Firefox Electrolysis (multi-process) won’t come out this year

Discussion in 'other software & services' started by ArchiveX, Nov 28, 2015.

  1. Imagine ;) this it is already available (recently installed on a relative's Desktop) on Windows 10 Home version

    1. Disable IE11 and WMP in Windows 10 configuration options, disable remote services
    2. Use Chrome for browsing with Adguard extension (blocking ads+trackers)
    3. Add MBAE-free as exploit protection for Chrome
    4. Only use Edge for Microsoft Office Online (limit Edge in FireWall for HTTPS only)
      so use edge as PDF-reader and portal for Online Office (Excel, Word, Powerpoint)
    5. Use AppContainer Apps for all other internet facing taks, e.g.
      use Mail/Calendar as Outlook replacement,
      use Photo's, Groove music, Films & TV, DVD player as WMP replacement
    6. Added a deny execute file ACL in default browser download folder, internet cache, mail
      and user documents, pictures, movies, music folders
    7. Keep Windows Defender and Smartscreen on defaults, set UAC to only elevate signed software
    8. Add Open DNS in wireless adaptor settings
    9. Pin Temp and download folders in quick access
    10. Add some common tweaks with Ultimate Windows Tweaker
    No third party security software needed, full functionality, fully automatic updates, low false positives risk, zero pop-ups and super safe :D
     
    Last edited by a moderator: Dec 5, 2015
  2. quietman

    quietman Registered Member

    Joined:
    Dec 27, 2014
    Posts:
    511
    Location:
    Earth .... occasionally
    Many thanks Windows_Security , that is a very helpful and precise guide to hardening your relative's machine .
    It can't be faulted.
    I'd really appreciate more detail on step 6 though , and I'm guessing that may apply to others who are reading this .

    I'm in a very similar situation with friends and relatives who have either chosen ( ?? ) W10 , or had it stuffed down their throats ,
    and for whatever reason they've decided to stick with it , but are asking for advice because they have started hearing the horror stories.

    Oops ! .... just noticed that I'm posting in a Firefox thread .... oh well
     
  3. CHEFKOCH

    CHEFKOCH Registered Member

    Joined:
    Aug 29, 2014
    Posts:
    395
    Location:
    Swiss
    Last I've heard it will come this year ... 2016 o_O
     
  4. Mark my words
     
  5. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,101
    Chrome was designed from scratch to run different tabs as different processes.Firefox was not designed to do so..Expecting firefox to work as effectively as chrome is a big ask of mozilla...if mozilla are to make this work effectively then they need to go back to the drawing board and design a completely different browser.
     
  6. CHEFKOCH

    CHEFKOCH Registered Member

    Joined:
    Aug 29, 2014
    Posts:
    395
    Location:
    Swiss
    I highly doubt that this sandbox thing does change something on security that much as most people think. FF already cleans 99% of all stuff after you close it with the correct settings, the other 1% fingerprinting isn't fixable with a sandbox because that is mostly social engineering and this is never fixable except to give people information.
     
  7. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    Although isolated/sandboxed tabs seems like a good security feature is it actually a problem that this hasn't been implemented in Firefox yet?
     
  8. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,871
    sure, ofc - but you wont see it because it only concerns plugins. only with e10s there exists like chrome a mother process and its DEP childs.

    sandboxing is a matter of windows, not browser.
     
  9. Windows provided an OS sandbox on windows 8 and higher called AppContainer. Before implementing a sandbox one needs to implement OOP, with FF called electrolysis. So I am really in the dark with your remark
    since Windows has implemented an OS-sandbox and FF has not yet implemented OOP yet
     
  10. CHEFKOCH

    CHEFKOCH Registered Member

    Joined:
    Aug 29, 2014
    Posts:
    395
    Location:
    Swiss
    I think with sandbox most people understand that it clears everything after shutdown program X and this is not implemented within Windows because this would require a huge effort, but there are new kind of protection mechanism added like cf-guard and such which is a step in the correct direction, but remember that such instructions sets need to be implemented (compiled and tested) within the 3th-party software aka the Browser aka Firefox in this case.

    But again I personally think that it not protect against known attacks like social engineering, fingerprinting in general or sturdiness by users itself.

    I think Brummelchen wanted to say that the OS level should 'clean' or reduce low level attacks and I think this is the correct way, let such things fix by OS not 3th party programs. :)
     
  11. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,871
  12. CHEFKOCH

    CHEFKOCH Registered Member

    Joined:
    Aug 29, 2014
    Posts:
    395
    Location:
    Swiss
    lol, in 2016 this still can be bypassed via dll injection/hooking even with higher integrity level's. But from what I understand it needs additional privilege escalation directly in the LUA account.

    But the question is if that matters if Mozilla and Google want to kill flash and maybe all other plugins too.
     
  13. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,871
    that article is outdated and no longer relevant. all vendors have made their homework.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.