3

Context: I typically have multiple tabs/instances of Firefox running at the same time; most of these are over plain unencrypted webpages. Often, however, I remember I need to purchase an item, or do some other financial transaction, which involves going to an encrypted webpage. However, for the sake of efficiency, I also often do not close all other browser tabs/windows.

Question: Does this diminish the security I get from my single encrypted tab I've got open? Is there a greater conceptual browser/internet security framework I need to understand here?

(I am running the latest version of Firefox, on Windows XP.)

Improve this question

3 Answers 3

Reset to default
3

The best way to protect yourself in such scenarios is to use a browser that supports Sandboxing.

Sandboxing is running each individual tab in a separate process and not allowing them to communicate.

There are two browsers that I have seen that implement this technique natively, IE9 and Chrome.

For FF there is a plugin to achieve this, once you have sandboxing enabled or you are running a browser that implements this, then you can truly feel "secure".

The plugin for FF is Sandboxie and it achieves what IE9 and Chrome do natively.

Otherwise, there is a possibility to do cross-tab stuff and compromise the information.

My field is not IT Security but I am pretty sure this is just common sense.

Improve this answer
2

<not a security expert>

It's safe. A website cannot see what you are doing in other tabs or windows. (Except perhaps if both have the same website open.)

Of course, there is a possibility of a security hole in the browser, but all the cross-tab ones have been fixed already.

</not a security expert>

Improve this answer
2
  • 2
    At one time FF did have javascripting vulnerabilities which would allow some cross tab spoofing. Without a full sandbox between tabs via different processes as IE8/9 and Chrome do than there can be an opening for possible issues.
    – edusysadmin
    Commented Mar 19, 2011 at 13:58
  • Thanks for the link, @grawity! Is there a specific section(s) you recommend I check out?
    – drapkin11
    Commented Mar 30, 2011 at 14:58
2

Was going to leave this as a comment under @Grawity's post, but thought it should be an answer. Unless you sandbox, then there are a number of ways a website can impact you if you have another site open as well. I would recommend always closing browsers before carrying out online transactions (ebay, online banking etc)

IE9 and Chrome seem safe currently - all things change so don't rely on this remaining true:-)

caveat - I am a security professional, and pretty pessimistic about these things, so I always recommend doing the simple things which help!

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .