Kicksecure ™

Download

On Computer USB Installation Intel / AMD64 ARM64 Raspberry Pi PPC64 Windows (VM) Mac Linux (VM) VirtualBox (VM) Qubes (VM) KVM (VM) Debian morph to Kicksecure More options Source Code

About

Overview Features Why Open Source? Project Activities Contributors Mission & Vision

Docs

Documentation FAQ Troubleshooting

Community

Forums Forum Best Practices Contribute

Support

Self Support First Policy Search Engines, Docs and AI Support (Limited) Reporting Bugs Contact (Restricted)

Tools Upload file Special pages Recent changes Print Version Page meta What links here Related changes Page information

Page Read Edit History Move Protection Unwatch Watch Delete Purge

User Preferences Watchlist Contributions Logout Create account Login

Donate

Web Browsers Comparisons

Introduction[edit]

A browser is a program you use to access and view websites on the internet, like Chrome, Safari, or Firefox. It lets you search for information, watch videos, check email, and more by showing web pages.

Kicksecure Default Browser[edit]

• At time of writing: Firefox is installed by default inside Kicksecure.
• Future: For a future version of Kicksecure, it is planned to no longer install a browser by default inside Kicksecure.

No Default Browser[edit]

No browser exists at time of writing that can be wholeheartedly recommended for users of Kicksecure according to technical Criteria (security, privacy and user freedom).

These reasons are elaborated on the Kicksecure Default Browser - Development Considerations wiki page and will soon be summarized here.

Recommended Browser[edit]

None.

Issues with Browsers[edit]

Most mainstream browsers are considered spyware by many people. See also Firefox Selling User Data.

This issue cannot be solved by operating system vendors such as Kicksecure. For reasons why that is, see In-House Browser Development.

Browser Comparison[edit]

Browser Comparison - Introduction[edit]

Here is a list of commonly discussed browser within the security and privacy communities with their main disadvantages.

The browsers are listed in rough order of their market share and popularity.

Chrome[edit]

Advantages:

• Most popular and therefore presumably most compatible browser.

Disadvantages:

• Closed source, non-freedom software.
• concerns about user autonomy related to browser market dominance
• tracking issues

Based on: Chromium.

Why not default in Kicksecure:

• Not Open Source. See Open Source Browsers Only.

Chromium[edit]

Advantages:

• Might be similarly compatible as Chrome due to its shared code base.

Disadvantages:

• Similar to Chrome, see above, except Chromium is Open Source.
• security issues with the Chromium package in Debian
• tracking issues

Why not default in Kicksecure:

• No official binary builds.
• Refer to disadvantages.

Based on: Not based on any other browser.

More technical details: Chromium

Firefox[edit]

Advantages:

• Might be similarly compatible as Chrome due to its past popularity.

Disadvantages:

• Needs hardening: Not as hardened by default (lower attack surface, disabled telemetry) as it could be, creating demand for a hardened Firefox fork or Firefox settings project such as Arkenfox.
• Punicode security issue: Very hard to notice phishing scam - Firefox / Tor Browser URL not showing real domain name - Homograph attack (Punycode) A homograph attack is a type of phishing attack where characters from different writing systems are used to create deceptive URLs. These URLs appear identical or very similar to legitimate ones. Punycode is a way of encoding these special characters so they can be used in domain names.

Why not default in Kicksecure: Planned!

• The issue of Firefox Selling User Data was perceived very badly by the community. Therefore Firefox will be no longer installed by default inside Kicksecure in a future version as soon as Dev/browser-choice has been implemented.

Based on: Not based on any other browser.

More technical details: See Original Firefox.

Mullvad Browser[edit]

Advantages:

• Anti-browser fingerprinting: Makes it harder for websites to track you based on your browser’s settings. This helps protect your privacy.
• Security features: Includes a "security level" setting that lets you choose stronger protection. Higher levels may break some websites but offer better security.
• Installation: Debian package repository available. This allows users on Debian-based systems, including Kicksecure, to easily install and update Mullvad Browser using tools like apt.

Disadvantages:

• ESR

Why not default in Kicksecure:

• Not vendor neutral
  • Includes Mullvad branding, uses Mullvad DNS by default, and promotes its VPN service, tying it to a specific commercial provider.
  • Creates potential reputational risks for Kicksecure by suggesting endorsement or sponsorship by a VPN company.
  • Could lead to user suspicion of paid promotion, harming the project's perception of independence and trustworthiness.

Based on: Base Browser, which is based on Firefox ESR.

More technical details: Mullvad Browser

Tor Browser[edit]

Advantages:

• Same privacy and security benefits as Mullvad Browser.

Disadvantages:

• Cannot be installed or updated using the usual Debian software tools yet. ^[1]
• ESR

Why not default in Kicksecure:

• Sends all web traffic through the Tor network. This is good for anonymity (like in Whonix), but Kicksecure needs a regular (clearnet) browser instead.

Based on: Base Browser, which is based on Firefox ESR.

More technical details: Tor Browser

Brave Browser[edit]

Advantages:

• Built-in ad blocker: Brave includes an advertisement blocker by default, which helps reduce tracking and speeds up web browsing.

Disadvantages:

• Ad-funded business model: Despite blocking ads, Brave is itself an advertising company. It replaces traditional ads with its own ad system.
  • Brave Business Model on Wikipedia
• Controversies: Brave has faced criticism for certain business decisions and privacy concerns.
  • Brave Controversies on Wikipedia

Why not default in Kicksecure:

• Because of disadvantages listed above.

Based on: Chromium.

More technical details: Brave Browser

LibreWolf[edit]

Advantages:

• Firefox Rapid Release instead of ESR.

Disadvantages:

• LibreWolf - Lack of Radio Silence as a Development Goal
• LibreWolf - IJWY (I Just Want You To Shut Up) Feature Removal

Why not default in Kicksecure:

• Due to disadvantages listed above.

Based on: Firefox Rapid Release

More technical details: See LibreWolf.

Other Browsers[edit]

Other browsers might be listed on Kicksecure Default Browser - Development Considerations.

What Users Can Do[edit]

The situation is clearly unsatisfactory. Here is what users can do:

• Stay in the loop. Subscribe to relevant discussions.
• Conduct deep research.
• Stay vigilant.
• Demand transparency.
• Demand radio silence.
• Support Geminispace‎, SmolNet.
• Wait for privacy-respecting browsers to become available.

Activist Statement[edit]

Market Stance: Using any browser other than Firefox or Chrome(ium) is seen by some as a stand against the dominance of Firefox and Chrome.

Extended Support Release - ESR[edit]

Browsers based on Firefox ESR might be less secure than browsers based on Firefox Rapid Release, see Firefox Security - ESR (Extended Support Release) versus Rapid Release.

Open Source Browsers Only[edit]

Browsers that are non-freedom software (closed source) (not Open Source) are only briefly mentioned and discouraged. See also Reasons for Freedom Software / Open Source.

Advanced Topics[edit]

The following topics are for Advanced Users only.

Browser DDOS Vulnerabilities[edit]

Can browser be frozen by heavy JavaScript as an attack? Other vulnerabilities? What happens if JavaScript is constantly fetched or if the browser's DOM is 1 GB++ large?

• Vulnerabilities
  1. Infinite Loops / Infinite Recursion : while(true) {} can cause the browser to freeze and function recursive() { recursive(); } can crash the browser due to stack overflow. There are safeguards in place in modern browsers but it's still a risk especially if combined with other attacks
  2. Memory consumption : By creating an extremely large DOM or an extremely large array the memory can be consumed leading to slowdown of the OS or crash of the browser
  3. Fetching humongous data : Constantly / infinitely fetching giant data files can slow down the browser or freeze it
  4. Forced reflows and layouts : By constantly changing huge parts of the layout of the page in short intervals the browser can be slowed down
  5. iframe overload : Creating a huge amount of iframes - even without source - and adding them to the page can slow down the browser
  6. iframe inception : an iframe references the same page it is on, which in turn creates another iframe that references the same page, and so on. This can lead to an infinite loop, causing the browser to consume significant resources and potentially become unresponsive or crash.
• These are the most common and even some less likely DDOS vulnerabilites for the browser. Most modern browsers are safeguarded against this as much as possible. But as there is often no way to differentiate if a huge memory consumption is benevolent or malevolent the browser has to accept most of these commands
• In the past Javascript was more powerful in the browsers giving it some OS access. But due to virusses and malware all browsers now use a sandbox to severely limit Javascript capabilities

Footnotes[edit]

SSH Documentation Chrome Previous page: SSH Index page: Documentation Next page: Chrome

Kicksecure A secure by default operating system with the latest security research in place.

Dark mode

Follow us on social media

Supported by Power Up Privacy

Kicksecure is proudly supported until 2025 by Power Up Privacy, a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place. (Strictly subject to our sponsorship policy.)

At Kicksecure we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint 2012- 2025 ENCRYPTED SUPPORT LLC

Your support makes
all the difference!

We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 13 year success story and maybe DONATE!