With the explosion of "social buttons" everywhere, I became really more paranoid than before about my privacy. And when I see new Facebook 'Frictionless sharing' feature, I don't regret my move. What did I do? Simple, I'm just using dedicated browser profiles for each task:
- The most sensitive: the one I use only for my mail account and nothing else. I even think to use the clever proxy hacks mentionned by Chris Evans to only authorized outbound connections to my mail provider. I didn't do it yet because it would prevent me from reading HTML mails linking to external image (OK this is not a big loss and a potential privacy issue but useful sometimes). This is a dedicated profile because if you have access to mails, you have access to every web sites (ie "I lost my password")
- Then there is my main profile (using it for Google Reader, Google+, Twitter and Facebook). My biggest fear is to be tracked because of social buttons or because I clicked a link somewhere. So I changed my habit and instead of clicking, I drag and drop interesting pages to my sandbox profile
- The sandbox profile is where I do searches, browsing web pages, etc. It is configured to never send anything, or to store information on disk. I never use this profile to log on a website and if I have to do that, I get back to the main profile.
To do this efficiently, when I boot, I spawn these browsers with specific profile directory (using --user-data-dir Chrome option) and they are never closed. My window manager is configured to display the sandbox and my main profile side-by-side on the same workspace in order to switch rapidly.
For each profile, I use these Chrome extensions:
- Keep My Opt-Outs and IBA Opt-Out, enabling Do-Not-Track header equivalent
- FlashBlock to disable Flash by default
- Disconnect to disable social buttons
- AdBlock
This setup works really well for me, I'm using it for more than 6 months now and it's cool :)
The next step is to use dedicated UIDs for each profile, I didn't do it yet because there is no "perfect solution" because of Xorg design: any X11 client can mess with other X11 client...
Nicolas, you change browser profile by Qubes isolation and you have the post of Johanna Rutkowska :) http://theinvisiblethings.blogspot.com/2011/03/partitioning-my-digital-life-into.html
RépondreSupprimerPS : as asked by Pollux, have you tried Qubes ?
Hello Christophe,
RépondreSupprimerQubes OS is really interesting but I don't have try it yet because I don't have the required hardware.
Qubes is a little bit... overkill for my use. My current worry is privacy, not security bugs. For that matter, I have relative confidence in the SECCOMP sandbox (which you have to enable manually, see about:sandbox), even if the performance impact is not negligible.
see you
That's funny.
RépondreSupprimerYou, being paranoid, continue to use Chrome. LOL.
And what about when you want to use the same things at the same time ?
RépondreSupprimerPersonally I use Firefox for connecting Gmail, social networks etc...
Things I don't want them to track ? I launch another browser (Chromium) and do them, simple. ;)
I don't understand what you mean by "Same thing at the same time"? I can still launch tabs or an Incognito Window if needed.
RépondreSupprimer