Monday, January 26, 2009

Safest Way to Surf: The Two Browser Method

The safest way to surf the web is a two browser method. In my opinion there are two types of websites: semi-trusted and un-untrusted. Notice I failed to mention "trusted"; trusted websites don't exist. In this post I will explain how users should utilize different browsers when surfing the Internet.

The semi-trusted websites are sites such as corporate intranets, Google, and Gmail; just to name a few. These are the type of sites that have a remote chance of containing malicious attacks. With these semi-trusted sites, I am comfortable using browsers such as Safari and Internet Explorer.

Semi-trusted websites are the types that you use for work or personal use. Always remember that your credentials may be cached in your browser. This means the browser may contain username and passwords that if compromised, could result in the loss of personal or corporate information. In order to avoid this loss, I recommend that you do all other web surfing to un-trusted sites in Firefox.

Firefox is great because of all the add-ons. NoScript is a great add-on that mitigates users against some malicious attacks. NoScript is nothing new to many security professionals; it attempts to stop malicious JavaScript attacks from executing in your browser. I use Firefox and NoScript for all web browsing outside of my semi-trusted sites.

The two browser method separates all potentially cached information in each browser. If NoScript fails to prevent an attack, I don't have any important credentials in my Firefox cache. This is not perfect, but it makes it harder for driveby attacks to compromise confidential information just by browsing the Internet.

One last tip:

Do not copy information such as credit cards to your clipboard, ie. Ctrl-C.

Attackers can easily grab this information from your browsers!!

-MJC

4 comments:

  1. Combined with one-time-use credit card numbers, it makes for a much safer online surfing (and shopping) experience.

    ReplyDelete
  2. Even better, you can run two separate instances of Firefox!! Here is a cool plugin which will help you differentiate them!!

    http://blog.didierstevens.com/2007/10/09/whoami-firefox-extension/

    ReplyDelete
  3. You cannot always rely on trusted websites and although what you propose is somewhat safer than conventional browsing, what happens in the event you are surfing on wireless hotspot, a 3rd party network, or if your DNS is attacked by malicious users? Many things can affect the users browsing security - one of the best pieces of advice I would offer is that after browser use, always clear down session information & clear the cache, especially in your "trusted" browser. This way in the event you connect to a hostile network or have your DNS attacked, you are less likely to leak sensitive information to an attacker.

    ReplyDelete
  4. Another suggestion is the free browser appliances available from VMWare which don't save state. You don't have to worry about what is in your cache, accidentally saved password, browser history, etc. All things that should be limited in your normal browser settings anyway, but with the added insulating layer protecting your system. Definitely something additional to consider.

    You can download a pre-made version here: http://www.vmware.com/appliances/directory/80

    But you could easily create your own.

    ReplyDelete