Firefox to Firefox data leakage?
 

I am quite careful about minimizing the ability of web sites to track my activity. Sort of a me vs. them game:) I clean up everything except bookmarks and stored credentials every time I close Firefox and I close Firefox OFTEN. I always start Firefox fresh before logging into any site such as this one. And I have a few select privacy addons installed. To further compartmentalize things I have a separate Firefox profile which I use ONLY to access financial institutions.

The question of the moment... If I have two Firefox instances pointed to two different profiles is there any data leakage between the instances? Cookies etc. will be stored in the profile which is used by each instance but I am wondering if there would be any communication between the instances in memory? I can allow only a single instance by using the -no-remote option. I am guessing there is some REASON for that option being available.

Or... is there a way to run two instances isolated from each other? In Windows XP or was it NT(?) I vaguely recall there was a way to run a program in separate memory space.

TIA

Ken

What precisely do you mean by "different profiles"? Do you mean different usernames or something else?

When started for the first time on a given computer by a given user a collection of directories and files is created to store cookies, bookmarks and whatever else Firefox does. That is what I am referring to as a profile. A profiles.ini file is created in ~/.mozilla/firefox to point to these directories & files. For exampleI have created a profile.ini like thisIn this case the "default" profile is my general purpose Firefox which I start by the command firefox -P default Of more concern is my "vanguard" profile which I use only for a couple of financial/banking web sites. It is called up from a different launcher by firefox -P vanguard.

If I run both browsers at the same time I see two Firefox processes running. The concern is... can any data "leak" between the two processes?

Ken

I don't have an answer to your question, but I do have another question. What is the purpose of separating profiles this way for what your are using it for? I can see if your are testing software, but just for basic web browsing, paying bills? Couldn't you just create a separate bookmark folder with your bank bookmarks? Are you using certain add-on's on one of the profile that you dont want the other profile to use/see? Just curious as to why, other than simply compartmentalizing.

This is probably a question for firefox developers - but you should assume that it is the case.

Regardless of this, though both instances would be accessing separate resources, If you're browsing from two instances of the same browser, from the same local machine/IP address you should also assume that any tracking is sophisticated enough to determine that. And the same goes for using two different browsers. So for example targeted ads for one user could be displayed for another.

But rather than using the user profiles, you would probably be better of looking into running your other firefox in a chroot jail. Binary firefox (downloaded from mozilla) may be ideal for this purpose. Though I'm not entirely sure what you're trying to achieve / why you're trying to achieve it.

If you're that worried, why not boot your computer from a LiveCD, do not even mount your harddisk(s), optionally load everything into memory so you don't even need to leave the CD inserted after boot, and then access your Firefox profile off of a thumbdrive - one thumbdrive per profile - and never insert more than one thumbdrive at a time.

Thanks folks for the replies

To erik2282 - In actual fact my vanguard profile is for now only used to access vanguard.com. I am running it "naked" - no privacy addons - as something, I think NoScript, causes issues on that site. I do not run it concurrently with another browser instance - at least not when I login to access my accounts. I do tell the vanguard Firefox to delete EVERYTHING when it closes.

To cynwulf - Good points. I think I am immune to ads. I automatically tune them out - that is the few which come through Adblock Plus - generally as search results. When I first started on the Internet - early 90's - I as in an IT position and was the go-to person for advice. Many of my co-workers were asking me what to do about popup ads. Popup blockers were big business for Internet Explorer in those days. I could not figure out what they were talking about. I finally had to ask someone to show me a popup ad. Embarrassing! Netscape blocked popups by default! Therefore I had never experienced a popup ad :D

As to cross tracking based on IP address... I do like that about Opera - the developer version has a built in VPN. Two browsers on the same machine can be in two locations (I think, not sure I have tried that). On my new workstation I will have a CentOS 7 VMWare guest occupying one monitor on the CentOS 7 host which will occupy the other. (CentOS 7 does not support the separate X screens configuration I use in CentOS 6 - don't ask). I can run a vpn on the host and/or guest and be in two places at the same time. I have tested that.

To haertig - As I described above my Virtual Machines give me a decent degree of isolation. And of course the is TOR or tails.

Actually I guess I should be spending some of my effort learning how to game the targeted advertisers. Setup a dummy VM with a wide open browser and do a bunch of searches for something I am planning to buy and see what pops up. Perhaps I will give that a try.

Thanks again for your input.

Ken