Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: The most SECURE browser?

27 May 2014   #131
Aviatorguy

Windows Home Premium 7 64 bit
 
 

Hi I finally got around to joining this. I'm the guy with WhiteHat who answered the emails mentioned above. I'm not a developer or in a really technical capacity here, so I won't be able to answer more in-depth questions, but I can and will forward them to our development team in an attempt to make what Aviator does/is more apparent to everyone. Hopefully this all falls within the forum rules regarding advertising or product boosting...

To Username Issues: I finally responded to your email. I apologize for taking such an obscenely long time to do it, I saw it, sent the suggestion to development, and then just blatantly forgot to send an acknowledgement to you. Rookie mistake on my part, and once again I am really sorry for the inconvenience.

Regarding the person who's cookie settings won't stick (Callender in Post 120), this seems to be an issue that just came out the last update or two. I know development's working on this, but I don't know exactly what they've got done. This seems to be a result of us moving Settings to be opened in a Protected window, when before it was Not Protected. This is a shot in the dark, but if you open Settings in a Not Protected window (ctrl+shift+u, then settings as normal) you might be able to get the settings to "stick". I can't stress the shot-in-the-darkiness (shot-in-the-darkiosity? Well, whatever the word for being characteristic of being a shot in the dark is) improbability of this suggestion enough, but it is possible it works.

To other posts, we're kind of stretched thin for a lot of things, what with being a new browser and all, so things like consistent browser window size are known but aren't prioritized for repair when we have more pressing functionality issues to focus on. Eventually we'll get that fixed as the long term success of Aviator depends on it being a browser that doesn't frustrate you every time you open it. Regarding Panopticlick, we're pretty identifiable, that's a side effect of being a new browser, though we're looking into ways to improve this in the future. Browser fingerprinting may not be too big a deal now when compared to cookies for tracking, but in the future we do want to be ready for it.

This is a pretty big thread already, so I can't hope to say everything here to answer all the still open questions, so I'll limit my response to the above. If you have any questions post them here or email me at the support website and I'll either answer or get someone more qualified to answer.

Finally, on a more selfish note, it's been pointed out rightfully that Aviator's a newer browser, thus partially explaining the large amount of bugs or lack of polish. The solution to this to hear what people who use it dislike/notice/want. So don't be shy to let me know what is wrong with Aviator, what could be better and what you think should be done. We're a small team and it's hard to get that info on our own.

PS regarding the "Their style/hype of communicating things is worse than Chicken Little's and Steve Gibson's" comment... Yeah that seems about right. Hype must sell, I guess...


My System SpecsSystem Spec
.
27 May 2014   #132
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 
Chrome vs Aviator

Quote   Quote: Originally Posted by exitPr0gram View Post
Quote   Quote: Originally Posted by A Guy View Post
Perhaps they are trying to make the fingerprint less unique?

https://panopticlick.eff.org/

A Guy
Quote   Quote: Originally Posted by UsernameIssues View Post
Quote   Quote: Originally Posted by A Guy View Post
Perhaps they are trying to make the fingerprint less unique?

https://panopticlick.eff.org/

A Guy
Pale Moon warns me thusly...
Attachment 319437
...while Aviator happily takes me there without warning.
(I know/trust EEF - having followed their work for more than a decade via RISK digest.)

Unfortunately, Aviator fails EFF's test:
Attachment 319436

I performed the https://panopticlick.eff.org/ test on both my Chrome Browser and Aviator browser. I'm not sure how to determine which ones more secure:



That one is Chrome.


And this one is Aviator...

How am i to tell the difference? What's good what's bad, etc? Did Chrome do better than Aviator?



Well if you look at the "One in x browsers have this value" heading:

Aviator on your machine shows 1 in 197847 in your attachment

Chrome shows 1 in 11703

Basically - a low number is better.

So if you're visiting a website using Aviator only 1 in 197847 visitors to that site will have the same browser configuration as you - and if using Chrome 1 in 11703 visitors.

So it's all down to how many regular visitors a website has. On the figures shown Aviator makes you more identifiable as a repeat visitor to any particular site as it's a little used browser.

Amongst visitors using Chrome - you'd really need to know how many other visitors have the same browser configuration to get an idea of how identifiable you are using the browser fingerprinting method.

The aim is to identify repeat visits versus unique visits even if a user has changed their ip address and disabled cookies and any trackers.

It's not really much cause for concern but it's certainly possible to use a random user agent string for each site visit if you're paranoid!
My System SpecsSystem Spec
27 May 2014   #133
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 
Cookie settings

Quote   Quote: Originally Posted by Aviatorguy;2787389

Regarding the person who's cookie settings won't stick (Callender in [URL="http://www.sevenforums.com/browsers-mail/329876-most-secure-browser-12.html#post2786650"
Post 120[/URL]), this seems to be an issue that just came out the last update or two. I know development's working on this, but I don't know exactly what they've got done. This seems to be a result of us moving Settings to be opened in a Protected window, when before it was Not Protected. This is a shot in the dark, but if you open Settings in a Not Protected window (ctrl+shift+u, then settings as normal) you might be able to get the settings to "stick". ...
Thanks for your response. Actually cookie settings are not a huge concern to me. I actually use a browser add on to remove cookies:

https://addons.mozilla.org/en-US/fir...cting-cookies/

My observation was just based on how it might be a little confusing for the average user who would struggle to understand why the "recommended settings" could not be set.

Any suggestions? Well an easy to spot method of resetting all Aviator settings to default would be nice!
My System SpecsSystem Spec
.

27 May 2014   #134
Gary

Win 10 Pro 64
 
 

A browser is as secure as the person sitting at the keyboard is.
My System SpecsSystem Spec
27 May 2014   #135
UsernameIssues

W7 Pro SP1 64bit
 
 

Aviatorguy,
Welcome to the Seven Forums and thanks for joining.

Thanks for the e-mail reply. Rather than reply to that e-mail, I'll put a tiny bit of info below.

Here is a small snippet from your e-mail to me:
The integrity level is being discussed right now, as it does lead to complications in terms of which account can use Aviator

Sorry, either I was not clear or I'm not understanding the line that I've quoted above. I don't see how it has any impact on which account can use Aviator.

The installer runs as admin (high integrity level).
The installer launches the browser.
(which is also now running as admin*).
Does it have to be running as admin so that it can write some stuff somewhere just one time?

*That "parent" browser launches "children" that run at the untrusted level - so, perhaps that is secure enough. If there is no danger from running the "parent" process, then no changes need to be made. If there is a danger, then simply don't start the browser after the install. Let the user start it manually. If you really want to have the browser start after the install, then there are ways to have the installer launch the "parent" process at the medium integrity level.

Once the browser is closed, subsequent sessions are launched with the "parent" process at the medium integrity level (The "children" are still untrusted.)

My fear (perhaps unfounded) is that a user thinks that this is the most secure browser (per your hype) and immediately surfs to a black hat website**. Also, users can leave windows open for weeks.

**...because wanting to feel safe while surfing to a questionable website was the reason why some people install Aviator.
My System SpecsSystem Spec
27 May 2014   #136
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 
Feedback

Quote   Quote: Originally Posted by Aviatorguy View Post

Regarding the person who's cookie settings won't stick (Callender in Post 120), this seems to be an issue that just came out the last update or two. I know development's working on this, but I don't know exactly what they've got done. This seems to be a result of us moving Settings to be opened in a Protected window, when before it was Not Protected. This is a shot in the dark, but if you open Settings in a Not Protected window (ctrl+shift+u, then settings as normal) you might be able to get the settings to "stick". I can't stress the shot-in-the-darkiness (shot-in-the-darkiosity? Well, whatever the word for being characteristic of being a shot in the dark is) improbability of this suggestion enough, but it is possible it works.
The suggested method works! Thanks.
My System SpecsSystem Spec
27 May 2014   #137
Aviatorguy

Windows Home Premium 7 64 bit
 
 

That's great to hear Callender! Regarding your suggestion that is a feature we're putting in, either next update or the one after. It just doesn't exist on Aviator right now, and I really have no idea why it's taken this long as it's a simple button already in Chromium, but the moral of the story is we're on it!

And UsernameIssues, what you said:
Quote:
The installer runs as admin (high integrity level).
The installer launches the browser.
(which is also now running as admin*).
Does it have to be running as admin so that it can write some stuff somewhere just one time?
Is what I was trying to address but worded wrong. We've run into problems in the past with users who weren't admin, and thus couldn't install Aviator or had other problems. What I meant to say is that we're reevaluating the need of Aviator to use admin, or some variation of this to fix the problem. I don't know the exact reasoning for the way it is right now, but I do know that development's actively looking into a way to change it.

Also, your fear about a user blindly trusting Aviator due to the hype machine going on over here is very founded. I'm not in marketing, but I do know that they have to walk a line between "no hype so no-one cares" and "overhyped that people think it's something it's not". They also try to convince everyone that this product's needed. The website's wording is pretty strong in terms of what Aviator can do but I don't think it's so ridiculous as to imply it's bulletproof, just rather as the most practical and safe option available today ready-to-go, which is a) hopefully not misleading anyone into thinking they can surf with impunity and b) let's be honest, the bare minimum you can say about your product on your own website.

That all being said, I'm kinda extremely biased in favor of Aviator, so if you (or anyone else here) feel that Aviator's overhyped to the point of putting our users at risk let me know where I can get an example of this so I can bring this to the attention of people who can change this sort of thing. The last thing we need is to have people think our product does way more than in actuality, so I actually want to hear what you think about that!
My System SpecsSystem Spec
27 May 2014   #138
A Guy

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 

Welcome to Seven Forums Aviatorguy

A Guy
My System SpecsSystem Spec
28 May 2014   #139
exitPr0gram

Windows 7 Professional Version 6.1 Build 7601 SP1
 
 

Quote   Quote: Originally Posted by Aviatorguy View Post
Hi I finally got around to joining this. I'm the guy with WhiteHat who answered the emails mentioned above. I'm not a developer or in a really technical capacity here, so I won't be able to answer more in-depth questions, but I can and will forward them to our development team in an attempt to make what Aviator does/is more apparent to everyone. Hopefully this all falls within the forum rules regarding advertising or product boosting...
Thank you for joining the forum as requested and WELCOME!

All contribution are welcome.

Not sure if you would ever need advice but the members on sevenforums.com are very knowledgeable and helpful.

P. S.

I'm no MS expert but I help where I can. Hence all the emails you've received from me lol.
My System SpecsSystem Spec
28 May 2014   #140
A Guy

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 

If anyone wants to have a play

https://disconnect.me/search

A Guy
My System SpecsSystem Spec
Reply

 The most SECURE browser?




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
FireFox - mouse & browser& browser freezes in Facebook page
I have FF 17. The mouse is freezing in facebook & I find the only escape to release the browser is reboot. The same FB page works fine in internet explorer.
Browsers & Mail
Portable Browser :- How to be my Default Browser and/or use a URL Link
My desktop URL link is unable to access the Web based Admin console of my Netgear Router, and various application "F1 / Help" buttons no longer give help when they need internet resources. Previously I started with a conventional installed Firefox Browser, but after erratic premature update...
Software
How Secure is your Browser ?
More...
Browsers & Mail
The Secure Browser
A sandboxed version of Firefox 3.6, from Dell of all people Secure Browser Anyone tried it yet? A Guy
Browsers & Mail


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 23:29.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App