Slashdot Mirror
'Extreme Security' Web Browsing
Sarah S writes "The application security researcher Jeremiah Grossman described to CSO magazine how he takes extreme measure to stay safe online. The simplest tip he uses: two separate browsers: 'One, which he calls the 'promiscuous' browser, is the one he uses for ordinary browsing. A second browser is used only for security-critical tasks such as online banking. When Grossman wants to do online banking, he closes his promiscous browser, opens the more prudish one, and does only what he has to do before closing it and going back to his insecure browser.'"
While I do understand what is being said about using two browsers, me personally, I would find that annoying... I only use FireFox... And opening and closing it to open say Opera or IE... that would get annoying after awhile when I know there are products out there that can help protect your data while doing online banking. Speaking of which, I have been doing that since 2000 when I graduated from highschool and ventured into the real world without any issues... How many of you actually use two separate browsers as described here, I am just wondering...
-- Josh
"Whoopie! Man, that may have been a small one for Neil, but that's a long one for me!" - Pete Conrad
For more secure browsing and ebanking(at our house), we keep knoppix cd and dvd's beside our computers and boot with that.
That'd help.
Unless somebody really wants your data
If you want *secure*, you can boot the anonym.os LiveCD, which, while a bit out-of-date, has some good anonymization tools as well.
Or, as others have suggested, a dedicated virtual machine which can revert its state at shutdown, so you know there won't be any nasties lurking even in the sandbox.
Hail Eris, full of mischief...
E pluribus sanguinem
This will just cause people to write down their passwords.
And what, exactly, is wrong with this? Bruce Schneier offers the following wisdom:
I write my passwords down. There's this rampant myth that you shouldn't write your passwords down. My advice is exactly the opposite. We already know how to secure small bits of paper. Write your passwords down on a small bit of paper, and put it with all of your other valuable small bits of paper: in your wallet.
"Nature doesn't care how smart you are. You can still be wrong." - Richard Feynman
Wow. Sounds like you put a lot of personal perspective into your post. My wife goes for more porn online than I do by a long-shot, so I don't worry about my browser history too much.
One system I saw reminds me of this problem. It was a touch screen that displayed a keypad. The screen was at a terminal of sorts, and there was a box drawn around the area in front on the ground in red tape. By company rules only one person was allowed in the box at a time, so if you needed to approach the door in a group, you were required to take turns and queue up in a line outside the box.
The screen was a fresnel lens type cover, so you had to be standing at the correct orientation to the screen to read it. People behind you any distance, or off to the side even a little, could not see the screen at all. The screen presented a numeric keypad and you had to key in your passcode.
The trick here is, the keypad was not a standard 0-9 3x3 grid. The numbers were in a 3x3 grid, but were in random places each time you used it. So anyone watching your hands to see what you pressed wasn't getting anything useful besides the length of the passcode. (which was fixed at 10 characters) There was a setting to shuffle the keys on each keypress but that was found to get on people's nerves, so you could presumably figure out if a person had a pair of letters in the code that were the same but that's not too big of a deal.
Only thing is a screen scraper combined with a keylogger (to log mouse clicks) would still own all of this.
I work for the Department of Redundancy Department.