Sandboxing Facebook: Could it work?

I have been struggling to find a balance between engaging in social networking and taking advantage of its most useful features and protecting my privacy online. The problem is I have not been able to find a system that allows me to both protect my privacy and use social networks without considerable trouble. I want to be clear that when I speak about "protecting my privacy" I mean from Facebook and other trackers/data aggregators NOT from other facebook users.

In my quest to reassert my right to privacy I have been pondering a system to maintain privacy and usability which on a conceptual level sounds logical (I have no idea whether it is technically possible). This system could be called a social networking quarantine or a social network partition.


What I envision is:

A system that is setup with two (or more) web browsers. One is to be used with social networks and google products (or any other 1st party services which compromise your privacy) and the other is to be used for general web browsing.

Your Social Networking Browser (SNB) could than be tailored to both work with social networks and control them using methods meant specifically for social networks without breaking other segments of the internet.

Your regular browser could than be configured to be more secure (in terms of privacy) and your browsing history on this browser would not be connected to the identity associated with your social networking or google accounts.

It seems to me that there are many benefits to this arrangement:

1. Social Networks + Google & Yahoo are some of the biggest tracking and advertising companies. By "quarantining" these trackers you could keep them from tracking you (to a large extent) and still use the services as they are intended to be used. Even if you allowed these sites to keep cookies longer than a single session the only data they would have access to is data you willfully chose to share within this restricted ecosystem of social networks. Furthermore, as Google, Facebook, Yahoo, Twitter, and AOL are competitors it would stand to reason that they would not share information amongst each other very often.

2. If you have a separate browser for social networking + Google, you could completely blacklist these sites (with the exception of google which could only be partially blacklisted). This would ensure these advertising companies would have no access to your browsing history, sites you visited, search terms etc, outside of the restricted social networking ecosystem they operate in.

3. Moreover, it would make it harder to connect the two "identities" or partitions. Due to different browsers and different extensions in each browser the Browser Fingerprints would be significantly different and the browsing habits would be different (to satisfy the most cautious user).

4. A further layer of security could be added by using different proxies in each browser so that the IP would be different for each browser.

5. If it improved the security or privacy, each browser could be run from its own VM

In short, this system seems like it would provide extra security and enhance privacy by design alone. Coupled with extensions and tweaks specific to each browser that enhance the functionality and privacy protection for each specific scenario, it seems this could be a very powerful and very straightforward solution.

I am, however, an amateur, I can't program, have moderate knowledge of privacy issues, and little knowledge of the technical side of security, the internet, or tracking/profiling.

I would like to ask members of the Wilders community with more technical expertise than myself to assess whether my system makes technical sense and point out any vulnerabilities or shortcomings which might come to mind. Also feel free to propose changes to my system or share your own ideas!

Thanks for reading guys,
- Reacher

 

I have a privacy-oriented Chrome profile, which blocks social widgets and scripts etc and blocks 3rd party cookies and clears 1st party cookies and user data after closing.

By separating all sensitive web browsing into this "locked down" area I can maintain two browsers (at the same time actually) for different tasks.

On the regular browser all I do is block 3rd party cookies and block sending referrer headers. I could easily allow 3rd party cookies or any loose restrictions and still beenfit from my private-browser.

So, yes, separating your browsing between two distinct browser sessions works well.

 

Yes, compartmentalize Use different VMs, connecting through different VPNs.

Edit: See -http://en.wikipedia.org/wiki/Compartmentalization_%28information_security%29

 

Sifting through the Chromium Privacy & Security applications i found these today that is unless you've already seen them..

http://www.chromium.org/Home/chromium-privacy

Hogndog

 

Using two Web Browsers here, for two different tasks.

Microsoft Internet Explorer at the default settings, other than blocking all third party Cookies.
This Web Browser is used for updating Windows, accessing Websites where Scripting or ActiveX is required.

SRWare IronPortable mounted on an RAM Drive blocking all Web content, disabled everything, custom defaults.
This Web Browser is used for everyday browsing. Allowing any loose restrictions are only temporary in RAM Memory.
Installed AdBlock and Ghostery.

The RAM Drive is automatically mounted, maintained, recreated after reboot, formatted NTFS, and Imaged, by the
DATARAM RAMDrive Software.

Stop the RAM Drive or reboot the computer and all browsing data is gone.

When the DATARAM RAMDrive software recreates the RAM Disk from the special Image, the Web Browser and all if the
orginal settings are back to my custom defaults, so are all of the SRWare IronPortable modules and data files.

Details are in the link below.

So Lets Sandbox The Internet
https://www.wilderssecurity.com/showthread.php?t=314392


HKEY1952

 

Yes, I think that it's important. It's especially important if you're using Windows. Microsoft typically knows who you are, and Windows logs many things in many places. Linux logs too, of course, but there's typically more transparency, and far less disclosure. I don't know Macs, but I'm suspicious.

If you have an old machine to play with, you could use that for private stuff. An old quad-core machine with 6-8 GB memory will easily run several VirtualBox VMs. Linux VMs are happy with 512 MB. Ubuntu is quite user friendly. If you use Linux on the host, you can use software RAID (faster and/or more reliable) and encrypted LVM (offline security). Manual setup with the Debian (or Ubuntu alternate) install ISOs isn't very hard.

If you don't have an old machine for that, you'll need to balance privacy vs performance. In my experience, Linux, Unix and Windows XP VMs run well in VirtualBox on Linux hosts, but Windows 7 VMs were sluggish. Maybe that's changed in newer VirtualBox releases. If not, VMware is probably best for Windows 7 VMs. There's now a free version of VMware vSphere hypervisor. But VMware wants to know who you are before letting you download.

 

For hosts, I've liked Ubuntu 10.04.n x64 desktop. But I don't like Unity, so I'll probably be switching to server x64 plus xfce. For VMs, I've used many flavors of Linux and BSD. I do run Windows VMs, but just for running Excel and Access. My favorites currently are pfSense for VPN clients, Ubuntu and PCBSD for browsing etc, and TAILS for Tor.

OK, then, your current machine will handle several VMs

Will you be gaming or running other resource-intensive software? Multi-threaded stuff can be problematic, because VMs with multiple virtual CPUs can get bogged waiting for free cores. VMs also don't handle heavy disk I/O very well.

Maybe you could compartmentalize by devoting your old machine to private stuff.

I wouldn't want to mix RAID and encrypted LVM with multi-booting. Using a solid Linux distro on the host, you can boot as many VMs as you have space to store, and run as many simultaneously as you have memory.

That would be a risk.

 

You could run each browser in its own sandboxie. You could also create single-site browsers, which only allow connection to a single domain (preventing XSS and other attacks that can damage privacy.) This works well with sandboxie as you can have multiple instances each with their own site.

So a banking site browser etc.

Rather than using a VM I would suggest what HKEY said, move your cache/user data to a RamDisk and have it reset on boot. That way it's flushed to a clean image every time and there's no hope of recovery.

P.S. Netflix/ Silverlight won't run on Linux. I personally boot up an XP VM and just watch Netflix in there. It's not ideal... but I haven't had to boot into Windows for a week. My only suggestion is that you absolutely make sure to keep your XP VM patched and run EMET to avoid potential exploits. If you're as paranoid as some users on here (myself included) you can find my Apparmor topic and there's a profile for Virtualbox.

 

HKEY's approach may be best for you, then. But all you'll get is private browsing. There are probably ways to sandbox other applications.

There could be data sharing across OSes.

 

If you want to run Windows applications in Linux you might want to have a look at Wine. I've been tinkering with Linux Mint since January and found it to be a very nice OS. This article is a couple of years old but the version of Wine mentioned here 1.2 is still a stable build..

http://www.linuxnov.com/upgrade-to-wine-1-2-on-ubuntu-10-04-lts-whats-new/

 

I just stumbled upon something that may be very cool.

In another thread, I've mentioned the hcrypt project "Secret program execution through homomorphic encryption". That's at -http://www.hcrypt.com/.

But -https://www.hcrypt.com/ isn't just the secure version of that site. It leads to CloudCrypt.me "Easy-to-use Encryption For Your Facebook Messages". That seems to be a practical implementation of homomorphic encryption. Or maybe it's a phishing site

Maybe I'll get a Facebook account, and test it.