Slashdot Mirror
'Extreme Security' Web Browsing
Sarah S writes "The application security researcher Jeremiah Grossman described to CSO magazine how he takes extreme measure to stay safe online. The simplest tip he uses: two separate browsers: 'One, which he calls the 'promiscuous' browser, is the one he uses for ordinary browsing. A second browser is used only for security-critical tasks such as online banking. When Grossman wants to do online banking, he closes his promiscous browser, opens the more prudish one, and does only what he has to do before closing it and going back to his insecure browser.'"
Hell, mine's a slut.
But then, so am I.
What?
Knoppix...what version of Windows is this knoppix thing? I don't understand...
I browse the web via correspondence.
That's right. I snail mail the institutions for the answers I seek and they write me back after looking it up on the web.
Even this post was done via correspondence. I mailed this letter to CmdrTaco a couple of days back and let him know to post my thoughts on the matter when the article hit the front page.
Dedicated Cthulhu Cultist since 4523 BC.
Only use a separate computer for banking, shouldn't be connected to any network. Preferably all I/O ports should be fit with epoxy, especially the keyboard.. A large faraday cage over the monitor to prevent Van Eck as well.
But I might be paranoid.
The fool is using the same computer to go to both important and random web sites! And he's probably using Windows, too!
If you care at all about security, you create a separate virtual machine for every web site you visit, and you only go to your banking site with an up-to-the-second-patched copy of lynx running on an obscure OS and platform, like OpenVMS running on DEC Alpha hardware, for example.
If you *really* care about security, you use telnet on an OS you wrote yourself. And you carefully scrutinize every line of the telnet code and TCP stack for security flaws.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
I do the same thing when I have to go somewhere. I have two cars, one that's reliable, and one rusty piece of crap that's ready to fall apart any minute. When I need to go somewhere important, I take my reliable car so I know I won't die before I get there. When I just need to take a quick trip to the grocery store, I take my junk car and just cross my fingers.
I use a similar scheme, I use XP in VMware for shady downloads/torrents and pornsites while my Vista install stays clean.
A bit of qualification in case that isn't clear:
You expect your main machine to be compromised, otherwise why not do the banking on that one?
You expect your secondary machine not to be compromised. Why is that? Has it got the dont-hack-me-bro bit set?
Yes but then again Bruce Schneier's password has so much entropy, that gzipping it results in a stream sixty four times as long. And yet he can type it with a single roundhouse kick to the keyboard.
Switch back to Slashdot's D1 system.
> Asking for only certain characters from a password (e.g. characters 1,4,8 & 9)
That's amazing. I've got the same combination on my luggage!
*grin*
Bark less. Wag more.