One of the biggest challenges right now comes in keeping secure while we’re constantly connecting to systems of unknown trustworthiness. Even when I connect to this site, on a server that I built and administer myself, which I pay for entirely from my own pocket, there’s still that little doubt in my mind.
Most other sites provide much stronger reasons to doubt them, least of all because I have zero clue how good or bad they may be. There are companies that I trust more to maintain secure networks, and some I trust less. My experience as a pen tester has informed this a bit further, such that about a year ago I changed how I handle my browsing.
On my primary system, I run Windows 8.1. I get some sass on occasion from friends and colleagues, but it’s the most secure version of Windows to date. I can deal with some of the more irritating things like the Start Screen when the general protections are better.
But they’re not perfect. And the primary means of exploit these days is, of course, through browsers. While Internet Explorer is the target of many jokes about security, the others often aren’t. Firefox and Chrome (and Opera, though its market share is minuscule) are the subjects of serious exploits on a fairly common basis, but because their updates are so frequent (and don’t require reboots), we don’t hear so much about them. That doesn’t mean they don’t get hit. Some of the attack tools that I use will happily accept pretty much any browser and provide an exploit for it.
So here’s what I do to try to stay safe, using four different browsers. Much of what follows also works on Linux, but not as much on Macs.
My default browser is Aviator, and it’s one that most have not heard of. Available for Windows and Linux, it’s based on Chromium (the open-source variant of Google’s Chrome), and essentially operates in Privacy Mode by default: no history, cookies, or anything else are saved from session to session. If you close a tab, it’s gone. Close the browser completely, and anything that you were logged into has to be logged into again.
And that’s what makes it safe, especially if you don’t use it to log in to anything. Click on a link in e-mail, TweetDeck (my primary Twitter interface), or from IM, or whatever other non-browser sources, and it opens in this dead-end browser. There’s (almost) nothing to steal. No credentials means that XSS and CSRF, among other things, don’t work nearly as well. It also helps minimize (but doesn’t eliminate) tracking based on ads and such.
When I find a questionable site on other browsers that I don’t want to risk reading things, I will often open it here. (Really scary things get opened in Konquerer or downloaded via wget in a Linux virtual machine–but that’s another story. I really wish I had opened that Netragard link in Aviator, since it wouldn’t be following me in advertising on a third of the sites I visit. I think I have that problem licked after two weeks, though.)
It does mean that if I find something interesting (and trustworthy), I have to open it in another browser if I want to bookmark it, but that’s a small price to pay for security against new and unknown sites.
Mozilla Firefox with NoScript
I also use an add-on called HTTPS Everywhere. This add-on, published by the Electronic Frontier Foundation, checks to see if HTTPS is available for the given website, and forces its use if that is the case. Say you go to Facebook over an unencrypted link. Even if Facebook allows you to use simple HTTP, the add-on detects that Facebook has an HTTPS option and will force the browser to go to it. Simple, unobtrusive, and more secure than normal browsing.
I know a few people who prefer Chromium, but I’m OK sticking with Chrome. Even then, I use HTTPS Everywhere, the same as with Firefox. The difference is that I trust Chrome with more sensitive information, that from my Google account. Accounts linked under a single login make things so much easier, but they’re also so much easier to compromise en masse.
There’s another OPSEC separation: Facebook in one browser, Google services in another. Something that compromises Facebook can’t easily compromise my Google accounts, and vice versa.
There is also, of course, Microsoft’s browser. I still use it on occasion, because therestill exist a few sites that require it, particularly my employer’s. I usually use the work-provided system to log in to these sites but a quick check of, say, my direct deposit settings might be done from my main system. I also use it for the Office 365 subscription used by the non-profit I’m involved with, TheLab.ms, simply because it works better for the few things for which I need a browser.
So those are my browsing methods. New links get opened in Aviator, slightly less questionable in Firefox, and more trusted in Chrome, with the occasional IE use. There’s some manual opening there, but with a little practice, it’s almost unnoticeable.