Comments: Revising Top Tip #2 - Use another browser!

Someone I know (not me, really!) uses Opera as his "PDB" - porn-dedicated browser. All other, less-risky browsing happens via Chrome

Posted by Tim at March 30, 2011 08:17 AM

I've been using firefox with "-P personality -no-remote" ... aka having different firefox personalities opened simultaneously ... the "-P" allows for totally different browser personalities (different folder/directory, histories, caches, options, features, etc) ... the "-no-remote" gets firefox to open multiple different personalities concurrently.

Posted by Lynn Wheeler at March 30, 2011 08:29 AM

In general, you want to use different engines (webkit vs. firefox vs. ie) for your browser, stored in two different profiles.

Or even better, use a livecd for your privacy-desiring, risky browsing, and use something else for your personally identified browsing.

Even better, use different virtual machines. Today's hardware is easily capable of running 2-3 virtual machines. I run one VM for personal stuff, encrypted to death, secure, etc. One VM for potentially risky things. One VM for playing around and experimenting.

Yes, the risk is that if the VM's can be broken through to the host OS, I lose everything. However, I'll take that risk at this point. It also makes upgrades easier, I can just copy the VM files somewhere, upgrade the host, and put them back.

Or when crossing borders, I can just download the VM file and have a fully functional environment overnight.

Posted by Wilfredo Lewis at March 30, 2011 11:29 AM

Ian,

It is a sensible thing to do bassed on the way most browsers are written (ie with little or no security).

A point I've been making for sometime is that browsers should support multiple "roles" concurrently and securely.

If people are unfamiliar with the notion of "roles" in this respect, think of it multiple identities, thus you have the identity that is "bank customer" the identity that is "gmail user" the identity that is "hobby 1" etc etc.

None of these roles define an individual uniquely and importantly they should be entirely seperate from each other.

As many people have found trying to be multiple roles in a standard web browser at the same time is a big security risk because the browser does not maintain sufficient segregation of the roles, thus information leaks from one role to another without the user being able to effectivly control it.

Using two browsers mearly enforces this segregation not at the poorly implemented apps level but at the stronger OS level. As has been noted you could go further with Virtual Machines etc.

Personaly I think it's high time the browser designers and writers sorted their act out on "roles" and how they should be implemented effectivly and securely.

(just my 5cents worth ;)

Posted by Clive Robinson at March 30, 2011 01:44 PM

Hi Ian,

Completely agree, I have been doing so for quite a while, also to separate out some pseudonyms and alter ego's. It's quite sensible to do.

Posted by Anon at March 30, 2011 06:31 PM

I've been doing the same thing for a couple of years, now, using Safari for sites which require that cookies be turned on, and Firefox for everything else. But, then, I'm also using a Mac, which helps, too.

Posted by Blanc at March 30, 2011 06:43 PM

I did the two browser thing in the distant past for security, and maybe once or twice in the effort to get a "free trial period" more than once, shareware apps... But I don't bother anymore, and here's why: I don't have credit and never had credit and don't plan to, in the future because I hate banks with a visceral passion. I have hated banks all my life; we were taught as children... so I saved my paychecks and bought my house with cash. That kind of thing. I haven't had more than $1000 in many years. I live a hand-to-mouth existence. So, I don't have much at stake in the bank, and I don't care if somebody steals money from the bank in my name anyway. (so-called "īdentity theft", a PR term to fool the public as if the thief were stealing from the accountholder.)

Regarding privacy, it's really just another word for deceit and secrecy, and self-hate for ones sexual practices and other natural aspects of one's characters. I admit that I still have some twinges of embarrassment or fear when talking about some of these things but assure you, they're much less than when I was younger. I honestly wouldn't care if they published the list of my favorite porn sites on the front page of the newspaper along with videos from my web cam of what I'm doing at the time, so, why would I care about a secure browser? I guess, to protect myself from lunatic christians or white supremacist terrorists etc. of the sort who shot Larry Flynt,

If we'd all stop living in fear and confront the aggressors, the world would be a safer place,

Todd

Posted by Todd at March 30, 2011 07:39 PM

Salutations Ian,

I found the post interesting, and look forward to manipulating my family into following your suggestions as well.

I have 2 questions for you:
1. Is there a 'better' browser?
2. I like my bookmarks, would it be safe to keep them on a specific browser segregated for the task?

Pandora

Posted by Pandora at April 7, 2011 07:22 PM
Post a comment









Remember personal info?






Hit Preview to see your comment.
MT::App::Comments=HASH(0x55af809a3c60) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/Object.pm line 125.