SecBrowser Table Security Enhancements

From Whonix

Table: SecBrowser ™ Security and Privacy Benefits

Feature Description
Security Slider Enables improved security by disabling certain web features that can be used as attack vectors.[1]
Default Tor Browser Add-ons
  • HTTPS Everywhere: This browser extension encrypts communications with many major websites, making your browsing more secure.[2]
  • NoScript: NoScript can provide significant protection with the correct configuration.[3] NoScript blocks active (executable) web content and protects against cross-site scripting [archive] (XSS). "The add-on also offers specific countermeasures against security exploits".
Firejail (Linux only) Firejail will be used as a sandboxing measure to restrict the SecBrowser process. [4]
Homograph Attack Protection Fixes the internationalized domain name (IDN) homograph attack vulnerability [archive] present in standard Firefox and Tor Browser releases. [5] [6]
Reproducible Builds Build security is achieved through a reproducible build process that enables anyone to produce byte-for-byte identical binaries to the ones the Tor Project releases.[7][8]
WebRTC Disabled by Default WebRTC can compromise the security of VPN tunnels, by exposing the external (real) IP address of a user.[9][10]