To be honest unless your using the ESR version of Firefox the difference between Firefox and Chrome is not that large.
Links is likely to be much more secure but will lack some of the features needed to access facilities on some websites.
It's also a bit worrying the number of vulnerabilities for the Linux kernel.
It's all about degrees of danger, though. If someone compromises your Linux user account, they get no access to anything serious. They have to get root privilege. And even then... And if a discovered vulnerability in Linux turned out to be a truly end-of-the-world catastrophic exploit - the community would fix it in hours. They wouldn't wait to on some roll-out cycle of a closed source OS provider, who might even keep the information hidden until a fix is available, and who, even then, might only supply it to those users who can prove they've paid for their OS.
Originally Posted by Jonathan183
If you're utterly paranoid, all you need to do is have a separate user account for web browsing with locked down privileges, and set up your root filesystem using read-only mounts until you need to make changes. This'd be pretty close to IsaacKuo's suggestion of a 'dumb terminal' session, above. This is easy in Linux, but quite difficult in commercial operating systems.
Another interesting point is the count of 'LOW' risk issues against Microsoft's Windwos/IE products? Either they only fix the easy ones, or the only vulnerabilities they have a critically dangerous...
Chrome vs Firefox were fairly close. I use a separate user account for websurfing so the application issues are less of a concern unless they are capable of increasing rights to root.
Originally Posted by Roxoff
The kernel issues will apply irrespective of the application and separate user accounts won't help.
They both use different browser engines so that will play into security holes.
I thought I read somewhere that Chrome is going to move away from Webkit as its browser engine, but no idea if going to home grown or another???
Apparently a fork of webkit called Blink is now the engine behind Chromium: Blink - The Chromium Projects
Originally Posted by docbop
Opera is moving to Blink as well.
I have worked with a government agency for almost 10 years doing network management and monitoring. When we first installed Splunk (enterprise logging solution), we ran some reports looking at the user agents captured from our BlueCoat proxy logs. It was surprising the number of browsers that we discovered in use on a network that was supposed to have standardized desktops with restrictive policies. Chrome is allowed on that network by specific version numbers. We eventually applied a policy to our proxies to restrict browser usage and force people to at least upgrade to a more secure version or new browser altogether.