Re: a bare-bones web browser that has no JavaScript
@Charles 9 What in the name of satan is your ultimate purpose with this 'ultra-secure' web browser? Real life security is a trade-off between convenience and being more secure. If you have specific planned activities for this type of web-browsing, that changes the goal posts.
Firstly I'd be more skeptical about a browser software connecting to today's public internet that was last updated in 2006.
If you're that paranoid, just switch to Qubes OS where every application window can basically can be it's own "VM / sandbox" to be destroyed and re-created at whim.
For regular everyday browsing, I think most would be more happy with a modified Firefox using Ublock Origin, HTTPS Everywhere (not in FF add-ons, visit eff.org/https-everywhere ) and NoScript. The NoScript project is the most interesting, is now a "security suite" I've been using for happily 6 years. It takes the whitelist approach, so everything is gets blocked first, then you choose which sites you trust to enable individually. Nearly every site you visit will be broken at first, due to the high dependency on Javascript of the modern internet just to display text/images properly, so you will have to fiddle with enabling sites to get it right. Rarely do you have to enable all the sites with Java/javascript/Flash elements, and many ads get blocked in the process. My whitelist today is a baby years in the making.
But what if you're a budding druglord kingpin trying to get your empire off the ground, and are just worried about that pesky NSA finding your whereabouts? Stick to a series of VPN's, TOR, disable all cookies forever, and worry obsessively about DNS leaks. Put all this on a burner laptop wiped with your favorite flavor of penguin, and no links or credentials to any of your personal resources.
And if your evil genius doomsday plan requires the utmost security to prevent your volcano lair from being discovered, wipe your burner laptop with Qubes and do all of the above.
Biting the hand that feeds IT
