LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-31-2013, 03:31 PM   #1
planarian
Member
 
Registered: Jun 2011
Posts: 33

Rep: Reputation: Disabled
best way to segregate browsing activities


Hi,

I want keep my online financial transactions completely separate from the rest of my web browsing. Obviously the absolute safest way is to simply use separate computers, but that's not particularly convenient. If I were to setup a second X11 login, how much risk would this less sheltered account pose to the other one? And what would be the preferred way to implement this? Perhaps xnest? I'm not new to Linux, but I'm also not exactly fluent, so please go easy on me

Thanks!

Last edited by planarian; 06-04-2013 at 03:04 PM.
 
Old 05-31-2013, 06:30 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594
You mention separation, "the absolute safest way" and risk but talking about convenience kind of neutralizes all that... I'm not going to talk about using read-only media (see here and there) and I'm also not going to talk about virtualization (as I know of your requirements mentioned only elsewhere) but I'll ask you this:
are you trying to apply your fears, uncertainties and doubts regarding the Other Operating System to Linux?
If not then what are the top three risks you think you are protecting against?
And how would these attacks commonly occur?


Just trying to make you think.
 
1 members found this post helpful.
Old 05-31-2013, 08:36 PM   #3
planarian
Member
 
Registered: Jun 2011
Posts: 33

Original Poster
Rep: Reputation: Disabled
Quote:
are you trying to apply your fears, uncertainties and doubts regarding the Other Operating System to Linux?
There isn't really any OS I know well enough to be able to make a properly informed judgment about the risk of, say, having an account hacked. What I do know is that in the right hands, all of them can be made into a fortress, and all of them -- including Linux -- can be fatally compromised by someone who doesn't understand what they're doing. What I'm looking for are common practices, and perhaps some description that would allow me to improve my understanding of Linux's account management. For instance, one respondent in that thread you mentioned points out that x11's keylogging facility is shared, which I think is probably worth noting.

[EDIT -- I just looked more carefully at your links, and there's a lot of very useful advice there; thanks.]

Last edited by planarian; 05-31-2013 at 09:03 PM.
 
Old 06-01-2013, 04:18 AM   #4
agentsteel
Member
 
Registered: Oct 2012
Location: France
Distribution: Debian / Fedora / Ubuntu / OpenBSD
Posts: 46

Rep: Reputation: Disabled
Use a virtual machine (Virtualbox will do the job)
 
Old 06-01-2013, 06:44 AM   #5
planarian
Member
 
Registered: Jun 2011
Posts: 33

Original Poster
Rep: Reputation: Disabled
A VM would probably run too slowly; it's an old computer. Would xnest be a reasonable substitute?

Last edited by planarian; 06-01-2013 at 06:48 AM.
 
Old 06-01-2013, 09:45 AM   #6
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
Another firefox but in "privacy mode"?
 
Old 06-03-2013, 12:00 AM   #7
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 7.7 (?), Centos 8.1
Posts: 17,844

Rep: Reputation: 2572Reputation: 2572Reputation: 2572Reputation: 2572Reputation: 2572Reputation: 2572Reputation: 2572Reputation: 2572Reputation: 2572Reputation: 2572Reputation: 2572
You could try a separate heavily locked-down install (ie dual boot on the same box), used ONLY for banking.
Add such things as noscript, ghostery, https-everywhere to FF.
Disallow images and cookies and only allow manually for each specific bank site.
Type in each web address manually (do not copy/paste something may have invisible ctrl chars/nulls) and bookmark those. Only use bookmarks.
Set default/'home'/startup site to one of those.
NEVER store accts details/passwds/pins on the computer.
 
1 members found this post helpful.
  


Reply

Tags
xnest, xubuntu


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Activities LXer Syndicated Linux News 0 10-13-2011 03:40 AM
apt/dpkg: How do I segregate user application packages from system packages? boxyzzy Ubuntu 2 12-03-2010 11:04 AM
[SOLVED] How to turn Turtle-speed browsing into penguin-speed browsing?? :D IlIl7 Linux - Newbie 7 10-18-2010 05:21 AM
Is a there general method to segregate debugging symbols in Slackware packages? Shingoshi Slackware 7 03-27-2009 08:15 PM
measuring network activities raees Linux - Software 2 04-24-2005 12:30 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:47 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration