User:Empey at Avast/Secure-Browser-Proposed-Changes
Developer(s) | Avast |
---|---|
Stable release | 3.55
|
Written in | Mainly C++, among others[1] |
Engines | Blink, V8 |
Operating system | Windows |
Size | 488 MB |
Type | Web browser |
License | Freeware |
Website | avast |
Avast Secure Browser (formerly SafeZone) is a web browser developed by Avast that focuses on Internet security and privacy. It is based on Chromium, but was subsequently found to contain a serious security flaw not present in Chromium itself.[2][3] Should this security vulnerability really be so prominent in the article? It was patched in less than 3 days. Initially, Avast Secure Browser was bundled with paid versions of Avast Antivirus. In March 2016, Avast started bundling it with the free version as well. Avast Secure Browser was originally called "SafeZone" before being revamped and rebranded as "Avast Secure Browser" in early 2018.[4] Before the revamp, SafeZone's design was similar to that of the Opera browser.[5]
Features
[edit]Besides the features inherent to Chromium, Avast Secure Browser includes the following features:[6]
- Ad Block: A content filter that comes with the EasyList and Adblock Plus Acceptable Ads Program subscriptions.
- Bank Mode: A browsing mode that
allegedlyis designed to protectsthe user against "a potentially hijacked host or network, and also prevents keyloggers and network-based eavesdropping from capturing any [data]." Bank Mode automatically activates when it detects that the user has reached a banking website or a payment page, although it can be manually invoked. It runs from an alternate desktop that ispurportedlyisolated from other processes that cannot be called within Bank Mode. - Passwords: A password manager and form auto-filler. It also suggests
allegedlysecure passwords on sign up forms. Passwords allows the user to sync passwords across browsers, desktop and mobile via the Avast Passwords add-ons and apps that are synced to the user’s Avast Account.[7]
* SafePrice: An add-on that detects whether the user is viewing a product’s page at an online store and searches for better prices for that product on a list of No longer available.
purportedly trusted websites.
- Video Downloader: A plug-in that offers to download videos being watched by the user on selected websites. It allows the user to choose video quality and, in some cases, to download the soundtrack of the video as an audio file.
- Anti-tracking and anti-fingerprinting: The software prevents the collection of information about the user's computer or browsing history that could be used to build a profile of the user.[4]
- Anti-Phishing: A module analyzes internet traffic for phishing attempts before malicious software is executed.[8]
Avast Secure Browser also blocks the user from accessing known malicious webpages and extensions.[9] All of the software's features are controlled from a central user interface called the "Security & Privacy Center."[10]
Controversies
[edit]This section seems really excessive and editorialized for a security vulnerability discovery that was patched within a few days. I am not aware of anything controversial about it. Suggest something shorter like "In December 2015, Tavis Ormandy discovered a security vulnerability that could allow hackers to insert malicious JavaScript code into the browser of Avast SafeZone Browser users. Avast fixed the vulnerability in a patch a few days later.[2][3][11]" Perhaps placement in a "History" section that other editors may expand upon later would be more appropriate.
In December 2015, Google Project Zero researcher and antivirus critic, Tavis Ormandy, unveiled a critical security issue within Avast Secure Browser, which was not originally present within Chromium, but which could easily grant a hacker access to any file stored on the user’s hard drive, and potentially arbitrary code execution. The exploit involved the execution of a malicious JavaScript code in any browser that would evoke SafeZone’s Bank Mode add-on, which could access any URI scheme, such as
file:///
. The flaw was reported to have been fixed by Avast in February 2016.[2][11][3]
See also
[edit]References
[edit]- ^ "Chromium (Google Chrome)". Ohloh.net. Retrieved 8 February 2012.
- ^ a b c Lucian Constantin (5 February 2016). "Serious flaw discovered in Avast's security-focused SafeZone browser". PCWorld. Retrieved 20 February 2017.
- ^ a b c Muncaster, Phil (2016-02-08). "Avast Patches Critical SafeZone Flaw". Infosecurity Magazine. Retrieved 2017-09-02.
- ^ a b "SafeZone secure web browser rebrands as Avast, adds new features". MobileSyrup. April 6, 2018. Retrieved November 15, 2018.
- ^ Venkat Eswarlu (24 March 2016). "Avast makes SafeZone browser available to free version users as well". Techdows. Retrieved 20 February 2017.
- ^ Steve-Avast (27 February 2016). "SafeZone browser - Frequently Asked Questions". Avast forum. Retrieved 20 February 2017.
- ^ Avast Passwords: FAQ
- ^ "Avast Secure Browser". ComputerBild (in German). Retrieved November 15, 2018.
- ^ Avast SafeZone
- ^ "Avast Secure Browser: Mehr Privatsphäre beim Surfen". computerbild.de (in German). Retrieved November 15, 2018.
- ^ a b taviso (18 December 2015). "Avast: A web-accessible RPC endpoint can launch "SafeZone" (also called Avastium), a Chromium fork with critical security checks removed". Project Zero. Retrieved 20 February 2017.
External links
[edit]Category:Software based on WebKit Category:Windows web browsers