March 30, 2011

Revising Top Tip #2 - Use another browser!

It's been a long time since I wrote up my Security Top Tips, and things have changed a bit since then. Here's an update. (You can see the top tips about half way down on the right menu block of the front page.)

Since then, browsing threats have got a fair bit worse. Although browsers have done some work to improve things, their overall efforts have not really resulted in any impact on the threats. Worse, we are now seeing MITBs being experimented with, and many more attackers get in on the act.

To cope with this heightened risk to our personal node, I experimented a lot with using private browsing, cache clearing, separate accounts and so forth, and finally hit on a fairly easy method: Use another browser.

That is, use something other than the browser that one uses for browsing. I use Firefox for general stuff, and for a long time I've been worried that it doesn't really do enough in the battle for my user security. Safari is also loaded on my machine (thanks to Top Tip #1). I don't really like using it, as its interface is a little bit weaker than Firefox (especially the SSL visibility) ... but in this role it does very well.

So for some time now, for all my online banking and similar usage, I have been using Safari. These are my actions:

  • I start Safari up
  • click on Safari / Private Browsing
  • use google or memory to find the bank
  • inspect the URL and head in.
  • After my banking session I shut down Safari.

I don't use bookmarks, because that's an easy place for an trojan to look (I'm not entirely sure of that technique but it seems like an obvious hint).

"Use another browser" creates an ideal barrier between a browsing browser and a security browser, and Safari works pretty well in that role. It's like an air gap, or an app gap, if you like. If you are on Microsoft, you could do the same thing using IE and Firefox, or you could download Chrome.

I've also tested it on my family ... and it is by far the easiest thing to tell them. They get it! Assume your browsing habits are risky, and don't infect your banking. This works well because my family share their computers with kids, and the kids have all been instructed not to use Safari. They get it too! They don't follow the logic, but they do follow the tool name.

What says the popular vote? Try it and let me know. I'd be interested to hear of any cross-browser threats, as well :)

A couple of footnotes: Firsly, belated apologies to anyone who's been tricked by the old Top Tip for taking so long to write this one up. Secondly, I've dropped the Petnames / Trustbar Top Tip because it isn't really suitable for the mass users (e.g., my mother) and these fine security tools never really attracted the attention of the browser-powers-that-be, so they died away as hobby efforts tend to do. Maybe the replacement would be "Turn on Private Browsing?"

Posted by iang at March 30, 2011 01:54 AM | TrackBack

Someone I know (not me, really!) uses Opera as his "PDB" - porn-dedicated browser. All other, less-risky browsing happens via Chrome

Posted by: Tim at March 30, 2011 08:17 AM

I've been using firefox with "-P personality -no-remote" ... aka having different firefox personalities opened simultaneously ... the "-P" allows for totally different browser personalities (different folder/directory, histories, caches, options, features, etc) ... the "-no-remote" gets firefox to open multiple different personalities concurrently.

Posted by: Lynn Wheeler at March 30, 2011 08:29 AM

In general, you want to use different engines (webkit vs. firefox vs. ie) for your browser, stored in two different profiles.

Or even better, use a livecd for your privacy-desiring, risky browsing, and use something else for your personally identified browsing.

Even better, use different virtual machines. Today's hardware is easily capable of running 2-3 virtual machines. I run one VM for personal stuff, encrypted to death, secure, etc. One VM for potentially risky things. One VM for playing around and experimenting.

Yes, the risk is that if the VM's can be broken through to the host OS, I lose everything. However, I'll take that risk at this point. It also makes upgrades easier, I can just copy the VM files somewhere, upgrade the host, and put them back.

Or when crossing borders, I can just download the VM file and have a fully functional environment overnight.

Posted by: Wilfredo Lewis at March 30, 2011 11:29 AM


It is a sensible thing to do bassed on the way most browsers are written (ie with little or no security).

A point I've been making for sometime is that browsers should support multiple "roles" concurrently and securely.

If people are unfamiliar with the notion of "roles" in this respect, think of it multiple identities, thus you have the identity that is "bank customer" the identity that is "gmail user" the identity that is "hobby 1" etc etc.

None of these roles define an individual uniquely and importantly they should be entirely seperate from each other.

As many people have found trying to be multiple roles in a standard web browser at the same time is a big security risk because the browser does not maintain sufficient segregation of the roles, thus information leaks from one role to another without the user being able to effectivly control it.

Using two browsers mearly enforces this segregation not at the poorly implemented apps level but at the stronger OS level. As has been noted you could go further with Virtual Machines etc.

Personaly I think it's high time the browser designers and writers sorted their act out on "roles" and how they should be implemented effectivly and securely.

(just my 5cents worth ;)

Posted by: Clive Robinson at March 30, 2011 01:44 PM

Hi Ian,

Completely agree, I have been doing so for quite a while, also to separate out some pseudonyms and alter ego's. It's quite sensible to do.

Posted by: Anon at March 30, 2011 06:31 PM

I've been doing the same thing for a couple of years, now, using Safari for sites which require that cookies be turned on, and Firefox for everything else. But, then, I'm also using a Mac, which helps, too.

Posted by: Blanc at March 30, 2011 06:43 PM

I did the two browser thing in the distant past for security, and maybe once or twice in the effort to get a "free trial period" more than once, shareware apps... But I don't bother anymore, and here's why: I don't have credit and never had credit and don't plan to, in the future because I hate banks with a visceral passion. I have hated banks all my life; we were taught as children... so I saved my paychecks and bought my house with cash. That kind of thing. I haven't had more than $1000 in many years. I live a hand-to-mouth existence. So, I don't have much at stake in the bank, and I don't care if somebody steals money from the bank in my name anyway. (so-called "´dentity theft", a PR term to fool the public as if the thief were stealing from the accountholder.)

Regarding privacy, it's really just another word for deceit and secrecy, and self-hate for ones sexual practices and other natural aspects of one's characters. I admit that I still have some twinges of embarrassment or fear when talking about some of these things but assure you, they're much less than when I was younger. I honestly wouldn't care if they published the list of my favorite porn sites on the front page of the newspaper along with videos from my web cam of what I'm doing at the time, so, why would I care about a secure browser? I guess, to protect myself from lunatic christians or white supremacist terrorists etc. of the sort who shot Larry Flynt,

If we'd all stop living in fear and confront the aggressors, the world would be a safer place,


Posted by: Todd at March 30, 2011 07:39 PM

Salutations Ian,

I found the post interesting, and look forward to manipulating my family into following your suggestions as well.

I have 2 questions for you:
1. Is there a 'better' browser?
2. I like my bookmarks, would it be safe to keep them on a specific browser segregated for the task?


Posted by: Pandora at April 7, 2011 07:22 PM
Post a comment

Remember personal info?

Hit preview to see your comment as it would be displayed.