
Introducing WhiteHat Aviator – A Safer Web Browser - raybeorn
https://blog.whitehatsec.com/introducing-whitehat-aviator-a-safer-web-browser/
======
tptacek
This is a browser built on Chromium. Where is its source code? Is this a
_closed-source_ wrapper around Chromium?

 _Later: Answer:
Yes.[https://twitter.com/jeremiahg/status/392335814048247808](https://twitter.com/jeremiahg/status/392335814048247808)
_

~~~
reginaldjcooper
I am doing a double-take as well.

It seems like closed-source is antithesis to "designed for the every day
person who really values their online security and privacy."

~~~
true_religion
I think the key word there is 'every day person', which for most non-technical
people means that they trust someone has looked after the problem, and may
actually feel safer by paying someone to do so.

~~~
vezzy-fnord
The placebo effect does not really apply to software, though.

~~~
recursive
How can you be so sure?

~~~
vezzy-fnord
At least for one, it is so much easier to break the placebo.

------
beaker52
If I got an email from george@avoid416scam.com claiming to protect my bank
account from 416 scams for free if I give him access to my bank account, I'd
be suspicious.

Instead I got a website from whitehatsec.com claiming to provide me a more
secure web browser for free, claiming it's perfectly safe to put in my bank
account info into it.

Won't touch it with a barge pole. My spidey sense is tingling for one reason
or another.

~~~
eCa
But with Chuck Norris [1] on the board, how bad can it be?

[1]
[https://www.whitehatsec.com/abt/board.html](https://www.whitehatsec.com/abt/board.html)

------
fnbr
I find it incredible that someone would publish a web browser claiming to be
safer:

a) without publishing the source code, and

b) acting surprised when people don't trust it.

Seriously, what was @jeremiahg thinking?

------
shuzchen
"And yet not a single browser vendor offers ad blocking, instead relying on
optional third-party plugins, because this breaks their business model and how
they make money.".

I'm actually happy when browsers keep their core features as lean as possible
and instead do the work that enable plugin creators to create functionality.
More true for ad-blocking, where you want the plugin to be updated more often
than the browser itself (e.g., for newer lists, new techniques for detecting
ads).

~~~
throwaway9101
Adblock plugins slurp down new lists without updating the plugin code itself.
Newer techniques, sure, but I don't think ABP's release cycle is substantially
faster than Firefox's.

------
everettForth
How does this make any sense?

" As the adage goes, “If you’re not paying for something, you’re not the
customer; you’re the product being sold.” Browsers are no different,

...

WhiteHat Security has no interest or stake in the online advertising industry,
so we can offer a browser free of ulterior motives. What you see is what you
get. We aren’t interested in tracking you or your browsing history, or in
letting anyone else have that information either."

~~~
Mikeb85
And with Chromium or Firefox we can see the source code and know for sure....

------
saejox
Totally downloading because a wordpress page with binary download link is the
safest/private thing i can think of.

~~~
rada
Registered through GoDaddy, no less:

[http://whois.net/whois/whitehatsec.com](http://whois.net/whois/whitehatsec.com)

------
TruthSHIFT
_“If you’re not paying for something, you’re not the customer; you’re the
product being sold.”_

I was hoping that this was something I could pay for. It's still a free web
browser.

~~~
CrankyPants
Noticed the same thing.

I hope they're more careful with their software design and monetization plan
than they were with that announcement. And at some point they should probably
address that it's still an advertisement–for their services.

------
glomph
Something actually interesting in the space of a safer web browser:
[http://goto.ucsd.edu/quark/](http://goto.ucsd.edu/quark/)

~~~
officialjunk
Do you use this?

~~~
glomph
No. It is interesting as a concept though.

------
pyalot2
Proprietary "safer" web browser. Yeah right.

------
webwanderings
Never heard of this company before, not sure what to think of their blog post
announcing the availability of this browser. If I'm not mistaken, one can
pretty much configure any browser to do what they have identified done in
their browser, unless there's more.

------
davidgerard
Best comment:

"Closed Source: Check Potential GPL license violation: Check Random
“whitehate” company using wordpress to host website: Check. Maybe it’s just
me, but unless I see the source, I wouldn’t touch this with even a virtual
machine."

------
cmiles74
I would imagine the target market consists solely of those who have already
contracted with this company.

------
clienthunter
Am I only the only one who worries what the repercussions of an ad-blocking-
by-default browser getting market share might be?

 _" Facebook, sign up now for only $4 a month..."_

 _" You have 12 tweets left. Why not top up now?"_

~~~
grncdr
I personally would love to see both of those changes, as they'd force people
to place some value on such distractions.

\- a confessed twitter addict

~~~
clienthunter
Give me your twitter password and I'll lock you out, then write you an app
that only lets you tweet after solving a soduku.

------
lloyddobbler
_" We strip out referring URLs across domains to protect your privacy"_

Which makes it even more interesting that they're using Google Analytics to
track visitors and sources on their site.

------
webjunkie
Oh yeah, really long text and then an inviting "click here" at the end. That
is neither the best usability nor SEO-friendly in any way.

------
0x0
I wonder how diligently updates will be handled. Do the authors have access to
all the restricted/confidential security chromium bug reports, and will they
be able to push out updated binaries the same second chrome does? Otherwise
this could quickly end up leaving users visibly exposed to otherwise-well-
known future vulns.

------
jeremiahg
What’s the Difference between Aviator and Chromium / Google Chrome?
[https://blog.whitehatsec.com/whats-the-difference-between-
av...](https://blog.whitehatsec.com/whats-the-difference-between-aviator-and-
chromium-google-chrome/)

------
tosbourn
I have been using this for a short while and wrote them thoughts down:

[http://tosbourn.com/2013/10/development/review-whitehat-
avia...](http://tosbourn.com/2013/10/development/review-whitehat-aviator/)

------
drill_sarge
Just Install Firefox (or Chromium, not Chrome) and install some extension and
you have the same from a much more trustworthy source.

