Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Questions about the new video posted by Joe about users and group...
#1
Hello, (im french, so i might sound weird) im a very non-technical user. Because im so noob, im trying to find easy ways to secure myself from the internet when im browsing the web. The "create a new user" part of the video really caught my attention. Obviously, i do not know jack about what it actually mean or what exactly its really doing when we're creating a new user in the OS.
- Is browsing the web with-in a new user can be useful against javascript attack?(Meaning, deleting the new user after usage) Is deleting a user will delete all the created browsing footprint data files and all the info saved from that user web browsers in the OS? In simple words, is creating a new user, like a sort of a little vm? Thanks!
Reply
#2
Are you referring to a new user at the OS level or a new user in the web browser?

OS Level:

You could create another user on the system and switch to that user when using a web browser.  That would protect your main files as the browser would have no access to your main user data.  However switching users at the OS level is some what annoying.  I personally wouldn't go that far unless you had super sensitive information on your computer like state secrets.

Browser Level:

Most modern browsers allow one to create multiple user accounts.  This does offer some protection of separation.  However if there is a browser leak data in your computer account could be at risk.  This would come down to the protections at the OS level which Linux is better at than Windows.  Still it could happen.

Security and convenience are often at odds.  So one has to choose.  A semi middle ground is disable javascript in your primary browser.  If you need to use a website that requires javascript (which is a huge amount actually) then go to a more locked down browser.  You may also always use a browser in private mode.

You have to decide your level of acceptable risk vs ease of use.
Jeremy (Mr. Server)

* Desktop: Ubuntu MATE
* Windows are for your walls, Apple is for your health, Linux is for your computer
Reply
#3
(09-25-2019, 07:44 PM)cleverwise Wrote: You could create another user on the system and switch to that user when using a web browser.  That would protect your main files as the browser would have no access to your main user data.  However switching users at the OS level is some what annoying.  I personally wouldn't go that far unless you had super sensitive information on your computer like state secrets.

Security and convenience are often at odds.  So one has to choose.  A semi middle ground is disable javascript in your primary browser.  If you need to use a website that requires javascript (which is a huge amount actually) then go to a more locked down browser.  You may also always use a browser in private mode.
Hello thanks for the answer. Im using js blocker that let me choose which script i want to allow, which i need, because like you mentioned a lot of website needs some js to work, a real shame. So, creating a new user at OS level and browsing the web with that user can be useful, thats really good to know. 
- Is deleting the user will delete literally every files and info in the OS that got created and saved while browsing the web with that user? Thanks!
Reply
#4
Yes it would but in general continuing to create and destroy users at the OS level is not recommended.

If you use private mode the browser will delete all files, cookies, and history created in that session.  Of course history will still remain at the websites themselves, but not on your computer.  This is a better option.

If you want to be really secure then create an OS user just for browsing and only use browsers in private mode.  This way the browser will delete all data generated in that session and if anything gets through there won't be user data in that OS user account.
Jeremy (Mr. Server)

* Desktop: Ubuntu MATE
* Windows are for your walls, Apple is for your health, Linux is for your computer
Reply
#5
(09-25-2019, 08:01 PM)cleverwise Wrote: Yes it would but in general continuing to create and destroy users at the OS level is not recommended.

- Thats really unfortunate Sad

If you use private mode the browser will delete all files, cookies, and history created in that session. 

- Thats my issue here, im so noob that i just cant trust them with their "private mode"

If you want to be really secure then create an OS user just for browsing and only use browsers in private mode.  This way the browser will delete all data generated in that session and if anything gets through there won't be user data in that OS user account.

- I think i'll use antiX persistence and wipe everything when needed, im too noob to take some chances. Thanks again for your cleverwise support, its very appreciated.
Reply
#6
(09-25-2019, 07:44 PM)cleverwise Wrote: However switching users at the OS level is some what annoying.

Technically, you could use 'su' to acces a shell as the browser-user while running a desktop session with your main user account. The you can either execute 'DISPLAY=:0 firefox' or 'WAYLAND_DISPLAY=wayland-0 firefox' (depending to whether you use X or Wayland) to execute a browser, in this case firefox, as the browser-user. The browser will have no access to your main user accounts files, but it will integrate natively into your desktop.
Reply
#7
(09-26-2019, 12:08 AM)leon.p Wrote:
(09-25-2019, 07:44 PM)cleverwise Wrote: However switching users at the OS level is some what annoying.

Technically, you could use 'su' to acces a shell as the browser-user while running a desktop session with your main user account. The you can either execute 'DISPLAY=:0 firefox' or 'WAYLAND_DISPLAY=wayland-0 firefox' (depending to whether you use X or Wayland) to execute a browser, in this case firefox, as the browser-user. The browser will have no access to your main user accounts files, but it will integrate natively into your desktop.

While technically true I would not recommend newbies start messing with the terminal until they have some experience.  So since the original poster to Linux mentioned being new I didn't want to raise that point.  However yup I agree.  The command line (shell/terminal) is a powerful interface for sure.  I use it daily.
Jeremy (Mr. Server)

* Desktop: Ubuntu MATE
* Windows are for your walls, Apple is for your health, Linux is for your computer
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)