Results 1 to 8 of 8
  1. #1
    Bronze Lounger
    Join Date
    Apr 2001
    Location
    Peterborough, Ontario, Canada
    Posts
    1,450
    Thanks
    0
    Thanked 1 Time in 1 Post
    Many or most of us have more than one browser available to us at any given time. An interesting proposition that I heard on the radio is that a user might dedicate one to significant transactions, such as bank transactions, and it would have all (or most) of the conventional add-ons and doodads removed, so as to maximize security. The user then might use a different browser, with as many add-ons as he or she likes (but presumably with full security enabled) for general browsing, complete with automatic logons for familiar sites (hem hem) and that sort of thing.

    I would be interested to hear from any of the security mavens about such ideas, with practical suggestions. (This may already be ancient history, but I hadn't heard of it until now.)

  2. #2
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    One reason to use different browsers is that it should protect you from cross-site and history exploits launched by an attack site during the same session. In a cross-site exploit scenario, a different window or tab extracts data from the window or tab with sensitive data. A history exploit involves mining the browser cache (which explains why many bank and credit card sites recommend you close the window or even the browser after logging out). Because both types of attack are (unless there is a problem with the OS) limited to the browser in which they are running, the separate browser should be unaffected.

    "Bad" add-ons also could be a factor. In Firefox you can create a separate profile without the themes, extensions, bookmarks, etc., in your main profile. However, I think plugins might be shared between them (e.g., Flash player).

  3. #3
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,188
    Thanks
    47
    Thanked 983 Times in 913 Posts
    If your "not so secure" browser manages to introduce malware to your PC. the "secure" browser will no longer be secure. Stick to a good AV/firewall program and be careful what you visit / run.

    cheers, Paul

  4. #4
    Bronze Lounger
    Join Date
    Apr 2001
    Location
    Peterborough, Ontario, Canada
    Posts
    1,450
    Thanks
    0
    Thanked 1 Time in 1 Post
    Quote Originally Posted by P T View Post
    Stick to a good AV/firewall program and be careful what you visit / run.

    cheers, Paul
    I believe that this condition was required for any and all browsers. What is being sought is something that exceeds this minimum.Your exhortation to 'be careful what you visit / run' is the point of the exercise: we want one browser for the riskier stuff, and a better-protected browser for the sensitive stuff.

  5. #5
    Lounger
    Join Date
    Jun 2010
    Location
    A Texas State of Mind
    Posts
    44
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I always do my online banking on my linux boxes, and many banks are now suggesting using a linux live cd in the pc to do their banking, in effect sandboxing the sessions by use of the live cd. Have seen several good articles on it lately. Since live cd's are free and easily available, either by downloading and burning the iso or picking up a linux magazine that contains a free cd inside or ordering one online, it is an easy thing to try it out.
    http://blogs.computerworld.com/15815...online_banking
    http://voices.washingtonpost.com/sec...e_bank_on.html
    http://voices.washingtonpost.com/sec..._down_non.html
    registered Linux user:476595

  6. #6
    Bronze Lounger
    Join Date
    Apr 2001
    Location
    Peterborough, Ontario, Canada
    Posts
    1,450
    Thanks
    0
    Thanked 1 Time in 1 Post
    Quote Originally Posted by R-C View Post
    I always do my online banking on my linux boxes, and many banks are now suggesting using a linux live cd in the pc to do their banking, in effect sandboxing the sessions by use of the live cd. Have seen several good articles on it lately. Since live cd's are free and easily available, either by downloading and burning the iso or picking up a linux magazine that contains a free cd inside or ordering one online, it is an easy thing to try it out.
    http://blogs.compute..._online_banking
    http://voices.washin...re_bank_on.html
    http://voices.washin...d_down_non.html
    I didn't hear any O/S being mentioned, but given the links you offer this is almost certainly the source (or principle) that I heard of on the radio. It looks like a very nifty little trick to have available.

  7. #7
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,188
    Thanks
    47
    Thanked 983 Times in 913 Posts
    If you want to use a sandboxed app I recommend you use it for the risky stuff, then your computer will not be infected if the browser is. Either way you can make a mistake and use the wrong one in the wrong place.

    cheers, Paul

  8. #8
    New Lounger
    Join Date
    Feb 2010
    Location
    Phoenix, AZ
    Posts
    10
    Thanks
    0
    Thanked 1 Time in 1 Post
    I use a Linux Live CD for all my banking and any other site that requires personal information.

    I have been using the Live CD for well over a year now with no problems.

    I have taken it a step further and put the live cd on to a write protected usb flash drive
    and now use that to boot from. Boot and load time is significantly increased.
    I'm using the Ubuntu Live CD version 9.04
    Asus H170 Motherboard, 16gb of memory, Intel 6700K cpu, Mac OSX Sierra on Virtual Box and VMware, 4 SSD's.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •