope...I allowed cookies from the site and also allowed scripts. It worked.
Concerned User is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT +1. The time now is 10:32 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2020, vBulletin Solutions, Inc.