Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Epic: A Privacy-Focused Web Browser

Soulskill posted about a year ago | from the i-know-what-you-googled-last-summer dept.

Privacy 223

Rob @CmdrTaco Malda writes "I've been advising Epic Browser, a startup building a privacy-focused, Chrome-based browser that starts where incognito mode ends. Epic employs a host of tactics designed to make what happens inside your browser stay there, to the tune of a thousand blocks in a typical hour of browsing. They also provide a built-in proxy service. If the corporations and governments are going to watch us, there's no reason to make it any easier for them. Epic has Mac and Windows builds for now. Their site goes into far greater detail about how they block tracking methods most browsers don't."

cancel ×

223 comments

Sorry! There are no comments related to the filter you selected.

Interesting (0)

Anonymous Coward | about a year ago | (#44774619)

Been using Comodo (has nearly the same tagline), but I'll try this out as well.

Re: Interesting (5, Interesting)

Anonymous Coward | about a year ago | (#44774743)

Wouldn't using some special snowflake browser like this make you especially vulnerable to fingerprinting?

Re: Interesting (1)

Anonymous Coward | about a year ago | (#44775151)

Only sort of. Ideally it will make you precisely match everyone else using a browser like this, which is probably more people than have your special snowflake of fonts and plugins and extensions and ...

It will make you stand out, but it won't identify you as uniquely when people look closer.

Re: Interesting (2)

phoebe (196531) | about a year ago | (#44776175)

One wonders what is the excuse this time that the patches have not been submitted upstream to Chromium?

Re:Interesting (5, Informative)

Anonymous Coward | about a year ago | (#44775287)

I see nowhere on their site where the source code is available. That's just a scummy move.

Re:Interesting (2)

MacGyver2210 (1053110) | about a year ago | (#44775831)

It lost me at "Chrome-based"...

Re:Interesting (4, Interesting)

Samantha Wright (1324923) | about a year ago | (#44775439)

Can either of them defeat Panopticlick [eff.org] ? I don't see anything on Epic's site about hiding font lists. (And on that point, Epic is a bad name choice [makingithappen.co.uk] since it's vaguely synonymous with the death of objectivity in news reporting.)

Re:Interesting (1)

gl4ss (559668) | about a year ago | (#44775583)

presumably, if they're being any serious at all, you'll look to panopticlick like any other dude using the browser(well, lying about screen resolution might cause some problems down the line).

Re:Interesting (3, Interesting)

hairyfeet (841228) | about a year ago | (#44775809)

Same here and haven't had a problem with it and unlike this browser its used by millions (coming with Comodo Internet Security with VM mode for secure banking) so you are not gonna stick out like a sore thumb.

The problem with going TOO niche is it would make you stick out all the more, if everyone wears a blue shirt and your shirt is a slightly different hue of blue? probably not gonna be noticed and won't trip any flags, if your shirt is neon orange? You might as well be holding a giant neon sign that says "Look at me, I'm up to something!". Its no different than how guys carrying pot really shouldn't be driving flashy red sports cars but driving some boring blue 4 door instead, you want to go off the radar without attracting attention for doing so.

So while I'll keep an eye on this for the time being I'll stick with Comodo Dragon, it too has increased security and unlike this it is offered with most of Comodo's security products (and since nobody ever unchecks the defaults millions have it) and since it uses the same secure DNS that Comodo uses on their enterprise products you can just blend into the crowd. I wouldn't be surprised if some 3 letter agency has gotten a memo about this thing this very day, /. isn't exactly under the radar ya know.

Chrome based ? (-1)

Anonymous Coward | about a year ago | (#44774629)

lol

Maybe I'm an excessive user (4, Interesting)

i kan reed (749298) | about a year ago | (#44774651)

But 1000 blocks an hour is way short of what Ad-block plus gets with the standard list.

Re:Maybe I'm an excessive user (1)

What'sInAName (115383) | about a year ago | (#44774859)

But 1000 blocks an hour is way short of what Ad-block plus gets with the standard list.

Ok, now it makes sense. I'd originally read that as 1000 BUCKS an hour in the summary and was trying to figure out what the hell they meant!

What if NSA cash is sent to Adblock? (0)

Anonymous Coward | about a year ago | (#44775363)

The problem here is NSA/CIA has loads of cash ($52 billion for covert ops FFS), Adblock is probably a tiny operation that could be bought for $50k/year. No court order required to do that and since NSA keeps everything secret claiming 'National Security' no court would ever know if they'd bought off Adblock to help them track people. Even if they used it for domestic spying, they're trying to shut down whistleblowers and have their own staff under close surveillance now to try to prevent it.

I also wonder about Firefox. It has certificates that I do not trust as standard with no way of deleting them. Why would I trust Verisign at this point? I'd have to be a bleeding idiot to think they aren't in the NSA payroll, they're owned by Symantec FFS. Likewise Visa we already know hands over their transaction data. Yet Firefox has Visa as a valid root certificate! They have likely NSA conspirators on the root certificate list FFS!!

I have my doubts even about Open source browsers, that said, Epic is welcome, but I'll still be treating it as suspect.

Actually... (1)

Anonymous Coward | about a year ago | (#44775461)

You can delete them from within your profile. HOWEVER as soon as you update again it reinstalls them.

Rather annoying behavior, but it IS circumventable.

Hadn't noticed that they're now considered 'internal objects' however.

Re:What if NSA cash is sent to Adblock? (2)

hairyfeet (841228) | about a year ago | (#44775941)

Uhhhh...buying adblock would be as pointless as trying to "buy" Linux, there is already a dozen variations thanks to the source being out there. While I'm not a big fan of FOSS (since i think a lot of their so called "advantages" are built upon false premises) this is one thing they do have an advantage in, in that there really isn't any way to control any one project by buying it. If you are unsure of adblock there is adblock plus, one I think called "super adblock" or something like that, or if you want to go to the trouble you can do like old APK and mess with HOSTS or just run your own recursive DNS like I do, not hard to get blacklists of advertising servers these days.

As far as trusting Firefox? So don't, again not like you don't have options. There is Comodo Icedragon, Seamonkey, IceWeasel and Kmeleon, and those are just sticking with the gecko engine, if you were to add the Chromium engine you would have another half a dozen easy to choose from and then of course there are those that use their own engine like QTWeb (uses QT framework with Webkit from KHTML) or OffByOne. again no need to stick with something you aren't sure of, plenty of choices out there. Frankly if the NSA wants to follow you though they have access to the backbone, all the obfuscation in the world isn't gonna protect you from a MITM attack.

AdBlock's short of this (-1)

Anonymous Coward | about a year ago | (#44775791)

Not only what it blocks but also how much it does for you (far more than AdBlock):

---

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74 [start64.com]

---

Especially cached in RAM (w/ large hosts via kernelmode diskcache subsystem or w\ small ones via native faulty w\ larger hosts files dns OS cache service (usermode slower) - saves CPU & I/O (bonus)).

(Details +benefits hosts files provide are in link above)

* Hosts do FAR more than AdBlock ("souled-out" 2 GOOGLE & crippled by default) + Ghostery (Advertiser owned) - "Foxes guarding the henhouse", OR, Request Policy http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775 [slashdot.org] too.

Hosts add reliability vs. downed DNS & protect vs redirected DNS + secure vs. known malicious hosts-domains http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 [slashdot.org] w/ less added "moving parts" room for breakdown, complexity, "Less is more" = GOOD engineering.

Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious hosts-domains serving mal-content + block spam/phish links), reliability (vs. downed DNS or vs. Kaminsky vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's)

APK

P.S.=> "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

Since "They're not gonna stop..." - Dr. Robert Neville "I AM LEGEND"

"Someone asked him, 'why'. He said: 'The people who're trying to make this world WORSE, are not taking a day off - how can I?' Light up the darkness..." - Dr. Robert Neville from "I AM LEGEND"

...apk

Chrome? (3, Insightful)

J'raxis (248192) | about a year ago | (#44774653)

You're basing this on a browser made by one of the companies known to have been cooperating with the NSA every step of the way, including the latest revelations [theguardian.com] about said companies inserting backdoors into their products?

Sounds like a good idea to me.

Re:Chrome? (5, Informative)

Anonymous Coward | about a year ago | (#44774709)

Based off Chromium, not Chrome. The first is open source.

Re:Chrome? (1, Insightful)

Anonymous Coward | about a year ago | (#44774911)

And you've audited every line of Chromium code and every line of every library it uses?

Re:Chrome? (0)

Anonymous Coward | about a year ago | (#44775125)

Exactly. For something like this, I'd base my code off something small and understandable, as much as any browser can be. Chances are, if you care about privacy enough to use this over another browser, you aren't concerned with HTML5, fancy javascript (any javascript), etc. etc, so why even bother using them?

This project sounds about as reputable as Iron. If you want real privacy, use {elinks,links,lynx,w3m} or Dillo or something, so you can at least have a chance at scanning the relevant parts of the source and proving something to yourself.

Re:Chrome? (2)

liamevo (1358257) | about a year ago | (#44775169)

so concerned about privacy = doesn't care about keeping up to date with web technology?

"You whippersnappers with your javascript and your canvas! HTML 4.1 was fine for me, and we didn't use javascript back in my day! It was considered bad practice even!"

Re:Chrome? (3, Interesting)

hairyfeet (841228) | about a year ago | (#44776147)

Noooo but it DOES mean that a certain lie about FOSS must be faced the "many eyes" myth which is just that. Show of hands, how many here have actually done an extensive code audit of the latest Chromium source code? Firefox? Libre Office? What are your qualifications? Because the obfuscated C code contest shows you had better be DAMNED SKILLED to spot a malicious code insert, so how many years of security training do you have?

The myth, which common sense can disprove, is that because something CAN be done it HAS been done. Well there COULD be werewolves but I don't think I really need to keep a pocket full of silver bullets, do you? Projects like Chromium and Firefox can easily get into tens and even hundreds of thousands of lines of code and that code is constantly changing. Since you have ZERO way of knowing if the changes are malicious you would need to audit not ONLY the code itself but also all changes AND compare what those changes did to not only the area the change occurred but to the entire program, because after all we have seen nasties in the wild that were harmless by themselves but when combined with code from another pwned program allowed an attacker entrance to the system.

So now I hope that everyone can see why merely HAVING source code means nothing, because for it to mean anything you HAVE to have 1.- Security experts going over each and EVERY release with a fine tooth comb, 2.- Certifying that they have done so and its clean and 3.- be sure that said experts haven't been bought. The "many eyes" myth simply makes assumptions that are easily disproved and might have worked when the entire Linux source code could be handed over on a couple of floppies, when the kernel alone is over a million lines of code? Sorry but it just doesn't hold water folks.

Re:Chrome? (2)

Arker (91948) | about a year ago | (#44776189)

Yeah, look. Pat yourself on the back for being 'up-to-date' all you want but you are missing the point. You cannot have privacy and an ecmascript based substitute for the web, they are mutually exclusive. No matter what else you tighten up on the browser end, if your browser is required to trust the server it will be compromised in short order. This is not a matter of old vs new it's a matter of fundamental logic.

Re:Chrome? (1)

Em Adespoton (792954) | about a year ago | (#44776177)

Exactly. For something like this, I'd base my code off something small and understandable, as much as any browser can be. Chances are, if you care about privacy enough to use this over another browser, you aren't concerned with HTML5, fancy javascript (any javascript), etc. etc, so why even bother using them?

This project sounds about as reputable as Iron. If you want real privacy, use {elinks,links,lynx,w3m} or Dillo or something, so you can at least have a chance at scanning the relevant parts of the source and proving something to yourself.

Personally, I figure browser choice isn't too big of an issue... it's what you're using between your browser and your network that counts the most -- such as privoxy/tor.

Re:Chrome? (0)

Anonymous Coward | about a year ago | (#44775131)

No. Open Source means "it's source code is open for me to read" not "it's source is open and i must read it". Besides, i only pointed out it was Open Source, not trustworthy (even though if there was something fishy in there someone would probably point that out).

Re:Chrome? (2)

bill_mcgonigle (4333) | about a year ago | (#44775265)

and every line of every library it uses?

This is pretty important. Use the Fedora build of Chromium if you care about this. Tom "spot" Callaway has been fighting this battle for years - rebuilding Chromium with dependencies on system libraries, rather than private, stashed, local copies of libraries as it's wont to do.

Since we now know that the spooks pressure companies to put back doors into their products, if that happened with Chrome/Chromium, the smart place to do that would be, not in the main product code, which is the place most people will audit, but in the local modifications to libraries that are bundled, which might well be skipped by an audit.

Re:Chrome? (1)

Score Whore (32328) | about a year ago | (#44775827)

Ready to wet your pants? Think about this:

How do you know that Intel and AMD haven't included back doors in their processors that elevate a running thread to ring 0? (or -1?)

Re:Chrome? (1)

MacGyver2210 (1053110) | about a year ago | (#44775811)

Which, in my experience, means it's the same thing but less polished and stable.

My first experience with Chromium was running it on a fresh install of Ubuntu, and getting the window *STUCK* on my mouse pointer when I tried to drag it around. No matter what keys or clicks, it wouldn't stop following the mouse. Even after restarting X, it wouldn't go away.

Ended up having to reboot, then when it happened a second time, uninstall Chromium.

Re:Chrome? (3, Interesting)

poetmatt (793785) | about a year ago | (#44776017)

There's no browser company that doesn't have backdoors, including Mozilla. Whether willingly or not, well - only IE does it willingly.

What do you think encryption research from FIPS 140 is for? Gov't has been given the keys to OS-level encryption for over 8 years, now.

Re:Chrome? (0)

Anonymous Coward | about a year ago | (#44776109)

Ok genius, show me the Mozilla backdoor.

Why should I trust... (1)

Anonymous Coward | about a year ago | (#44774685)

...closed source browser

Re:Why should I trust... (0)

Anonymous Coward | about a year ago | (#44774875)

It's a fucking joke riding the NSA spy wave in search of suckers. One born every minute after all.

What about on the "Web" itself... (1)

flogger (524072) | about a year ago | (#44774689)

I can decript my data, use browsers to erase cookies, but without spoofing IP addresses, the websites know where I am accessing from and when I access the site. If I would then use a major email (instead of my own email server), then the NSA has their hands on my emails and any cloud stuff I save. Everything in the internet needs to be reworked for privacy, not just the browser...

Of course the The United Surveilla^H^H^H^H^H^H^H^H States Government is not going to let that happen.

Re:What about on the "Web" itself... (1)

h4rr4r (612664) | about a year ago | (#44775063)

That is what proxies are for, and things like tor.

Literally spoofing an IP will not work since it if does not match your network segment your provider is not going to route that traffic.

epic (0)

Anonymous Coward | about a year ago | (#44774695)

Oh how I despise the misuse of the word epic.

Re:epic (0)

Anonymous Coward | about a year ago | (#44774849)

I agree. It is an epic fail.

Private Browsing (1)

Kiaser Zohsay (20134) | about a year ago | (#44774697)

I have said for years that Private Browsing in Firefox is what Incognito Mode wants to be when it grows up. Looks like that is about to happen.

Re:Private Browsing (1)

Forbo (3035827) | about a year ago | (#44775819)

Excuse my ignorance, but can you elaborate on the differences?

Fail (2)

some old guy (674482) | about a year ago | (#44774699)

Things like this only serve to foster and spread an illusion of security and privacy. It may make life a little harder for the commercial maggots, but the government worms? You're as good as owned already.

If it has not already been compromised, by technology or force of law, it soon will be. Bet on it.

Proxies (0)

Anonymous Coward | about a year ago | (#44774715)

The trouble with proxies is the added latency.

Try this, go through a proxy and just try to post here on Slashdot - or even load the page.

I tried using proxies and I just got so many timeouts that it made the web unusable.

Re:Proxies (3, Insightful)

larry bagina (561269) | about a year ago | (#44775961)

Slashdot is a bad example -- they block (the banned pink page) many proxies and tor exit nodes. Some are read-only (no posting). They also intentionally throttle the response, intentionally and with their proxy detection code.

If slashdice cared about, well, anything, they would also run a {slashdot}.onion site as well.

Based on Chromium, not Chrome (5, Interesting)

spivster (1136769) | about a year ago | (#44774717)

The summary is incorrect. This browser is based on the open source Chromium, not Chrome, a subtle but important difference since Chrome has Google's extra tracking goodness. However, I have to wonder why they didn't start with Firefox, which is truly open source and not connected at all with Google, which has pretty much become the poster child of privacy invasion these days.

Re:Based on Chromium, not Chrome (2)

geminidomino (614729) | about a year ago | (#44774899)

I haven't looked at it in some years, but I suspect that, being a younger project, Chromium's codebase is a lot cleaner and easier to work with than Firefox's.

NB: It's in the nature of code to build up cruft. This isn't intended as an endorsement or insult to either group's coding or design styles and abilities.

Re:Based on Chromium, not Chrome (0)

Anonymous Coward | about a year ago | (#44775253)

You would think that, but Chromium has a hefty amount of cruft itself. It takes about three times as long for me to build chromium as for me to make a (mrproper'd!) Linux kernel, while Firefox can complete in a little under the kernel build time. I'm not sure what that says about code bloat to you, but it's a metric.

Re:Based on Chromium, not Chrome (1)

larry bagina (561269) | about a year ago | (#44776105)

It's the language, not the code. KHTML/WebKit/Chromium/Blink is c++. Compiling and optimizing, especially when templates are involved, is much more processor and memory intensive.

Re:Based on Chromium, not Chrome (1)

Desler (1608317) | about a year ago | (#44774935)

and not connected at all with Google

Other than Mozilla getting the vast majority of their funding by making the Google search engine the default?

"Poster child of privacy invasion" hyperbole (4, Insightful)

brunes69 (86786) | about a year ago | (#44774941)

Google is very upfront about what is collected and what they do with it and who they do and do not share what data with. As someone who actually follows this stuff closely and READS agreements and doesn't just rely on Slashdot hype, I am 100% comfortable with everything Google does and what they do with the data, and also with how hard they fight back against governments who want that data. Google doesn't sell your data to ANY third parties, they use it INTERNALLY for their own stuff. As such it is actually VERY private. The data you share with Google is a lot more private than the data you share with your telco or cable company or bank in this respect.

Compare this to Facebook or LinkedIn or even Twitter, who are NOT upfront about what is collected and shared, and who not only share data with governments, but ALSO 3rd party companies at will as part of their business models. As well as your bank, your telco, etc again - all of whom routinely sell client lists including names, addresses, and phone numbers.

Who is the poster child again?

Re:"Poster child of privacy invasion" hyperbole (0)

Anonymous Coward | about a year ago | (#44775029)

or even microsoft. a couple years ago, when yahoo and google threatened to pull out of china over censorship, microsoft never blinked and eye.

Microsoft has never made a fuss about collaberating with any and all governments of areas it does business with. When they bought skype the first thing they did was add centralized logging and tracking of all conversations, and allowed access for LE, and the NSA.

Re:"Poster child of privacy invasion" hyperbole (1)

UdoKeir (239957) | about a year ago | (#44775091)

Google is very upfront about what is collected and what they do with it

Except when that collection and disclosure is requested via a national security letter.

Re:"Poster child of privacy invasion" hyperbole (1)

Anonymous Coward | about a year ago | (#44775485)

That's why they're suing the US federal government to be able to release the data. As of right now, they're being told that if they release it, they will be prosecuted. The article [theguardian.com] for those who don't want to Google it.

Re:"Poster child of privacy invasion" hyperbole (0)

Anonymous Coward | about a year ago | (#44776159)

That's why they're suing the US federal government to be able to release the data. As of right now, they're being told that if they release it, they will be prosecuted. The article [theguardian.com] for those who don't want to Google it.

So then are you admitting or ignoring the fact that they've already compromised you?

Re:"Poster child of privacy invasion" hyperbole (1)

Anonymous Coward | about a year ago | (#44775417)

Ok Sergey, back to the Minecraft with you...

Re:Based on Chromium, not Chrome (1)

Anonymous Coward | about a year ago | (#44774979)

And your comment about Firefox and Google not being connected, is also incorrect:

http://www.pcmag.com/article2/0,2817,2398046,00.asp

Re:Based on Chromium, not Chrome (1)

GrBear (63712) | about a year ago | (#44775237)

Perhaps they wanted to build off a browser that doesn't crash all the time and has feature creep/bloat.

Re:Based on Chromium, not Chrome (1)

kthreadd (1558445) | about a year ago | (#44775581)

You can't build on Chrome since Chome is closed source.

Re:Based on Chromium, not Chrome (1)

phoebe (196531) | about a year ago | (#44776157)

Firefox isn't truly open source either, you are probably after IceWeasel if you want the Mozilla route.

Proxy ? (3, Interesting)

Jimpqfly (790794) | about a year ago | (#44774741)

Proxy is a nice option, except when you don't know where the Proxy is... Easy to implement a Proxy and have a look at users communications...

Re:Proxy ? (3, Informative)

emilv (847905) | about a year ago | (#44775215)

Indeed. And accessing using HTTPS isn't even guaranteeing anything in this browser since the proxy service and the browser is provided by the same party, so they can trivially add their own CA and sign certificates for whatever sites they want.

Re:Proxy ? (0)

Anonymous Coward | about a year ago | (#44775587)

Indeed, adding their own CA could even be given a rational explanation: They want to save the money it would cost to get a normal CA sign, and moreover connecting to the proxy will still work if you revoke any other CA (if they e.g. signed with Verizon, and you decided to not trust Verizon and remove the Verizon root certificate, connecting with the proxy would fail).

Oblig.. (2)

SuperCharlie (1068072) | about a year ago | (#44774755)

I'd try it..Linux pls..

Source available? (0)

Anonymous Coward | about a year ago | (#44774767)

So we're supposed to trust the company behind this browser, and the security of their web services? Can we at least build it ourselves from source?

Who would have thought... (3, Insightful)

StripedCow (776465) | about a year ago | (#44774775)

that computing in the 21st century would become so exciting?

Why another? (5, Interesting)

mwissel (869864) | about a year ago | (#44774793)

Sounds a lot like SRWare Iron* to me - that's a long existing Chromium-based fork altered for enhanced privacy.

At a first glance, I cannot make out any advantages of Epic over Iron. Aside from the removal of all user tracking which Chrome brings, they only provide a 1-click-proxy functionality. Which, if I used it, would leave me and my privacy at the mercy of an India based startup. Instead, I'd also rather suggest JAP** which is also long and well established.

So what am I missing that makes Epic Browser worth a Slashdot post?

[1] https://www.srware.net/en/software_srware_iron.php [srware.net]
[2] http://anon.inf.tu-dresden.de/ [tu-dresden.de]

Re:Why another? (1)

danheskett (178529) | about a year ago | (#44775021)

So what am I missing that makes Epic Browser worth a Slashdot post?

The founder of Slashdot sent it in.

Re:Why another? (1)

Anonymous Coward | about a year ago | (#44775075)

Or... I wasn't aware that any such browser project existed, and now I know of 3?

This seems exactly like the right topic for a Slashdot post to me...

Re:Why another? (1)

Anonymous Coward | about a year ago | (#44775109)

So what am I missing that makes Epic Browser worth a Slashdot post?

The founder of Slashdot sent it in.

Interesting that Washington Post is an investor:

http://epicbrowser.com/about_us.html [epicbrowser.com]

Doesn't Cmdr Taco work for the Washington Post?

Re:Why another? (1)

bill_mcgonigle (4333) | about a year ago | (#44775305)

So what am I missing that makes Epic Browser worth a Slashdot post?

EPIC is well-known in the electronic privacy realm and their actions are frequently a Slashdot topic.

Wait, this is the Electronic Privacy and Information Chromium, right? Because market-confusion among names would be pretty confusing.

Re:Why another? (0)

Anonymous Coward | about a year ago | (#44775347)

Of course, Slashdot posts are a rare and valuable resource!

Re:Why another? (1)

Stephen Gilbert (554986) | about a year ago | (#44776195)

Instead, I'd also rather suggest JAP** which is also long and well established.

Yes, with a long-established backdoor [wikipedia.org] for "crime prevention".

Where does the money come from? (3, Interesting)

kullnd (760403) | about a year ago | (#44774829)

From their page::

Epic like most browsers earns a commission on searches we drive. So the more you use Epic’s default search engine, the more you support Epic and our continued privacy efforts : - ) And best of all your searches always remain exceptionally private since they’re routed via a secure, encrypted connection over a proxy – so private by design when you use EpicSearch.me that we literally can’t know what you’re searching for nor anyone else. Ads and search results never include any personalized results or tracking of any sort and are only based on your search term and general geographical location.

So ... They get paid for searches they drive but those searches don't have any ads or tracking? Again, where does the money come from?

Re:Where does the money come from? (4, Informative)

Anonymous Coward | about a year ago | (#44774869)

Ads and search results never include any personalized results or tracking

So, ads yes, tracking no. Or in other words, what search engine ads were like before Google. Something relevant to exactly what you typed in, nothing more.

Or at least that's the claim.

What are you, twelve years old? (-1)

Anonymous Coward | about a year ago | (#44774885)

" If the corporations and governments are going to watch us, there's no reason to make it any easier for them."

What are you, twelve years old?

"the corporations"? The fuck is that? "governments"? I thought all you socialist morons loved you some government? You voted for Obama and the rest of the lot right? Then fuck right off, you support big government and support forcing it onto the rest of us, so fuck you and shut up and enjoy your tyranny.

Stupid fuckwad.

One process per tab? (0)

Anonymous Coward | about a year ago | (#44774891)

Really, a process?

Could I get fork bombed by visiting a website that opens two new tabs?

Thank you NSA and GCHQ (2, Informative)

jopet (538074) | about a year ago | (#44774897)

Closed source? Seems legit.

Re:Thank you NSA and GCHQ (0)

Anonymous Coward | about a year ago | (#44775003)

But CmdrTaco says it's good and he works for WaPo now so... ohhhhhhh. Never mind. I'll stick with carrier pidgeons; http://en.wikipedia.org/wiki/IP_over_Avian_Carriers

Re:Thank you NSA and GCHQ (0)

Anonymous Coward | about a year ago | (#44775369)

The Washington Post Company, mouthpiece of the United Surveillance of Amerika government, owns the Epic Browser company.

http://epicbrowser.com/about_us.html

This is a no go.

Turns out I am wrong ... (2)

jopet (538074) | about a year ago | (#44775065)

Chromium obviously is open source already, but they do plan to opensource their additions too.
So this could actually be the good stuff.

Privacy Theatre (0)

Anonymous Coward | about a year ago | (#44774921)

Because just as Security Theatre takes well intentioned measures which are ineffective, this product takes well intentioned measures which are ultimately ineffective. It is like building a garage and expecting this will hide your new Ferrari, while doing nothing whatsoever about the CCTV camera on public land across the street pointed right at the garage door... the moment you take it out on the street, the camera owner has a record of it.

Useless on a proxied LAN (1)

Peter Kingsbury (3046159) | about a year ago | (#44774923)

Epic is useless on a proxied LAN. Under Settings, Advanced Settings, Network, "Change proxy settings..." is disabled and a message indicates "Your network proxy settings are being mangaed by an extension". However, going over to Extensions yields the message, "Epic does not allow extensions for security & privacy reasons".

Cool but (2)

TheSkepticalOptimist (898384) | about a year ago | (#44774927)

While blocking cookies or ads are fine, once the data is sent out into the ether its going to be picked up an decrypted, no browser is going to stop that.

If you want privacy on the web, stop using the web.

Extentions in Epic (1)

slash.jit (2893213) | about a year ago | (#44774937)

I just gave Epic a try...

In Proxy settings it says "Your network proxy settings are being managed by an extension."
In Extensions link it says "Epic does not allow extensions for security & privacy reasons e.g. read this (right click and open in a new tab)"

So what extension is managing network proxy settings? I don't trust this browser any more than Chrome.

Nice but there is one problem (1)

aaaaaaargh! (1150173) | about a year ago | (#44774939)

a software product company founded by Alok Bhardwaj and based in Washington DC

In the "About Us" section of the web site. US-based, so it won't protect your privacy against the spooks (Patriot Act *wink* *wink*). Neverthless, it's nice to see more software made with privacy in mind.

I am unconvinced... (2)

geminidomino (614729) | about a year ago | (#44774943)

No source code, no verifiable improvement over SRWare Iron, and the company gets paid from...

Epic like most browsers earns a commission on searches we drive. So the more you use Epicâ(TM)s default search engine, the more you support Epic and our continued privacy efforts : - ) And best of all your searches always remain exceptionally private since theyâ(TM)re routed via a secure, encrypted connection over a proxy â" so private by design when you use EpicSearch.me that we literally canâ(TM)t know what youâ(TM)re searching for nor anyone else. Ads and search results never include any personalized results or tracking of any sort and are only based on your search term and general geographical location.

by tying in to the industry that is even more hostile to the concept of user privacy than the USGov...

Thanks, but I'll pass.

I LIKE OUR GREEK GIFT !! (0)

Anonymous Coward | about a year ago | (#44774959)

Allow us to bring it inside the gates !! Make haste !!

Their own proxy! (1)

brillow (917507) | about a year ago | (#44774963)

What will keep a NSL from telling them to give the NSA the key's to their proxy?

Feedback (5, Interesting)

danheskett (178529) | about a year ago | (#44774987)

#1 - The installation process is as crappy as Google's. Namely, download a stub, then download the whole thing. It looks like you are using Rackspace's CDN, which is powered by Akiami, which is not very privacy friendly. Improvement is to allow users to download the entire installation package as a non-executable, extract, and then install or run from the extracted directory.

#2 - The proxy is not transparent. Hard to find out where it even goes. Have to dig in the FAQ.

#3 - Must have source and repeatable build process. Trust doesn't work, it is the enemy of security. Transparency works, it is the friend of security.

#4 - Some of the configuration options look like you just searched/replaced Google/Chrome for Epic. What does sign into Epic mean? Where are you signing into? At least with Chrome we know what we are signing into.

Epic browser is not epic browser - or used to be (0)

Anonymous Coward | about a year ago | (#44775013)

According to Wikipeida Epic ( http://en.wikipedia.org/wiki/Epic_(web_browser) ) is a gecko based browser and does not aim at privacy .. but now it's chromium based privacy browser (both are said to use epicbrowser.com) ? somethings weird.

Open Source? (0)

Anonymous Coward | about a year ago | (#44775025)

When, if ever, will the source for Epic be published? And under what license?

Privacy is based on trust (1)

mistapotta (941143) | about a year ago | (#44775073)

You either trust Google with your data, and use their services, or you don't. Same with Facebook, et. al. If you're using this browser, you're trusting this company that they're doing what they say. Maybe you'll peruse the OS code, maybe not. But it's still who and how much you trust. Ultimately, if you want better privacy than what's out there, you need to roll your own browser. Find an open-source project you like, put the features you want in it, take the features you don't want out of it, and go on your merry way.

Fixing the wrong problem (1)

Junior J. Junior III (192702) | about a year ago | (#44775097)

A privacy-focused browser is fine as far as it goes, but the problem is more with the network transporting data insecurely, and on the server side, where you put your trust into faceless entities that have their own interests at heart, not yours. So I don't see this helping much, if at all.

it's a good idea (0)

Anonymous Coward | about a year ago | (#44775119)

The problem so far with privacy and no-tracking solutions is that they are usually individual plugins that may require configuration. For the average person, even one with technical know-how, it seems onerous to install these add-ons on all devices and make sure that they are up-to-date or whatever. It will be nice when someone bundles them with sensible defaults alongside a browser as a distro. This is an exaggeration but it's like we are still in the slackware/SLS Linux days and no one has come around with Ubuntu yet

chaff (0)

Anonymous Coward | about a year ago | (#44775127)

Instead of blocking, we should just write a browser that is constantly browsing random shit in the background - your session is just sandwiched into a flood of other data. Bonus for filling up the buffers / taps / storage arrays of the listeners with junk. If they want to read what we do, let them choke on it.

Where is the source code??? (0)

Anonymous Coward | about a year ago | (#44775199)

just asking...

Epic fail (4, Funny)

Taantric (2587965) | about a year ago | (#44775261)

It is being made by an American company. Rest of the world does not and should not trust you anymore.

NSA: Hey Epic Exec, insert this complied module into your app
Epic Exec: Go fuck yourself NSA. We are all about protecting users here
NSA: I see. I also see that you visited a gay bar in SF last week and Boston the week before. Are you going to tell your wife and children or should we?
Epic Exec: Oh I see you are talking about National Security. Why didn't you say that before? Here at Epic we are loyal Murcans and we will be happy to help anyway we can.
NSA: That's a good bitch. Next time roll over and show your belly faster or else.....

fool me once (2)

stewsters (1406737) | about a year ago | (#44775351)

Post the source.

No user-agent masking and uncommon choice (1)

gowmc (457451) | about a year ago | (#44775477)

Tried Epic out for myself. Looks nifty, but clearly not polished yet. Biggest issue is that it still leaks all the data from the user-agent and plugins. Disabling the plugins helped, but I had an even more unique user-agent string than normal. Seems like this should be near the top of the list for a privacy browser, but they don't even mention it on their site, at least from a cursory browse. Tested at https://panopticlick.eff.org

Pointless (0)

Anonymous Coward | about a year ago | (#44775511)

HAHA! Yeah, Good luck there. With the NSA having cracked every conceiveable protected system on the internet, you really think someone will come up with something uncrackable or secure? HA!

Which is it? (1)

Reliable Windmill (2932227) | about a year ago | (#44775717)

Is it based on Chrome or Chromium? Is that not an important distinction to make?

No source? (1)

GodWasAnAlien (206300) | about a year ago | (#44775823)

Chromium is at least open source.

Can I opt out of slashvertisements?

Cmdr Taco should find another job (0)

Anonymous Coward | about a year ago | (#44776085)

This Epic Browser only has the appearance of privacy, without it being actually safe. In that sense, it is s more harmful than using a regular browser. With a FF or Chrome or Chromium or Opera or ...., people will at least consciously take steps to ensure some privacy even if they don't succeed.

Is this some NSA trojan or what ?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>