Should I use IE8 with Firefox Portable?

Topic

New Reply

Hi Loungers, I am thinking of keeping IE8 on my PC (Win7 HPrem 32 bit) and using the portable version of Firefox. My reason is, at the moment IE8 has been removed/disabled (only possible if using Win7) and only using FF. As I also use Secunia PSI, but it only works correctly with IE8 but shows as insecure.
As to FF Portable, its only known drawback is slow to start but then runs excellently.
If you can add any PROS or CONS to my intended set up please do.

Reply | Quote

Replies

I have both IE 8 and FF 3.6.3 both on the same 2 PC’s at the same time. Either open properly when I click on it’s icon. I often have both open simulataneously, as I do right now while I type this. Some sites seem to work better in IE, some in FF. Why don’t you want both on your system at the same time? I presently have FF listed as my default browser, but could just as easily choose IE 8 as the default browser. They have always coexisted well together.

Reply | Quote

Hi Ted, its just something i thought about doing to pass the time. I’ve only had a pc for approximately 3 years and still learning. All I wanted was points for and against. At present my desktop W7 only has FF, laptop Vista has both. FF on LTop seems faster.

Reply | Quote

Hi Ted, its just something i thought about doing to pass the time. I’ve only had a pc for approximately 3 years and still learning. All I wanted was points for and against. At present my desktop W7 only has FF, laptop Vista has both. FF on LTop seems faster.

I actually do not notice a difference on mine. I use whichever suits my fancy at the moment. I like using a theme for FF and find the customization is eye candy I like. What I do is to empty the cache often. This keeps things running quickly. I set both up to empty history and cookies when closing. I also use CCleaner to further clean up the system. This has the added benefit of cleaning out the temp files on my PC which tends to keep it “lean and mean”. I find both browsers work very fast when I keep them clean. I also use Sandboxiewhen I’m surfing sites I do not know. As can be seen Sandboxie opens my web browsing in a virtual environment which I can delete if anything unexpected tries to get into my system. This however slows the initial boot into the web browser while the Sandbox is set up, but does keep my surfing safer. Sorry to have gotten slightly off topic.

oops, I see we got into this subject on another thread. Did not see this until I had already entered this post. I am leaving it because it may help someone else as well.

Reply | Quote

As I also use Secunia PSI, but it only works correctly with IE8 but shows as insecure.

Which is insecure, IE8 or Secunia PSI? If Secunia reports a program as insecure, there almost always is an update.

Reply | Quote

Hi jscher2000, I have the lastest version of secunia.

Reply | Quote

If there is no patch and no viable workaround, I guess you’ll need another browser.

Reply | Quote

If there is no patch and no viable workaround, I guess you’ll need another browser.

G’day,
One of the IE8 unfixable security problems that Secunia refers to, can be secured using some guidance from Steve Gibson: http://wp.me/pV3mA-1B
It really is worth the read.

Reply | Quote

If there is no patch and no viable workaround, I guess you’ll need another browser.

You being too harsh on the browser vendors. Over a period of time, nearly ALL browsers show unpatched vulnerabilities under Windows. That’s what Secunia is finding — unpatched vulnerabilities. This is not always serious enough to require a browser switch, but often there are workarounds or MS “Fixits” which can help until a real patch is issued. I would not automatically dump a browser because of such an unpatched vulnerability.

-- rc primak

Reply | Quote

That takes us back to original post topic. If I only have IE8 istalled at a higher level of security and use FF portable it could improve my security.

Reply | Quote

That takes us back to original post topic. If I only have IE8 istalled at a higher level of security and use FF portable it could improve my security.

I have also used Secunia in the past and as with all such apps, I take what they tell me with a “Grain of Salt” During my XP and Vista times, Secunia kept telling me I had insecure versions of Macomedia Flash on my PC. If you will remember Flash was called Macromedia Flash, before I believe Adobe bought it. This was after I had uninstalled all versions of the old flash and installed the newer Adobe product. I believe there must have been some leftover “stuff” in my registry.

I feel that if I do my best to keep everything up to date, be careful where I go and what I do, use Sandboxie to create virtual environments for my browsers, etc. that I feel as though my PC’s are very secure. Part of security is being proactive in what you do to protect your “stuff”. I use CCleaner to help erase traces of myself on the web, and erase un-needed temp files on my PC. All these things are what makes you secure.

There are always going to be new threats, that’s why Av and AM manufacturers are in business. IE and FF could fix all the present problems only to have more come up tomorrow. You might just find that Secunia, although a good tool, is only one tool in an arsenal of tools and should not be written in stone.

Reply | Quote

I have also used Secunia in the past and as with all such apps, I take what they tell me with a “Grain of Salt” During my XP and Vista times, Secunia kept telling me I had insecure versions of Macomedia Flash on my PC. If you will remember Flash was called Macromedia Flash, before I believe Adobe bought it. This was after I had uninstalled all versions of the old flash and installed the newer Adobe product. I believe there must have been some leftover “stuff” in my registry.

I feel that if I do my best to keep everything up to date, be careful where I go and what I do, use Sandboxie to create virtual environments for my browsers, etc. that I feel as though my PC’s are very secure. Part of security is being proactive in what you do to protect your “stuff”. I use CCleaner to help erase traces of myself on the web, and erase un-needed temp files on my PC. All these things are what makes you secure.

There are always going to be new threats, that’s why Av and AM manufacturers are in business. IE and FF could fix all the present problems only to have more come up tomorrow. You might just find that Secunia, although a good tool, is only one tool in an arsenal of tools and should not be written in stone.

I could not agree with you more, the good V the bad is like the chicken & egg, which came first.

Reply | Quote

If I only have IE8 istalled at a higher level of security and use FF portable it could improve my security.

Firefox Portable has some unusual settings that might protect you from attacks that read history or cache. However, if there were a program vulnerability, for example a buffer overflow, I doubt you would be protected any better than if you were running an ordinary installation of Firefox.

Incidentally, Secunia Alert SA39925[/url] seems to be a very limited kind of attack, and could be minimized by using the NoScript extension[/url] to prevent scripts from untrusted sites from running.

Reply | Quote

Firefox Portable has some unusual settings that might protect you from attacks that read history or cache. However, if there were a program vulnerability, for example a buffer overflow, I doubt you would be protected any better than if you were running an ordinary installation of Firefox.

Incidentally, Secunia Alert SA39925 seems to be a very limited kind of attack, and could be minimized by using the NoScript extension to prevent scripts from untrusted sites from running.

I am using ‘noscript.’ As to FF portable Read This

Reply | Quote

As to FF portable Read This

Can you be more specific? It’s 11 pages long. (I’ve used Portable Firefox, so I am generally familiar with how it works.)

Reply | Quote

Can you be more specific? It’s 11 pages long. (I’ve used Portable Firefox, so I am generally familiar with how it works.)

What I’m referring to is all on first page re stealth.

Reply | Quote

What I’m referring to is all on first page re stealth.

I see, you can configure Portable Firefox not to write to write crash logs to the hard drive. However, this does not effectively sandbox the application such that it cannot possibly touch any files on your hard drive.

Reply | Quote

As everything is vurnerable to one degree or another, my train of thought was, if using FF portable I would only be exposed when it was being used.

Reply | Quote

Roadrunner,

That’s why I suggested Sandboxie previously. When you use the Sandboxie icon to open your browser, whether it is IE or FF, it is opened in a virtual environment that does not let information you obtain from the web into your system unless you allow it. If a nasty gets into the sandbox, simply delete the sandbox and the nasty is gone.

Reply | Quote

Roadrunner,

That’s why I suggested Sandboxie previously. When you use the Sandboxie icon to open your browser, whether it is IE or FF, it is opened in a virtual environment that does not let information you obtain from the web into your system unless you allow it. If a nasty gets into the sandbox, simply delete the sandbox and the nasty is gone.

I’m another vote for Sandboxie. IE is my default browser due to some business applications, and I’m normally a very cautious websurfer, but in my spare time as a forum moderator I often need to check out unknown links and I’m very happy to pay the small performance penalty of Sandboxie in return for its protection.

Reply | Quote

I tried sandboxie, and found it more trouble than its worth. I dont visit dodgy sites (WOT) and visit very few web sites i.e. WSL, eldergeek, bleepingcomputer, my bank , electric supplier, ISP sites.
I did another clean install (3.5 hours) and still getting errors.

Reply | Quote

I did another clean install (3.5 hours) and still getting errors.

My reason is, at the moment IE8 has been removed/disabled (only possible if using Win7)

Clean install of what? The OS? No OS should take 3.5 hours, unless you’re including a bunch of programs.

You can neither remove nor disable IE, so I believe you’re mistaken in that. IE is part of the system, and disabling isn’t necessary, you just don’t use it. You can remove one version and put in another, but not remove it entirely.

I’m passionate about FF, using it since its inception, have 30 add-ons, but Microsoft Updates (the manual ones) can be viewed and used ONLY in IE. So don’t play with trying to disable it.

A certain forum I use has no visible buttons for posting or replying unless I switch to IE. Some sites will have the wrong format, colors, missing buttons, overlapping text, etc. Yahoo absolutely will not accept Firefox cookies, not if I stand on my head and swing a dead chicken 3 times around my head. (Old Yiddish superstition.)

That said, I use IE to an absolute bare minimum and remove all my cookies each time.

Reply | Quote

A certain forum I use has no visible buttons for posting or replying unless I switch to IE. Some sites will have the wrong format, colors, missing buttons, overlapping text, etc.

This is beside the point of this thread, but you can use Help > Report Broken Web Site… feature in Firefox to try to get some assistance in fixing problem web sites. Obviously it’s only worth taking the time to report sites you really care about.

Reply | Quote

This is beside the point of this thread, but you can use Help > Report Broken Web Site… feature in Firefox to try to get some assistance in fixing problem web sites. Obviously it’s only worth taking the time to report sites you really care about.

Yes, it’s relevant to the issue here. The OP originally mentioned uninstalling or disabling IE, and my point was that sometimes you need IE to view certain sites. And I reported directly to the site, but that’s not the point here either. Reporting doesn’t mean the site will be usable in FF any time soon.

Having IE is like having a man in your life; they’re not good for much, but every now and then they serve a very specific purpose.

Reply | Quote

Yes, it’s relevant to the issue here.

Sorry, I meant my comment was going off topic, not that your comment was off topic.

Reply | Quote

You can neither remove nor disable IE, so I believe you’re mistaken in that. IE is part of the system, and disabling isn’t necessary, you just don’t use it. You can remove one version and put in another, but not remove it entirely.

You may not be able to uninstall IE but you can disable it (at least in Win 7) through Control Panel, Programs and Features, Turn Windows features on and off, Uncheck Internet Explorer 8. IE will no longer be available for use. This appears to be exactly what the original post mentions.

Reply | Quote

Clean install of what? The OS? No OS should take 3.5 hours, unless you’re including a bunch of programs.

You can neither remove nor disable IE, so I believe you’re mistaken in that. IE is part of the system, and disabling isn’t necessary, you just don’t use it. You can remove one version and put in another, but not remove it entirely.

I’m passionate about FF, using it since its inception, have 30 add-ons, but Microsoft Updates (the manual ones) can be viewed and used ONLY in IE. So don’t play with trying to disable it.

A certain forum I use has no visible buttons for posting or replying unless I switch to IE. Some sites will have the wrong format, colors, missing buttons, overlapping text, etc. Yahoo absolutely will not accept Firefox cookies, not if I stand on my head and swing a dead chicken 3 times around my head. (Old Yiddish superstition.)

That said, I use IE to an absolute bare minimum and remove all my cookies each time.

I believe you’re mistaking as you can indeed disable IE, probably not advisible, but definitly do-able.

Reply | Quote

Ted, thank you,

Reply | Quote

I was surprised to find a site that I couldn’t log-in to with IE8, fortunately the Firefox portable worked out well enough.
Other than being a bit slow to start it seems pretty decent. I might even keep it.

Reply | Quote

Clint, If like me , you have to sign in to your home page, ( I use igoogle), with portable you must do so every time.

Reply | Quote

Hi Loungers, I am thinking of keeping IE8 on my PC (Win7 HPrem 32 bit) and using the portable version of Firefox. My reason is, at the moment IE8 has been removed/disabled (only possible if using Win7) and only using FF. As I also use Secunia PSI, but it only works correctly with IE8 but shows as insecure.
As to FF Portable, its only known drawback is slow to start but then runs excellently.
If you can add any PROS or CONS to my intended set up please do.

Hi

I have been using Portable Firefox for a looong time, but i switched to the installed version two years ago, because it is somewhat faster to start.

[*]the switch from the portable version to the installed one is very easy: install the last version, launch it once, close it, and replace the new profile with the portable’s profile. You will find everything in it at the next start of the installed version[*]don’t forget that the more plugins the longer it take to start[*]i have built a batch with Microsoft’s Robocopy utility to backup the whole profile on an external device

As a web developer, i frequently have IE8, Google Chrome and FF opened at the same time, but FF remains my main toolbox, especially with the Web Developer Toolbar and the DOM inspector, even if both IE8 and Chrome have similar tools.

When talking about rendering, I find Chrome generally faster the two others. And don’t forget that each tab in Chrome is sandboxed…

Not convinced at all by IE8 and its ActiveX and other “automatic” pieces of code, i use it only when i have no other choices

Reply | Quote

Hi

And don’t forget that each tab in Chrome is sandboxed…

Hi Y-P, thanks for this information, it will be next on my agenda for experimentation.

Reply | Quote

I simply had to throw in my 2 cents’ worth 🙂

IF you configure FF correctly, I think it can be the best secure browser, but you need to install some add-ons. These are the security ones that I use:

[*]NoScript[*]AdBlock Plus – other than the obvious, it allows blocking of irritating animated gifs or flash[*]Flashblock – only run flash that I choose[*]Flagfox – shows location of site[*]ShowIP – not so needed, but handy occaionally

Next layer of security, which applies to all browsers, can be to

[*]Run a virtual PC in VMWare Player or Virtual PC – both free, if you are paranoid you could even run Ubuntu inside the VM.[*]I also recommend SpyBot and Advance SystemCare 3 to immunize the browsers against bad sites.[*]Next set your DNS to use the free OpenDNS service[*]Install a good security suite such as Kaspersky Internet Security, or Comodo[*]Finally have a good h/w firewall in your modem/router or have a perimeter security device. I use Netgear’s ProSecure.

I think that is pretty comprehensive. I use most of these in my home office and haven’t had any infection in 10 years of operation. My system is on 24×7.

Hope this helps…

Reply | Quote

Hi Loungers, I am thinking of keeping IE8 on my PC (Win7 HPrem 32 bit) and using the portable version of Firefox. My reason is, at the moment IE8 has been removed/disabled (only possible if using Win7) and only using FF. As I also use Secunia PSI, but it only works correctly with IE8 but shows as insecure.
As to FF Portable, its only known drawback is slow to start but then runs excellently.
If you can add any PROS or CONS to my intended set up please do.

I use both IE8 & the standard version of Firefox, plus PSI…the PSI does check FF for validity. I always use both, with Firefox the default. I have learned to check the 2 against each other, to be sure both are working correctly—recently for a while FF did not honor JavaScript on 1 machine, while on 2 others, slide shows did not work.

Reply | Quote

I use both IE8 & the standard version of Firefox, plus PSI…the PSI does check FF for validity. I always use both, with Firefox the default. I have learned to check the 2 against each other, to be sure both are working correctly—recently for a while FF did not honor JavaScript on 1 machine, while on 2 others, slide shows did not work.

Hi Paul, I am currently using both but IE8 is default, I am having trouble with both browsers, If I go to http://www.theeldergeek.com/forum/index.php? I am unable to post replies with board setting ‘Rich Text Editor’ when using FF, IE8 has no trouble in posting.
My home page in IE8 + FF is igoogle, I have a gadget called ‘Days Since’ and this is how its shown.

A report has been sent for both browsers today.

Reply | Quote

Just one point about when Secunia says a browser or Flash Player is “insecure, no solution”:

Checking with the Secunia website, I often find these warnings refer to recently found vulnerabilities for which patches have not yet been developed. Sometimes there are workarounds, or even (for Internet Explorer) Microsoft “Fixit” articles. But in most instances, there is no need to panic. Switching browsers every time one shows up with a security hole is like switching security programs every time a new “top ten” list comes out — it is generally a waste of time, and can become expensive or even lead to Windows instabilities.

For myself, I have IE8 installed (Windows XP Pro, SP3), but unless I encounter a very Firefox unfriendly site, I only use IE8 for MS Updates. For everything else, I use Firefox.

FlashBlock, NoScript, AdBlock Plus, and Web of Trust provide yet more help with Firerfox security and privacy. To protect my computer, I use Comodo Firewall, Comodo Defense Plus, and Comodo’s DNS Proxy Service (new in recent versions of their Firewall, and needs to be accepted as an opt-in feature). I also use Avast 5 Free, which has active Web Shields. I crank up the security settings on Comodo to the second-highest level, and in IE8, I have set my Internet Zone one notch more secure than the default for that Zone (thus allowing me to reduce the Trusted Zone to Medium Security). If I have any further doubts, I can scan with Malwarebytes Free or Super Antispyware, or submit a suspicious download to Virus Total’s web site for analysis.

The bottom line is, I do not feel the need to totally sandbox my browsers, nor to prevent cache and history items from being written to my hard drive. Using my scheme, I rarely have to clean up any infections from my computer. I have backups (Acronis Full Images) in case an update goes south, and for few if any other reasons. If you want to sandbox insecure applications, Comodo also has limited sandboxing cap[abilities. Sandboxie would offer better sandboxing, and a virtual machine would be still better. But I only go as far as using the Comodo Sandbox for unfamiliar or new programs. Nothing more seems necessary in my computer. Your mileage may vary.

My recommendation is not to disable IE. Just use Firefox or Opera, and have IE for MS Updates or sites which absolutely require it. Save your security energy for Plug-ins, such as Flash, QuickTime, VLC Player (known security issue, unpatched right now), Java, etc. All of these applications can be restricted or blocked at unsafe sites. (If I could use anything but Flash Player for viewing streaming videos from such sites as Hulu.com, I would dump Flash Player in a heartbeat, and you can ask me why.)

Ad blocking is needed until advertising co-ops clean up their act in pre-screening their ads. If that ever occurs, ad blocking may be unnecessary and should be loosened up, so as not to deprive site operators of their revenue streams. I am generally opposed to blocking ads just because they are an annoyance. But for now, ads do pose a security threat, and must be managed by the end-user until the co-ops get their act together and improve their screening process.

So, Portable Firefox instead of IE8? Not necessary if you ask me.

-- rc primak

Reply | Quote

For myself, I have IE8 installed (Windows XP Pro, SP3), but unless I encounter a very Firefox unfriendly site, I only use IE8 for MS Updates. For everything else, I use Firefox.

FlashBlock, NoScript, AdBlock Plus, and Web of Trust provide yet more help with Firerfox security and privacy. To protect my computer, I use Comodo Firewall, Comodo Defense Plus, and Comodo’s DNS Proxy Service (new in recent versions of their Firewall, and needs to be accepted as an opt-in feature). I also use Avast 5 Free, which has active Web Shields. I crank up the security settings on Comodo to the second-highest level, and in IE8, I have set my Internet Zone one notch more secure than the default for that Zone (thus allowing me to reduce the Trusted Zone to Medium Security). If I have any further doubts, I can scan with Malwarebytes Free or Super Antispyware, or submit a suspicious download to Virus Total’s web site for analysis.

The bottom line is, I do not feel the need to totally sandbox my browsers, nor to prevent cache and history items from being written to my hard drive.

A lot of good sense, and that follows my way of working pretty much. The worst malware I ever get is a tracking cookie, and rarely, because I also use Cookie Monster. Once we have pretty good security, no need to get TOO PARANOID.

My security stuff is set up, and it just works quietly without bothering me, like a good surveillance system. Sandboxing is just TOO paranoid for most of us. I keep my history for a convenient 2 weeks, keep cookies for trusted site, let FF fill out my forms.

Reply | Quote

Hi Loungers, If anyone is wondering what my ‘modus operandi’ is check out my ‘about me page’ its just been updated.

Reply | Quote