Jack Wallen addresses the challenging question of which browser is best to use for transmitting encrypted data.
Yep, that's the answer. The most secure browser for encrypted data is Tor. But there's a catch, and it's a big one. You might work within a company LAN that doesn't allow for the Tor browser to function. And unless you can get your IT department to open up the network to allow Tor to function, you're out of luck.
But for everyone else, Tor is definitely the browser to beat when it comes to encrypted transmitted data.
SEE: Security incident response policy (TechRepublic Premium)
Let me offer up a simple example.
Once upon a time, I was hired by a new client. Now, this client didn't exactly engender much in the way of trust in me, but they were willing to pay a premium for me to generate content for them. But lodged in the back of my mind was this sense I couldn't trust them 100%. So, what did I do? I created a virtual network, detached from my primary network and then deployed a virtual machine attached to that network. On that virtual machine (running Ubuntu Desktop), I installed the Tor browser. With that setup, I felt absolutely confident nothing untoward could happen... unless I was dealing with serious hackers.
I keep the Tor browser installed on my desktops and laptops on the off chance I need to transmit sensitive data that goes well beyond the standard. Or, if I'm on the go and can't exactly trust the network I'm using, I immediately fire up Tor and have at my work.
What browser should you use when Tor isn't an option?
Do you toss your hands in the air (like you just don't care) as if to say, "Let's just hand over all of my sensitive data to anyone who wants to view it!"? No, you don't have to do that.
Now, to be clear, we're not talking about privacy, as that's another matter altogether. We're talking about sending encrypted data. For that, where do you turn?
You might think Brave is the answer. After all, Brave is the browser focused primarily on privacy. But, again, we're not talking about privacy. And given that Brave includes features centered around cryptocurrency, and although I wouldn't call out Brave for crypto mining, there is no certainty when it comes to that technology. But the primary reason I leave Brave out of this is because its primary security functionality is centered on privacy.
For me, the nod for encrypted data when Tor isn't an option goes to Firefox. Why? Outside of third-party add-ons you can install for even more protection, Firefox includes an HTTPS-only mode out of the box. Although it's not enabled by default, you can go to Settings | Privacy & Security and enable HTTPS-only mode (Figure A), which will force an encrypted connection between your machine and the sites you visit.
This mode could break some sites you use. Fortunately, the developers made it possible for you to add exceptions to the rule. But enabling this feature will always ensure your connections are made over the more secure HTTPS.
That, of course, isn't the only reason Firefox gets the nod. The browser's Enhanced Tracking Protection makes it possible for you to completely block all tracking from sites, either globally or on the fly. So when I'm about to transmit sensitive data, I'll open Firefox, clear my history, set Enhanced Tracking Protection to Strict, and then do what I need to do. When I'm done, I reset Enhanced Tracking Protection to Standard and continue with my day. I leave HTTPS-only mode on at all times.
Why don't I use Chrome when sending encrypted data?
Google's Chrome browser is notorious for collecting data–the biggest reason why is Google has a particular dog in the race for advertising dollars. Since so much of Google's revenue is invested in advertising, it has a reason to harvest your data and, in turn, use it for targeted ads. From my experience, that goes a little something like this: I search for something or transmit a piece of information via the browser–within seconds, I see advertisements related to what I just searched or transmitted. How am I supposed to trust a browser created by a company so deeply entrenched in targeted advertising?
What browser do you use for sensitive information?
This is all based on my own personal experience. For me, the browser I always reach for when dealing with very sensitive data is Tor. When Tor isn't an option, I go with Firefox. It really is that simple.
What about you? What browser is at the top of your list of must-use for security purposes?
Subscribe to TechRepublic's How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.
- The best browser for Linux, Windows and Mac isn't Google Chrome in 2021 (TechRepublic)
- The fastest browser for social media isn't Firefox (TechRepublic)
- How to run an SSH connection through Tor (TechRepublic)
How to become a cybersecurity pro: A cheat sheet (TechRepublic)
Checklist: Securing digital information (TechRepublic Premium)
Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)
Editor's note: This article was updated to include information about Chrome.