The most SECURE browser?

ASLR on a 32bit app is not as useful as it is on a 64bit app...
...hence the argument that a 64bit browser can be more secure
...or maybe I'm not understanding what I'm reading on the topic.


Maybe I should ask those at Aviator why I cannot have Windows shortcuts as bookmarks within the browser. I seem to be the only person in the world that wants this for all browsers.


Also, I worded my question wrong.
Which TLS version is in use by default?
should have been
Which TLS versions are enabled by default?
...but the e-mail answered that. Thanks

Maybe I'm wrong (it would not be the first time), but I don't think that Aviator should be launched after the install process. Doing so makes the main "parent process" run at the high integrity level (run as admin). It would be safer to lauch the browser at the medium integrity level - like a default Windows user does. This only happens after the install, so maybe it is not a big deal.


Take a look in this folder:
C:\Users\username\AppData\Local\Aviator\User Data\Default\Extensions
My understanding of Chrome extensions could be flawed - but it seems that there are 6 of them installed by default with Aviator and yet only one (Disconnect) shows in the GUI. How can you check to see that those other extensions are up to date?

Aviator version 2.0 is based on Chrome version 33.0.1750.117 (pushed to clients in late Feb 2014). There have been several security flaws fixed since that version of Chrome was released. The production version of Chrome is 35.0.1916.114 (pushed to clients this week). You can page thru the release history here. What does all of this mean in terms of Aviator's security? Do they mitigate the security flaws in other ways?

Callender said:

Here's a list that you could use:

UserAgentString.com - List of User Agent Strings

I didn't really answer your earlier question. I think that Aviator seems to have been designed to make things like "drive by downloads" when browsing less likely and they say that Java and Flash are click to play. As they pointed out adding a bunch of add ons like say a video downloader or similar won't help security. Personally I only ever install Java on a when needed to use basis then remove it.

If you need to browse in pretty much 100% safety then most people would still say use a Linux Live USB and don't transfer or download any files onto your windows partition when using it!

Yea... I use only Zenmate, Disconnect, and Adblock... Disconnect is already built in so thats good... and they said in the email that they have their own little adblock built in.

I agree with the Linux Live USB thing. SOOO easy to avoid infection if your lonely and feel like visiting a few sites

UsernameIssues said:

ASLR on a 32bit app is not as useful as it is on a 64bit app...
...hence the argument that a 64bit browser can be more secure
...or maybe I'm not understanding what I'm reading on the topic.


Maybe I should ask those at Aviator why I cannot have Windows shortcuts as bookmarks within the browser. I seem to be the only person in the world that wants this for all browsers.


Also, I worded my question wrong.
Which TLS version is in use by default?
should have been
Which TLS versions are enabled by default?
...but the e-mail answered that. Thanks

Maybe I'm wrong (it would not be the first time), but I don't think that Aviator should be launched after the install process. Doing so makes the main "parent process" run at the high integrity level (run as admin). It would be safer to lauch the browser at the medium integrity level - like a default Windows user does. This only happens after the install, so maybe it is not a big deal.


Take a look in this folder:
C:\Users\username\AppData\Local\Aviator\User Data\Default\Extensions
My understanding of Chrome extensions could be flawed - but it seems that there are 6 of them installed by default with Aviator and yet only one (Disconnect) shows in the GUI. How can you check to see that those other extensions are up to date?

Aviator version 2.0 is based on Chrome version 33.0.1750.117 (pushed to clients in late Feb 2014). There have been several security flaws fixed since that version of Chrome was released. The production version of Chrome is 35.0.1916.114 (pushed to clients this week). You can page thru the release history here. What does all of this mean in terms of Aviator's security? Do they mitigate the security flaws in other ways?

How to check to see if the extensions are up to date is a good question... As i stated to Callender in my included quotation Disconnect is in there as well as some type of Adblock thing. If you figure out what the other ones are (and their purpose) please post and let me know. I'm curious by nature... But I wonder if they only get updated when you update the browser itself, or if they can be updated by actually downloading the extension itself.

But whether it be Chrome, Firefox, or IE... All of them at one point in time have some kind of major security flaw. The thing is, which of them end up have the least security flaws overall and which is the most difficult for the black hats to take advantage of.

If you are actually being "Targeted" by someone with a decent amount of knowledge... i don't think it matters what browser your using. You will get hacked unless you have an equal amount of knowledge or more.

You can open the json (text) file in each extension folder to see what it is/does, but this is hardly practical for the average user.

This is what I see: