Browser Security

Your web browser is arguably the most vital piece of software you have in terms of protecting you from harmful stuff on the internet. So make sure you use one you know and trust. It is hard to be precise on this but I would recommend Firefox or Chrome as good, secure browsers, for me I prefer to trust Firefox. However as Microsoft are adopting a more frequent update model and as IE and Edge diverge it is an interesting area to watch.


One of the biggest users of TLS and also the most important in many ways is web browsers, a good way to test your browser is to visit Dashboard —

Supported Ciphers

The SSL ciphers that your browser supports are sometimes hard to fathom, so visit SSL Cipher Suites Supported By Your Browser and get a good summary. Some ciphers are now known to be weak, for example the Diffie-Hellman ones like DHE-RSA-AES128-SHA. You can also use this site to compare browsers. In a random sample I found Firefox 39 supported 11 ciphers, Chrome 44 supported 17 and IE 11 and Edge both supported 26.

HTTP Strict Transport Security (HTST)

This is important as it makes sure that HTTPS is used and helps prevent "Man in the Middle" (MITM) attacks. I good quick intro is HTTP Strict Transport Security (HSTS) --> the easy way but more comprehensive discussion with links to documentation etc is available from HSTS Cheat Sheet.