Is terminal-based web browsers safer than Graphical User Interface-based web browsers?
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 30 days after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 30 days after creation.
Is terminal-based web browsers safer than Graphical User Interface-based web browsers?
My apologies if my ignorance towards how terminal-based web browser works, but I was looking at this topic viewtopic.php?p=2444922 since I was lurking and found interesting this topic (actually thought it was an official theme but no, still cool though) and I always assumed running a GUI-based web browser with NoScript or somehow disabling javascripts by other means from websites would substantially be way safer to browse through websites you are not used to when you searching and just mindlessly visiting websites trying to find something, but I discovered on this topic I mentioned above that there are apparently also how to compromise security simply because of CSS... Does terminal-based browsers is safer in terms of CSS and JS, or do they usually support both or what, is there a high-ground when comparing security for those reasons mentioned when it comes between a GUI-based and terminal-based web browsers?
Last edited by LockBot on Tue Apr 16, 2024 9:50 pm, edited 1 time in total.
Reason: Topic automatically closed 30 days after creation. New replies are no longer allowed.
Reason: Topic automatically closed 30 days after creation. New replies are no longer allowed.
Re: Is terminal-based web browsers safer than Graphical User Interface-based web browsers?
Is it just me or is that post devoid of any periods to denote the end of a sentence?
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.
Re: Is terminal-based web browsers safer than Graphical User Interface-based web browsers?
See https://en.wikipedia.org/wiki/Compariso ... gy_support and https://en.wikipedia.org/wiki/Compariso ... pt_support to find which don't support it. Guess & quick look say that Links and Lynx both don't support CSS or JavaScript. They are available on Linux Mint. If not through Software Manager then through Synaptic or with
Websites that were designed with accessibility in mind should work without CSS though will obviously look a lot different in text only mode. Many websites won't work without JavaScript but many should work fine.
apt install
.Websites that were designed with accessibility in mind should work without CSS though will obviously look a lot different in text only mode. Many websites won't work without JavaScript but many should work fine.
Re: Is terminal-based web browsers safer than Graphical User Interface-based web browsers?
The post in that topic mentioned this CSS attack: https://www.mike-gualtieri.com/posts/st ... nd-defense. He has a vulnerability tester at the end and a browser plugin to mitigate it. But do read it what the attack is about.
- MikeNovember
- Level 7
- Posts: 1856
- Joined: Fri Feb 28, 2020 7:37 am
- Location: Nice, Paris, France
Re: Is terminal-based web browsers safer than Graphical User Interface-based web browsers?
Hi,xenopeek wrote: ⤴Sun Mar 17, 2024 5:42 pmThe post in that topic mentioned this CSS attack: https://www.mike-gualtieri.com/posts/st ... nd-defense. He has a vulnerability tester at the end and a browser plugin to mitigate it. But do read it what the attack is about.
There are browsers extensions available to be protected against this "CSS data exfiltration attack", for Firefox, Chrome, Microsoft-edge. The extension is called "CSS Exfil Protection". It analyzes CSS code and blocks the execution of instructions related to the attack.
A vulnerability tester is available here: https://www.mike-gualtieri.com/css-exfi ... ity-tester
You can also download extensions from this website.
Regards,
MN
PS: 4 years after Gualtieri described this attack, browsers are still intrinsically vulnerable (I have tested Firefox and Microsoft-Edge); you are protected after extension installation. Javascript and CSS are attack vectors, and browsers developers don't do much to block, at least, the known attacks.
_____________________________
Linux Mint 21.3 Mate host with Ubuntu Pro enabled, VMware Workstation Player with Windows 10 Pro guest, ASUS G74SX (i7-2670QM, 16 GB RAM, GTX560M with 3GB RAM, 1TB SSD).
Linux Mint 21.3 Mate host with Ubuntu Pro enabled, VMware Workstation Player with Windows 10 Pro guest, ASUS G74SX (i7-2670QM, 16 GB RAM, GTX560M with 3GB RAM, 1TB SSD).
Re: Is terminal-based web browsers safer than Graphical User Interface-based web browsers?
I don't think they're very well maintained, which negates any of the above advantages for me. Plus they're useless in the real world.
For every complex problem there is an answer that is clear, simple, and wrong - H. L. Mencken