[clug] Dangerous Dave's talk

Kim Holburn kim.holburn at gmail.com
Wed Mar 4 03:07:59 MST 2015

On 2015/Mar/01, at 6:36 PM, Luke Mewburn wrote:

> On Sun, Mar 01, 2015 at 08:01:46AM +0100, Owen Cook wrote:
>  | To date I have done my banking etc through a different user with minimum access. I use Firefox and check cookies.
>  | 
>  | So lets try a VM, in this case SUSE-13.2. I start up Firefox, go to my bank, and check the cookies.

I'm not sure a VM makes anything more secure.  A VM client is only as secure as its host?  A live CD might be better or just a USB stick.  Tails?

>  | 
>  | The bank cookies are there, but so are those from Google and another from server.lon.liveperson.com. I delete those cookies, Google's reappears in a second or so, and the live person one comes back intermittently. There is also one there from doubleclick as well. None of these are in the non VM system.
>  | 
>  | So I have a mystery. why would Firefox in a SUSE-13.2 VM fetch more cookies than the Firefox as another user in Ubuntu.
>  | 
>  | Any suggestions welcome
> Do you run the FireFox addons: NoScript, RequestPolicy ?

I run Policeman these days instead.  It has a far simpler interface and it does the job of both NoScript and RequestPolicy.  

Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request 

More information about the linux mailing list