Security
-
could you please look at this as defualts could use some tweaking... https://www.youtube.com/watch?v=gW7Z3cJKOMI
-
@dang1021 Using too much of these security tips by default will surely increase the privacy but it will also break the user experience for most users (~90%). People which really need/want to use these settings (~10%) know where is need to go.
-
Well sending a person real ip number by default is n't good as well as third party cokie should defualt to off! Here some tool to check this stuff im talking about .... https://badssl.com You could deault to privacy on install ask how much privacy you want general user medium or hard core! I would like to see as good as brave or better. Some ppl want the all on setting so ask when u install .....
-
@dang1021 , they send only a trunced IP which only define the country, not the user, apart it's a trunced public IP, which anyway don't show the exact site.
This data only shows the amount of the users Vivaldi has, apart of other pure statistic/tecnically values. Non of these are privacy relevant, it's similar to the city hall employee who counts the cars passing on a road to determine the density of traffic on it. This also does not affect the privacy of drivers., there isn't any personal data used..
Depending on the configurations you use, Vivaldi is very secure, as well as Firefox, perhaps it can improve in the fingerprint section, where Firefox is somewhat better, but this can be replaced with Trace or Privacy Badger.
Mine in the test also says that I have a unique Fingerprint, but this is different each time, thanks to Trace, which randomizes it, as well as other data.
Blocking or spoofing the Fingerprint is not the best solution, as this can still identify you. Also in Browserleaks it shows clear results, but they are don't coincide con the real ones..Vivaldi is not very private by default, but this is up to the user himself, who can make it as private and secure as he needs, depending on the settings he uses.
The ad and trackerblocker is good enough and also allows you to add the filters you want, by default they are the same ones used by uBO, the only difference to the extension is that it currently lacks an entry in the context menu to block certain elements and in an advanced mode that has the extension, things that are rarely used anyway.
By default it uses Bing as the search engine, right, but this is also irrelevant, since you can perfectly remove the search engines you don't want and add others, simply from the context menu on the page of the search engine you want, or add it manually to the list.
The OpenSource issue is also relative, since only 5% of the script respect to the UI is copyrighted, this part that makes Vivaldi so different from other browsers, but this part is fully auditable and also modifiable by the user.
Security settings and measures always require a balance between what is reasonable and maximum privacy, but what prevents you from being able to use some web pages that stop working with these settings.
-
Adding: I made the test on badssl with Vivaldi and also with Firefox, the result in both is the same
-
@Catweazle said in Security:
@dang1021 , they send only a trunced IP which only define the country, not the user, apart it's a trunced public IP, which anyway don't show the exact site.
This data only shows the amount of the users Vivaldi has, apart of other pure statistic/tecnically values. Non of these are privacy relevant, it's similar to the city hall employee who counts the cars passing on a road to determine the density of traffic on it. This also does not affect the privacy of drivers., there isn't any personal data used..
Depending on the configurations you use, Vivaldi is very secure, as well as Firefox, perhaps it can improve in the fingerprint section, where Firefox is somewhat better, but this can be replaced with Trace or Privacy Badger.
Mine in the test also says that I have a unique Fingerprint, but this is different each time, thanks to Trace, which randomizes it, as well as other data.
Blocking or spoofing the Fingerprint is not the best solution, as this can still identify you. Also in Browserleaks it shows clear results, but they are don't coincide con the real ones..
Vivaldi is not very private by default, but this is up to the user himself, who can make it as private and secure as he needs, depending on the settings he uses.
The ad and trackerblocker is good enough and also allows you to add the filters you want, by default they are the same ones used by uBO, the only difference to the extension is that it currently lacks an entry in the context menu to block certain elements and in an advanced mode that has the extension, things that are rarely used anyway.
By default it uses Bing as the search engine, right, but this is also irrelevant, since you can perfectly remove the search engines you don't want and add others, simply from the context menu on the page of the search engine you want, or add it manually to the list.
The OpenSource issue is also relative, since only 5% of the script respect to the UI is copyrighted, this part that makes Vivaldi so different from other browsers, but this part is fully auditable and also modifiable by the user.
Security settings and measures always require a balance between what is reasonable and maximum privacy, but what prevents you from being able to use some web pages that stop working with these settings.most of what you say here wouldn't be for a novice that did know that the barn door is open to even shut it. This is why in one of my posts I said to ask these questions on installation are you a novice or a superuser and set Vivaldi up the way they pick? This still makes it hard as most novices would need it to default to default to no third-party cookies. I think ppl should go to the tests site I posted to see what's up then vote on them! Here is another one https://browseraudit.com/test has! critical
I want this to be the best every browser and it is close as I have tryed them all. as for as using addons I have almost all the best blocker but why should I have to add thing to make it safe Security should away be first I am running the beta so not should what has already been fix so far. here one https should always be on! i think it defaults to off? I'm old and going blind it is hard for me to read the long message! I will try.I like testing things not real good at typing long messages. Maybe we can work on this a little at a time the 1 critical
-
-
@Catweazle I used the beta to test with.
-
The "Critical" happens on all Chromium, Edge and Vivaldi browsers.
@dang1021 If you think this is a bug in Chrome/Chromium, report at https://bugs.chromium.org/p/chromium/issues/list ; after Chromium devs fixed that, Vivaldi will get the fix.
-
Not a bug in Chromium, it's a BrowserAudit bug, which confused the test.
Explained in GitHubSo turns out this is a test bug. Chromium automatically upgrades the request to HTTPS, which causes the cookie to be sent (bc its now HTTPS) which confuses the test (which doesn't expect the upgrade and so doesn't expect the cookie). Firefox seems to not upgrade the request, which is what causes the test to be green for them.
https://github.com/brave/brave-browser/issues/14149
PS. I passed the test with 16 warnings, Brave with 22, the question was from a Brave user.
-
@Catweazle said in Security:
it's a BrowserAudit bug
Bad! That's why users should not trust such tests if they are not able to check code.
-
@DoctorG , BrowserAudit isn't a bad test, but in these tests I always look in the test details, looking where is the issue and see also in the web how to fix or avoid it in the browser (settings, flags, extensions). In this way I found the answer in GitHub.
Even so, the saying that Brave is more secure than Vivaldi is busted
-
-
Safari got the best score by far. The Mozilla-derived browsers got fewer warnings than the chromium browsers. That test site does not seem to like blocked cookies.
-
It should be noted that Browser Audit hasn't been updated in 7 years, as of the time of this writing. The last commit on GitHub appears to be from October 03, 2015.
Auto-upgraded requests weren't taken into account when the Referrer and Cookie scenarios were constructed. As a result, the results from those sections may be unreliable. Browser Audit has 2 open issues at this time—both of which are from the Brave team in 2021.
Unfortunately, it looks like the project is no longer maintained.
-
@bravesampson , you can try also this one
https://www.deviceinfo.me