On Fri, Jan 18, 2008 at 09:30:01PM +0200, Jussi Peltola wrote: > Most of the replies are missing the point. You do not only want to > protect the rest of your system from your browser. You also want to > avoid your browser doing anything an attacker wants when he finds an > exploit in it. > > If you try to solve the problem with virtualization, different users or > another solution like that, you would have to run multiple browsers for > different sites to avoid browser exploits causing trouble. Of course, it > is always better to run network applications as a different user than > yourself, but browser exploits are somewhat hard to contain that way > since the things attackers want may be in the browser itself (cookies > or, hopefully not, saved passwords). > > I have to restate what I wrote in another thread: looking at the > security record of the popular browsers it is scary we use them for > online banking and other security-critical functions so carelessly in > our everyday life. >
Right, and I'm only using banking as an example. I'm going to separate totally normal everyday browsing to an "entertainment" box that contains no private data but that also is monitored by the "secure" box for file alterations. As for having an attacker get my browser to do anyting he wants, this is a risk shared by everyone who uses a browser for anything at all. Net browsing on the secure box will be limited to security concious sites, such as internet banking where I wouldn't want anything I do on the site to be monitored by a browser that I had ever visited a more generic site, just to avoid cross-site issues. We can save which box, "entertainment" or "secure", to use for eBay transactions (as opposed to just eBay browsing), for another thread. As for the security record of popular browsers, this is the question. Is a browser with a long history of few security bugs more or less secure than a browser with a long history of many security bugs? Someone suggested that Dillo, with a long history of few bugs, with a simple design, may be more secure. Also note that I'm specficially looking at graphical browsers here and "banking" may not be the best exemplar since hopefully the OBSD base Lynx will work for that. Thanks, Doug.
