Comments on: My Firefox Security Profile

By: darkkosmos

darkkosmos — Thu, 29 May 2008 16:28:37 +0000

@martin I don’t have silver light, java will ask for confirmation, PDF is taken care of by nod32 and I don’t have quicktime (anymore)

But I got noscript back after I got attacked by rickrolls XD

By: Martin

Martin — Thu, 29 May 2008 12:18:52 +0000

Digitarius here you go

http://www.ghacks.net/2008/05/29/run-multiple-firefox-profiles-simultaneously/

By: Run Multiple Firefox Profiles Simultaneously

Run Multiple Firefox Profiles Simultaneously — Thu, 29 May 2008 12:18:37 +0000

[...] post is a direct response to a comment from the user Digitarius on the post where I detailed my Firefox Security Profile. He assumed that it is not possible to run multiple Firefox profiles at the same time and I would [...]

By: Digitarius

Digitarius — Thu, 29 May 2008 12:03:54 +0000

Not a bad setup. I always have Adblock Plus, Flashblock, CS Lite, and Noscript going, a HOSTS file that has a huge blacklist, and OpenDNS.

That cuts down the risk by a lot, but it doesn’t really comp for friendly sites being compromised, like when the Dept of Homeland Security’s site was pushing malicious javascript. The multiple profiles is a great idea, but seems a little hard to use since you have to shut down your normal browsing.

If you want to be paranoid, run a Virtual Machine in VMWare Player. Totally free, and they have “appliances” geared toward exactly this. Browse in the (Linux based, so fairly light) VM and never save its state… doubt you’ll run into problem that way.

By: Martin

Martin — Wed, 28 May 2008 18:45:16 +0000

Well how about Java then, or Microsoft Silverlight, Adobe PDF, Apple Quicktime or any other plugin installed ?

By: darkkosmos

darkkosmos — Wed, 28 May 2008 18:42:32 +0000

Well phishing doesn’t need javascript and I’ve already got flashblock. Thank you for your help

By: Martin

Martin — Wed, 28 May 2008 18:39:54 +0000

Well a Firewall does not protect against all the attacks that can be started from a website. Take phishing for instance, or vulnerabilities in Flash.

By: darkkosmos

darkkosmos — Wed, 28 May 2008 18:04:43 +0000

Please explain further

By: Martin

Martin — Wed, 28 May 2008 16:51:25 +0000

yes

By: darkkosmos

darkkosmos — Wed, 28 May 2008 15:49:31 +0000

If I have a firewall like nod32 (lastest version) together with CS light do I still need noscript?

By: Using Different Firefox Profiles For Various Purposes

Using Different Firefox Profiles For Various Purposes — Wed, 28 May 2008 12:14:05 +0000

[...] you’re new here, you may want to subscribe to my RSS feed. Thanks for visiting!Martin at ghacks wrote an interesting post on how he uses a different Firefox profile for logging in to his [...]