Re: firefox > Preferences > When Firefox starts.

["der.hans" <deb-user@LuftHans.com>]

Am 24. Apr, 2019 schwätzte David Wright so:

moin moin,

> On Tue 23 Apr 2019 at 18:15:03 (+0000), der.hans wrote:
> > Am 23. Apr, 2019 schwätzte David Wright so:
> > > On Tue 23 Apr 2019 at 15:53:50 (-0000), Curt wrote:
> > > > On 2019-04-23, der.hans <deb-user@LuftHans.com> wrote:
> > > > > I use different Firefox profiles for banking to improve isolation, so at
> > > > > least they won't be attacked by a retailers tab.
> > > > >
> > > > > I'm experimenting with Firefox containers for the isolation.
>
> > > > https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers
> > >
> > > I can see some usefulness in having separate bookmarks and histories,
> > > particularly the latter as it's not easy to classify in the same way
> > > as bookmarks with its submenus. But I see only convenience, not
> > > security.
> > >
> > > What experiments have you devised? How do you define "isolation",
> >
> > Thus far my experiments have only been for usability. When I first tried
> > Firefox containers some time ago I could only open one tab in each
> > container.
> >
> > I'm just checking that they work and that I can use the same site multiple
> > times with different credentials from the same browser instance.
> >
> > > and what are the criteria by which you judge whether their scheme
> > > is succeeding or not?
> >
> > At some point I will need to dive into documentation to see if the design
> > is to isolate the containers sufficiently for me. Even if it is, I'm
> > still concerned about a bug allowing container escape or information
> > bleeding.  Should containers not be sufficient for me, they still look
> > like a significant improvement for those less tech minded.
>
> My view is that it's easy to test whether unix permissions are working
> as the walls are on the local host. But to test whether there's

Exactly! We have long-standing, testable capabilities :).

> leakage between containers, you have to either be at the other end of
> the connection or be monitoring all the traffic going out from the
> local host.

It really needs inspection inside the browser and auditing via multi-site
testing.

But, $spouse isn't going to set up a bunch of different browser profiles.
If containers would be viable for that use case, then they could be an
improvement if the promise turns out to be at least mostly true.

They would also be an improvement for my generic browser use cases.

> > I currently run different browser instances for different tasks I want to
> > isolate.
>
> I'm not sure how to stop different browser commands jumping into an
> existing browser instance. I presume there are ways, but I find it
> simpler to just use different users.

Do you mean when an application launches a browser?

I haven't found a way to specify the default browser for external apps.
That would be useful.

> > For instance,
> [ snipped ]
> > As to experiments, I need to see if I can get tools like lightbeam to help
> > me audit isolation. I'll also passively test by checking for bleedover
> > from different sessions.
> >
> > I want to see if I can enable and disable add ons per container. I presume
> > not, but that would be a useful feature.
>
> Interesting stuff: perhaps the making of a wiki.

I'm way behind on creating documentation.

I'll add that to my list of things for an upcoming trip.

ciao,

der.hans
--
#  https://www.LuftHans.com   https://www.PhxLinux.org
#  "Luckily, this is a comic book, for which no idea is too complex."
#    -- Larry Gonick from The Cartoon History of the United States