It is important to highlight user account security

[menotu]

and how to use a browser on line without endangering the user data etc etc.

+1

Don't be lazy over security settings - don't put it off 'til tomorrow

Good practice is not to download anything unless you specifically went looking for it or  you are confident of the source.

Disable any unnecessary plugins;

In Firefox 14:  in about:config - set the plugins.click_to_play to true - this will mean being pro-active to enablie access to different sites - see here for images

Wherever possible block items getting through to the system.  One useful plugin I use is the Flash Player plugin which drops itself in Configure Your Desktop/System Settings as shown below:

[aguila]

If your OS is secured it should not be possible to install any program (malware) without your explicit agreement.

A firewall should always be used and locked down as far as possible - if web browsing is the only action you are using the web for (no web hosting, no SSH) then lock it completely.

Starting a browser in a virtual machine only and using a shared folder for the downloads might help. This way you wouldn't have to switch accounts for using the browser. In Linux, can you start an application as a different user?

Use only the plugins that you need. Opt-in for those plugins is a nice option as described by menotu.

Applications that sit in the /home folder - Java programs or portable apps - must start a process when they are launched, so processes with a command starting with /home/yourname/ should be suspicious if you have not explicitly started them. I have no idea though if it's possible to hide a process from the process tree (top or others).

[Just17]

If your OS is secured it should not be possible to install any program (malware) without your explicit agreement.

Without getting into the 'how the file might get in', a script can be easily made to run from the Autostart directory or by other means, and would have full access to everything the user can access.

It does not need access to the secured OS to get to your user data.

That really is the whole point of this thread ......  how to better protect user data.

[Archie]

IMO one of the dangers that lurk are the extensions/addons/plugins for our apps. Many of these so called addons are from third-party programmers and they are either made available through websites or submitted to the app's addons repository. Open codes can be assessed by the app's developers or other outside programmers. But that's not always the case. Sometimes (I have no stats to backup my claim) these addons just "get through" without the "required" checks and inspections.

Browsers like Firefox and Opera have a lot of extensions available to enhance/extend them. LibreOffice also have addons.

I'm not saying that the danger proportions are high. What I am suggesting is we be careful and selective on the addons that we download and install.

[Neal ManBear]

Stickied this topic as it is important. I hope we can come up with some good security plans.     

[menotu]

I have no idea though if it's possible to hide a process from the process tree (top or others).

Probably not, but it could possibly (re)name itself so it appears on the surface to be a legit process.

Making sure the important data is kept safe in an encrypted folder/partition using something like zulucrypt would help no end.

[Just17]

Maybe we could start off with something like this .......  one (probably of many) means of making browsing a little more secure .....

create a new user/group called  "internet"
create launchers for browser/s so that from the user's normal account this/these browsers get launched as internet user.

set permissions/groups so that the main user can access everything in the internet user account (membership of group?)

Set a shared directory in the internet account as the location of all deliberate downloads ...  and the browsers to ask every time to where something is to be downloaded. Link that share to the main user account?

maybe correct use of the sudoers file to arrange permissions would be desirable or maybe it could be managed without it ...  I am not sure, that is for others to advise.

set a shutdown/startup/cron script to cleanse the internet account regularly

Do the setup on the basis that SOMETHING will get into the account through a browser, sometime, and arrange browsing to make it as secure as we think it can be without interfering too much with ease of use.

Put this set up in a script so that it is easy to apply ....  and have that script installable and upgradable in the normal fashion through Synaptic.

This of course is an ADDITIONAL security measure and not a replacement for anything else.

Because the browser is the most used application connecting to the internet I think it is a reasonable place to start. Other internet facing apps could get similar treatment where appropriate, afterwards.
Those setups could then be added to the "internet" account, for use by the main user in a similar fashion to the browser/s.

I believe it would be a good place to start.
It could have immediate security benefits for users who install it.

It would need to be integrated in a manner that would make it invisible to the user ....  the user would not have to deliberately choose an "internet" account browser .....  but would have to deliberately choose NOT to use it, and to use a 'local account' browser.

Sorry if the above is a bit disjointed ....  just writing as things occur to me.

I hope you get the idea behind what I am suggesting.

[ternor]

All of that is going to take time to set up.  There are things that can be done more quickly and a couple of suggestions have already been put forward.

There are three preferences in Firefox that come to mind.  One is to require the browser always to ask where to store files.  A related preference is in the applications tab where you can specify the action to be taken with regard to particular document formats.  Those settings are not perfect.  I have had experiences recently of documents opening in the browser when I have (to my knowledge) done everything I can to stop that happening.  I do not, however, remember anything actually downloading without my approval.

Thirdly for Firefox, there is the now operative setting 'plugins.click_to_play'.  It wasn't working in Firefox 13 but it seems to work now.  It isn't clear to me that that deals with any more than the nuisance of pages which play extremely loud abuse of musical instruments as soon as you load them.

There are also add-ons which (allegedly) improve security such as WOT.  I have had trouble working out exactly how to use WOT and I imagine there is someone qualified to put together a one stop user guide.  Firefox also has some security features built in but finding out what they are let alone information about them is not so simple.

I use webmail now mainly because I do not want emails stored on my machine.  It seems to me that email clients pose more danger than web browsers.

[Archie]

Hi ternor.

Your post does present merits. However, we do not want to restrict it only to Firefox. Not everyone uses it ... I don't. Hence, moot. Sorry but more prioritized than securing the Firefox browser is all browser - Konqueror, Opera, Chromium, Epiphany, Galeon, Seamonkey, Dillo, Google Chrome, etc. and none are compatible with Firefox addons.

A group account "internet" of which users can be members restricting activities to a separate folder at /home and no access to the user's /home sounds like it may work. Browser caches, tmp files, cookies, downloads, etc. can all be stored on the separate folder at /home. But what about account info and passwords ... how do we separate these from what the browser stores?

[Just17]

A group account "internet" of which users can be members restricting activities to a separate folder at /home and no access to the user's /home sounds like it may work. Browser caches, tmp files, cookies, downloads, etc. can all be stored on the separate folder at /home.

All files related to using the browsers would be stored in the 'internet' user's account, as per normal .....  if the scheme I briefly outlined would work. The browsers would be running from the 'internet' account, and not from the account of the user who launched it.

But what about account info and passwords ... how do we separate these from what the browser stores?

Do you mean log-in passwords for on line forums etc etc?

If so, not sure ..... they would not want to be exposed in the internet account ....

[Archie]

Do you mean log-in passwords for on line forums etc etc?
If so, not sure ..... they would not want to be exposed in the internet account ....

That's what I meant ... although they may not seem as important, nevertheless these are still a user's personal info. Some of us run password managers; still a good number of users use cookies to store their info so they can conveniently logon to their web-based email and forums, etc.

If cookies, history, etc. cache are cleaned after a browsing session, there will be a lot of very unhappy users.

[Just17]

Do you mean log-in passwords for on line forums etc etc?
If so, not sure ..... they would not want to be exposed in the internet account ....

That's what I meant ... although they may not seem as important, nevertheless these are still a user's personal info. Some of us run password managers; still a good number of users use cookies to store their info so they can conveniently logon to their web-based email and forums, etc.

If cookies, history, etc. cache are cleaned after a browsing session, there will be a lot of very unhappy users.

Yes I understand what you mean.
Definitely the user's password info should not be exposed in the internet account.
Some means of using a password manager to control this would I think be preferable.

If storing password info in cookies, is deemed to be insecure, then it should not be done .......  IF the intent is to provide secure browsing (IMO )

If that means the user must change their methods of working somewhat ....  from cookies to password manager ....  then that would need to be done.
After all it is a once-off setup for each site visited regularly, and after that does not intrude.

What I do not know is if the password manager info can be passed from the normal account into the internet account when required ,,,,  or how.

[Ramchu]

Sounds/Reads like you guys are moving in the direction of trying to protect the everyday user from him/herself.

I just want to say that I will administer my own security, I have found that if I don't want something to get compromised
then I simply don't put that information in my computer.

I know people that have been using computers for years and they don't know squat about security and further more they are not going to take the time to learn or implement the procedures even if they did.

It is however, good to create some kind tutorial on better security, just don't go and start forcing things on users just because of your own personal feelings/concerns.

just my 2 cents

[Archie]

Sounds/Reads like you guys are moving in the direction of trying to protect the everyday user from him/herself.

I just want to say that I will administer my own security, I have found that if I don't want something to get compromised
then I simply don't put that information in my computer.

I know people that have been using computers for years and they don't know squat about security and further more they are not going to take the time to learn or implement the procedures even if they did.

It is however, good to create some kind tutorial on better security, just don't go and start forcing things on users just because of your own personal feelings/concerns.

just my 2 cents

This may or may not bear any fruits or results but we will definitely learn something pragmatic from this discussion. I think Just18's concerns for securing not just his but other users accounts and data are noble, and the least I can do is layout what I believe would be genuine concerns of the average user, the issues they face, and probably some good advice. What the readers choose to do with those advice is theirs to consider.

I believe that the more we inform and make aware, it also strengthen our own user security.

[Ramchu]

This may or may not bear any fruits or results but we will definitely learn something pragmatic from this discussion. I think Just18's concerns for securing not just his but other users accounts and data are noble, and the least I can do is layout what I believe would be genuine concerns of the average user, the issues they face, and probably some good advice. What the readers choose to do with those advice is theirs to consider.

I believe that the more we inform and make aware, it also strengthen our own user security.

Agreed !
As I posted earlier: just don't go and start forcing things on users just because of your own personal feelings/concerns.