You are not logged in.
First I'd like to thank everyone on the epic team for producing a browser one can have confidence will protect their privacy and security. This fills a critical public need.
I see a number of posts by individuals lobbying to include their favorite extension because "this one extension" is so useful. To begin that path is a mistake in my opinion. Right now epic is receiving positive visibility precisely because the security and privacy is comprehensive and automatic. To achieve the security users don't need to understand the underlying technology or complex browser settings. Users can "trust" that it will protect their privacy.
If you begin including extensions you risk epic becoming like many other browsers with questionable security and potentially losing the trust that differentiates epic from the rest. And in security products is trust is paramount.
To those that want to add extensions with its associated risk I would add that security, privacy and convenience are often on opposite sides of the design spectrum and achieving effective security may mean some extra effort is involved. If convenience and modest security is what you're looking for there are plenty of those browsers to choose from.
Thanks again to the epic team. I look forward to seeing the Linux version.
Offline
Thanks - great thought!! Great that we're hearing some support for no extensions.
I also agree that we need to err on the side of privacy/security rather than features.
We're investigating allowing only a few very private extensions at this point - and are leaning towards that but will reveal more as we investigate the specific extensions we're considering.
We at this point are against a wholesale-allowing of extensions as it would be too easy for privacy/security to be compromised.
Keep sharing your thoughts here. Epic belongs to the community & we need to have thorough discussions particularly on changes that involve serious privacy risks.
Offline
I agree with publicservice100, Epic should not become like any other browsers and put convenience in front of security. And it's true that achieving effective security may require some extra effort. That's why it's important to make people realize the impact of their choice.
Nowadays if your are on internet and you start being concerned about your privacy, your should look around and start understanding what behavior might compromise it. I believe epic browser is for that kind of people. You cannot enforce privacy, people need to understand what it implies to have privacy on internet. That's were I disagree with publicservice100; If someone start to use and "trust" Epic and believe that now he can do anything he want because he use a safe browser, there is a problem. Any technology, as good as it can be, will never be more powerful than education.
Anything that you do on internet can be public and should be considered public! People need to understand that online actions have an real impact.
Epic is for me a tool more than a solution to privacy problem.
Now I agree that making my parents understand the importance of online privacy will be a huge task
Idealy if we could have a native implementation of the requested applications (like NoScript for instance) that would be more than I could ask for. But it put a lot of pressure on the epic team…
Side note : I really appreciate the reactivity of the Epic team on the forum !
Offline
Hi Gwakamol - great thoughts & thanks for your support!! Let us know how convincing your parents works. We built Epic to make it an easy-download+install for anyone like your parents to get a private browsing experience.
We're working to provide as much convenience as other browsers provide, but with privacy -- but it's going to take some time! In the meantime, it's important that everyone know that privacy is important and have a choice -- that's what we feel.
Offline
I offer my support as well. Privacy > Features.
Last edited by twelph (2013-09-26 09:36:03)
Offline
Well but isn't no extensions only an option if the useful pro-privacy, pro-security function of extensions as Requestpolicy or NoScript is provided?
After all, I use a browser to access the internet, and many things are only accessible if I allow SOME scripts, cross-domain-requests etc.
Indeed, not using the computer will protect your privacy, but I don't want to commit the perfect crime, I just want to be in control of what information about myself I make public.
Last edited by this (2014-01-08 11:02:21)
Offline
About chrome extensions see the link below. It is only the tip of the iceberg.
http://blogs.wsj.com/digits/2014/01/19/ … ad-uproar/
Offline
I vote do not enable user extensions in the Epic. Thanks!
Offline
The positive side of no extensions is of course privacy. The negative side is definitely the higher percentage of folks not interested in Epic browser due to not having that option. I for one like the idea, however Epic needs to get the balance right so how about the developers creating extensions exclusivly for Epic with a code of privacy built-in.
I like the use of spell checkers which for me is a must (not that am that bad at spelling) and I use three languages in my everyday browsing/emailing etc. Just an example of extensions which will be important to many.
Offline
I fully agree with Rockman no extensions if you want them use the other browsers I want to
keep my browsing and details private.
Offline
The only extension I miss is a spelling checker. Couldn't that be something hosted locally though?
But I also vote against allowing extensions. We are already strugging to keep the IP masked - adding extensions will only dilute those efforts.
Offline
A couple thoughts on this: if you're not going to allow extensions, don't use the standard Chrome preferences page that has a link for "Advanced font settings" that says explicitly it requires an extension.
On the other hand, I think it would be great if the Epic folks could certify extensions as safe and sign them with a private key. Then include the public key in the browser to decrypt the extension when installing it. Not all extensions compromise security, but I would prefer to let the experts decide which ones are safe.
Offline