If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Online Banking TAB - Different Security

RESOLVED WONTFIX

Status

()

Firefox
Security
--
enhancement
RESOLVED WONTFIX
10 years ago
10 years ago

People

(Reporter: MaTias Barletta, Unassigned)

Tracking

Trunk
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

10 years ago
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.11) Gecko/20071206 Firefox/2.0.0.11 Flock/1.0.3
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.11) Gecko/20071206 Firefox/2.0.0.11 Flock/1.0.3

Taking Jeremiah Grossman idea of extreme security browsing, 

How about doing a special TAB with extreme security so when I click my online banking bookmark it opens a TAB with an extreme security setting? 
This allows one to not switch to a new safe browser (by settings) and we can promote firefox as an online banking friend.

Reproducible: Always

Steps to Reproduce:
1.
2.
3.

Comment 1

10 years ago
How would this new tab be any safer than the old one?

Are you talking about a vanilla Firefox install with no settings changed or extensions installed?
OS: Linux → All
Hardware: PC → All
Version: unspecified → Trunk
(Reporter)

Comment 2

10 years ago
This can could have a total different set of security settings. You may have a tab  with differents setting for cookies, certificates, forgery, even prevent you from remembering the password, and maybe also disabling some of the extensions.

Comment 3

10 years ago
Having a separate *set* of cookies might protect you from XSS, CSRF, etc.  I don't see how different settings would protect you, and most of those settings are per-site anyway.
(Reporter)

Comment 4

10 years ago
Ok. Thanks for your time guys!
Status: UNCONFIRMED → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → WONTFIX
Mozilla Labs's "Weave" might help -- it's Firefox, but you could create dedicated instances (separate profiles) for high-value sites. That's not really any different from what Jeremiah is doing though, and anything less wouldn't address the risks he's trying to reduce.
You need to log in before you can comment on or make changes to this bug.