Browser security
Posted by: T-Rhex
Date: April 09, 2013 02:39PM

Hello, I've been using K-Meleon for years now, but this is my first post here. I'm currently using K-Meleon 1.6.0b2 -- very nice browser and I try to use it for everything. I have Block Flash, Block Ads, and Block Pop-ups set in km's Tools > Privacy menu; I don't have any addons like NoScript etc.

I've been wondering for some time now how secure this browser is against threats, vulnerabilities, and hijacks that keep coming up in the media with respect to IE, Chrome, Firefox, etc. Am I surfing with a false sense of security by using an older browser?

Thanks all.
tr

Re: Browser security
Posted by: rodocop
Date: April 09, 2013 02:46PM

You can meet my opinion in that thread.

Being short, we are in comparatively secure position but not in 100% safety.

Re: Browser security
Posted by: JohnHell
Date: April 10, 2013 11:20PM

Nowadays, even the age, and beyond the lack of render issues, there are only two flaws, not only in K-meleon but on every browser:

1.- javascript/ajax/crosscripting
2.- the 4th point of the linked page by rodocop: plugins and to be precise, Flash Player.

If you browse blocking javascript and flash content for not trusted pages, you are in a 90% safe.

The other 10% could be browser core lack of update in a way of a flaw for non-common exploitable bugs (buffer overflows) that could remain for an un-updated software.

Re: Browser security
Posted by: kingsparrow
Date: April 11, 2013 01:42AM

http://home.dbdbdugbug.operaunite.com/Projects/content/KMFILES/Download-K-Meleon-db.html?session-redirect=noCookie

+noscript and security settings. Sometimes the site is close, it does not remain open so try and try...............

Re: Browser security
Posted by: kingsparrow
Date: April 11, 2013 01:47AM

http://home.dbdbdugbug.operaunite.com/Projects/content/KMFILES/Download-K-Meleon-db.html

Re: Browser security
Posted by: T-Rhex
Date: April 12, 2013 02:01PM

Thanks very much! Good link, rodocop, that's exactly the overview I was looking for (but didn't find while searching ... guess I have to sharpen my hunting skills). I had thought that using a "not very popular browser" might be a little more secure than using the mainstream, so it was good to see someone else (rodocop) confirm that idea. But I wondered about k-meleon being based on old Mozilla code and knowing that Mozilla always had holes.

I already had uninstalled Java from my system (since I don't really use it), and have long ago replaced Acrobat reader with PDF-XChange Viewer. Flash and Javascript I have to live with, and years ago I had tried noscript but found it got annoying. Perhaps I have to look at it again.

Thanks for that heads-up on the db builds -- I think I have some more reading to do about that.

tr

K-Meleon forum is powered by Phorum.