Skip to main content

Your Browser, In Anonymity And Safety - Browser Isolation

In the Internet, just as in the real world, there are places where you just don't go, if you want to stay alive and / or safe. Safety on the Internet starts with staying out of web sites where you don't belong, and hardening your browser when you surf web sites that you don't completely trust. Besides hardening your browser, by disabling scripts from untrusted web sites, browser isolation is a new and promising protection technique. We isolate our browsers using two alternate techniques - proxy servers and sandboxes.

A proxy server can be run locally (on your network), or remotely (on the Internet). When run remotely, and provided by a third party, it provides anonymity as well as security. Address traces, such as from a visitor log in our blogs, show visitors as the proxy server and no farther. The security provided by a proxy server is configurable - if all that you desire is anonymity, you can enable many proxy servers to pass browser content that isn't necessarily safe.

An extreme version of proxy servers is found in onion routing, where you surf (and do other things) using a cascading series of proxy servers between you and the target server.
  • You connect directly to proxy server A.
  • From proxy server A, you connect to proxy server B.
  • From proxy server B, you connect to proxy server C.
  • From proxy server C, you connect to your target.
  • As you feel the need, you may add proxy server D, E, and so on.
Do you see the layers of the onion?

A sandbox runs locally (on your computer), and provides complete security by isolating specific processes such as your browser from the rest of the operating system. Since a sandbox runs on your computer, it provides no anonymity. Visitor logs show the address of your computer (or your network).

One problem with proxy servers is that they involve a third computer (the proxy server) between your computer and the target computer (the remote server), and this makes surfing with a proxy slower than surfing without a proxy. You can surf unknown websites from a sandboxed browser, and enjoy the same speed as from a browser outside the sandbox, in safety (though not anonymity).

Virtual machines, which provide a complete copy of the operating system running as an application on your computer, are the most versatile sandbox. A lightweight virtual machine can be had as SandboxIE, which was originally developed to sandbox Internet Explorer, which is known for being unsafe. With a minimum amount of work, you can run other browsers, and other applications in general, from SandboxIE. With browser content that isn't necessarily safe, staying within the sandbox, your computer is safe.

If you want both anonymity and safety, you run a browser from within a sandbox, and surf through a proxy server from the sandboxed browser. This will be no slower than surfing directly within a proxy server, and no less safe than surfing directly using a browser inside the sandbox.

>> Top


Popular posts from this blog

Adding A Link To Your Blog Post

Occasionally, you see a very odd, cryptic complaint I just added a link in my blog, but the link vanished! No, it wasn't your imagination.

What's The URL Of My Blog?

We see the plea for help, periodically I need the URL of my blog, so I can give it to my friends. Help! Who's buried in Grant's Tomb, after all? No Chuck, be polite. OK, OK. The title of this blog is "The Real Blogger Status", and the title of this post is "What's The URL Of My Blog?".

Embedded Comments And Main Page View

The option to display comments, embedded below the post, was made a blog option relatively recently. This was a long requested feature - and many bloggers added it to their blogs, as soon as the option was presented to us. Some blog owners like this feature so much, that they request it to be visible when the blog is opened, in main page view. I would like all comments, and the comment form, to be shown underneath the relevant post, automatically, for everyone to read without clicking on the number of comments link. And this is not how embedded comments work.