Does anyone use BrowserAudit.com?
-
I have been testing and comparing various popular browsers for security issues using BrowserAudit.com for quite some time now. Vivaldi has always been reasonably secure ... until the latest release.
BrowserAudit.com "tests passed" dropped from 380 to 376 and "warnings" rose from 4 to 8 in the latest version of the Vivaldi browser (... .40), without my changing a single setting. (This is using my personal settings, so your results may vary.)
Brave and Epic currently score higher than Vivaldi. Oh dear!
Firefox, WaterFox, Tor, and PaleMoon each report FIVE critical issues, for those who may be the slightest bit interested in the worst of the worst.I am hoping that Vivaldi code crunchers will figure out how to improve these security tests in upcoming releases.
-
@Dscott -- I should mention that Opera can be reconfigured to achieve 378 tests passed and only 6 warnings, if you don't mind their "leaky" VPN and disturbing Privacy Policy.
-
As you say, results do indeed vary: I just ran the test and got 380 passed, 4 warnings, 0 critical, and 20 skipped. This is the first time I ran it though so I can't compare to previous releases. Maybe someone knows which settings to look out for?
Vivaldi 2.5.1525.40 (Stable channel) (64-bit)
Revision 5309247574c10e1673d1207a16506a253f2ba8dc
OS Windows 10 OS Build 17134.48
JavaScript V8 7.4.288.26
Flash (Disabled) -
Hi, I got following results on:
Opensuse Tumbleweed x86_64
CPU i7-3520M 8 GB
GPU Intel HD4000
xf86-video-intel 2.99.917-6.1
KDE Plasma 5.54.5.11
Vivaldi 2.5.1525.37 (Official Build) snapshot (64-bit)Passed
361
Warning
23
Critical
0
Skipped
20With clean profile and no extensions, by the way test run much faster with this profile:
Passed
380
Warning
4
Critical
0
Skipped
20Interesting, mib
-
I still find it hard to believe that Vivaldi coders have not bothered to make suitable adjustments to the areas tested by BrowserAudit so that they can create as clean a report as that of the Cents browser which scores an amazing 399 tests passed, 5 warnings, 0 critical, and 0 skipped.
Stock Chromium currently scores 381 passed, 4 warnings, 0 critical, and 20 skipped, and MS Edge scores 355 passed, 15 warnings, 0 critical, and 34 skipped, by the way.
I have an Excel spreadsheet with these and other BrowserAudit results for 15 popular browsers, and comments on 10 popular secure search engines -- for those who may be interested.
-
Tested on Vivaldi 2.5 (Chromium 74) and Chromium 76 and got the exact same result:
380 passed,
4 skipped, (2 tests could not check if they actually passed or not [timeout])
0 critical,
20 skipped (I don't have Flash installed, so those did not test)So, I guess if you install Flash Vivaldi, and Chromium, will pass 400 tests. Perhaps 402 if those 2 tests that timeout did finish.
-
I got:
Passed
358
Warning
25
Critical
1
Skipped
20
On vivaldi linux 3.6.2165.34.
and in Firefox Linux 85:
Passed
375
Warning
9
Critical
0
Skipped
20
So not much encouriging. -
-
I just did a 'whois' on browseraudit dot com
What I read does not give me great confidence in its results.
A hidden company, registered in Panama(?), with most info redacted. Its parent WhoisGuard even more so.
Better to use EFF's panopticlick.com (now https://coveryourtracks.eff.org/) in my opinion.
This result just checked: -
@greybeard A hidden shell company in the Bahamas you say.
interesting and not very surprising when you realise the project is running in a British University
https://beta.shodan.io/host/146.169.2.218As we should all be aware by now, Universities are not about education, but about money harvesting, and the modern way is with data and patents held by companies based in tax-havens.
Worth noting is the complete lack of any privacy statement on that site too.
Compare that to the trusted EFF source https://coveryourtracks.eff.org/privacy
Yeah I'd stay well clear of it indeed. Thanks for pointing that out GreybeardEDIT
Rated appropriately https://www.mywot.com/scorecard/browseraudit.com -
@Dr-Flay , what about this one? https://webbrowsertools.com/privacy-test/
-
Mixed feelings with that.
It has a clear privacy page explaining what the site does and what stuff you may end up with on your PC that you can clear if you want.The WHOIS shows a company based in Ankara, the Capital of Turkey.
However I can't work out if the address is bogus or I am not using it the correct way.Registrant Street: 51 aldag
Registrant City: Ankara
Registrant State/Province: Ankara
Registrant Postal Code: 01757
Registrant Country: TR
Registrant Phone: +90.5061255886
The "elephant in the room" however is the actual use of google adverts.
- AD SERVING
WebBrowserTools.com uses third-parties for pages that We host. These third-parties may place Cookies on Your computer, use web beacons, gather IP addresses, and log data to collect traffic and activity data in order to deliver relevant metrics, content, and advertising.
Then we get to the 2 conflicting statements about what they collect.
1). INFORMATION COLLECTED
We collect only one type of information, "Non-Personally Identifiable Information". We collect this information generally to improve Our Website and Your experience. We do NOT sell, trade, rent, or transfer this information to third parties.6). SUBPOENA POLICY
We will disclose Personally Identifiable Information, after subpoena or written request, to cooperate with a law enforcement investigation. We reserve the right to report to law enforcement agencies any activities that We in good faith believe to be unlawful.Apparently they don't collect anything personally identifiable, but can provide some when asked for it.
- AD SERVING
-
@Dr-Flay , all websites are obliged to reveal personal data of users, if there is a legal requirement by a judge. This is not a contradiction to point 1
-
@Catweazle OK then smarty-pants, just how does one give over personal info. if one does not collect or possess that personal info ?
Pull it out of a magic hat perhaps ?You mistake intent with ability.
If as they claim, (and I made sure it was in bold) they DO NOT collect personal info, how do they have that personal info they don't have, to give to anyone ?
Hence a direct contradiction with what they say they collect.Therefore we have to assume the first statement is false, and they do indeed collect personally identifiable info.
-
@Dr-Flay , logically, a page can only give the information it has through the data it takes from the IP, fingerprint and other, apart from the data that we provide ourselves, for example when we register somewhere.
Without going any further, in the event of a criminal investigation, a page can indicate to the authorities the ISP of a user and the ISP has all our personal data, every page we visit know the ISP we use (see Browserleaks).
This has nothing to do with the normal treatment of data collecting that makes a page or software, even Vivaldi must provide our data that it has about us to the authorities, if there is a court order. -
Of course ISPs and Vivaldi can indeed hand over personal info because they collect such a thing, and do not claim otherwise.
In the UK all major ISPs are required to abide by the snoopers charter and harvest at least 1 year of your traffic data.
That is nothing to do with a claim made by a 3rd party service which does not have access to that personal info.When a service claims it a) does not collect any personal data, but then says it b) will hand over your personal data if required, which of those 2 statements is true ?
They cannot both be true.After you leave the test site they have no need to keep your IP info or anything unique about your browser.
Keeping that info means their statement of not collecting personally identifiable info is false. -
@Dr-Flay, of course a page has all the data that cookies, fingerprint and others can provide
This forum knows what OS you are using, your IP, the country you live in and other things, apart from the data that you provide with your registration and publications.
But the question is not this to be considered private, but the treatment they give to this data, if they track your activities on the network, such as Google, FB, Amazon and others, who read your mail like Google, who sell this data to third parties , as do those mentioned and others
Nothing to do with the anonymized data and statistics that Vivaldi collects, this affects privacy as little as the town hall guy on the roadside counting the cars that pass by, this also does not affect the privacy of the drivers, regardless of how long the results are kept to compile the statistics. -