sandboxed tabs

Users and developers helping users with technical Pale Moon issues (Windows and other non-Linux O.S.). Please direct questions about the Linux version to the appropriate Linux board.

Moderator: trava90

Forum rules
This board is for technical/usage questions and troubleshooting for the Pale Moon browser only. The main focus here is on Pale Moon on Windows. Please direct your questions for Linux, Android and Mac to the dedicated boards.
Technical issues and questions not related to the Pale Moon browser should be posted in "technical chat"
Please keep off-topic and general discussion out of this board, thank you!
Post Reply
User avatar
puppyX
Apollo supporter
Apollo supporter
Posts: 38
Joined: 2019-05-30, 11:43

sandboxed tabs

Post by puppyX » 2019-10-27, 18:54

When browsing with multiple tabs open is each seperate tab sandboxed ? Usually when on banking site or ebay or amazon I tend to close all other tabs when signing in. (i've always had a healthy dose of paranoia when using and trusting secure sign ins)
I did search the site briefly but didn't find relevant info. Or didn't understand what has already been published.

User avatar
therube
Board Warrior
Board Warrior
Posts: 1319
Joined: 2018-06-08, 17:02

Re: sandboxed tabs

Post by therube » 2019-10-27, 19:11

When browsing with multiple tabs open is each seperate tab sandboxed ?
No, not at all.


You could set up a separate Profile, that you would open/use specifically for your bank/amazon...


There is Private Browsing, but that again is different.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 27387
Joined: 2011-08-28, 17:27
Location: 58°2'16"N 14°58'31"E
Contact:

Re: sandboxed tabs

Post by Moonchild » 2019-10-27, 20:52

To prevent misinformation (thanks therube :problem: ) I need to provide more details here.

While tabs aren't sandboxed in what people usually mean these days with it, i.e. a separate process or completely isolated environment with only temporary storage, it is the case that each tab uses its own strictly separate memory and document space and container, and there is no cross-tab information exchange possible. The only data that can be exchanged between tabs is data going through standardized storage of information like cookies and similar controlled data storage.
It should be obvious that strict compartmentalization of tabs is an absolute requirement for a multi-document browser or there would be all sorts of risks having multiple tabs open.
puppyX wrote:
2019-10-27, 18:54
Usually when on banking site or ebay or amazon I tend to close all other tabs when signing in.
There is no need to do this, at all. Tabs cannot access or monitor anything that happens in other tabs.
"There will be times when the position you advocate, no matter how well framed and supported, will not be accepted by the public simply because you are who you are." -- Merrill Rose
Image

User avatar
puppyX
Apollo supporter
Apollo supporter
Posts: 38
Joined: 2019-05-30, 11:43

Re: sandboxed tabs

Post by puppyX » 2019-10-28, 11:56

That clears it up for me. Thanks. :thumbup:

User avatar
New Tobin Paradigm
Knows the dark side
Knows the dark side
Posts: 7582
Joined: 2012-10-09, 19:37
Location: Just beyond the Lament Configuration

Re: sandboxed tabs

Post by New Tobin Paradigm » 2019-10-28, 12:03

Mozilla had to break it's tried and true internal security to do sandboxing and e10s with interprocess communication. This has left the Mozilla of today with weak internal security and the sandbox leaks like a sieve and constantly has sec issues focused at it along with the WebEx impl. Indeed, the very thing that we don't allow by design is actually something Mozilla is trying to introduce on top of everything else that has gone wrong over there.. And of course more holes in any remaining old style security and their new sandbox needs to be punched to accomplish this.

SO.. IF they are STRICTLY talking about the state of their own old style security today VS their new shit.. It MIGHT be "better" from the perspective that they have broken the old security and at that specific moment they have resolved some major issues in their NEW security. But it is all manipulative and indeed transitory. They have to keep punching holes in it so the feature of the day works and their old style security isn't compatible with it at all.. because what they are doing now is ill-advised at best and stupid insane at worse.

HOWEVER, if they say their new sandbox and security model is superior to US.. Well they are just outright lying or talking out their ass because they likely never understood how the older but intact model worked because the people who wrote it have long since been purged. Or both.

Bottom line is.. At any given point over a protracted period of time they are either breaking security or fixing security. While we... We just stay secure.
Image
- Welcome to the worst nightmare of all... reality! -

User avatar
moonbat
Board Warrior
Board Warrior
Posts: 1903
Joined: 2015-12-09, 15:45

Re: sandboxed tabs

Post by moonbat » 2019-10-28, 13:00

There was major butthurt over there when Pale Moon was found to be immune to the Spectre bug thanks to having gotten rid of high precision Javascript timers that made it possible much earlier.

And they'll go on about 'iT's jUSt a fOrK so it's obsolete'. Well so is Firefox itself a fork of Netscape 6 circa 2002 but no one's comparing them now are they?
"One hosts to look them up, one DNS to find them and in the darkness BIND them."

Linux Mint 20 Xfce x64 on HP i5 laptop with 12 GB RAM, always latest versions of PM & Basilisk unless specified.

User avatar
New Tobin Paradigm
Knows the dark side
Knows the dark side
Posts: 7582
Joined: 2012-10-09, 19:37
Location: Just beyond the Lament Configuration

Re: sandboxed tabs

Post by New Tobin Paradigm » 2019-10-28, 15:07

As a matter of absolute history, Firefox is strictly NOT a fork of Netscape but the UI was built from carefully chosen chunks of code that made up navigator.xul which wasn't much my research has shown plus whatever was shared in the pre-platform "Mozilla Project".
Image
- Welcome to the worst nightmare of all... reality! -

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 27387
Joined: 2011-08-28, 17:27
Location: 58°2'16"N 14°58'31"E
Contact:

Re: sandboxed tabs

Post by Moonchild » 2019-10-28, 15:20

moonbat wrote:
2019-10-28, 13:00
iT's jUSt a fOrK so it's obsolete
That statement in itself is wrong. If you don't understand why then you need to learn what a fork is.
"There will be times when the position you advocate, no matter how well framed and supported, will not be accepted by the public simply because you are who you are." -- Merrill Rose
Image

User avatar
moonbat
Board Warrior
Board Warrior
Posts: 1903
Joined: 2015-12-09, 15:45

Re: sandboxed tabs

Post by moonbat » 2019-11-16, 12:01

Moonchild wrote:
2019-10-28, 15:20
That statement in itself is wrong. If you don't understand why then you need to learn what a fork is.
I know what it is, these guys seem to think fork means 'frozen snapshot of code at a given point', hence the snarky reference to Netscape.
Off-topic:
I was reading about containers that they've implemented - so you can have a tab with its own isolated set of cookies and storage. Does this have anything to do with e10s? There's a Multi-Account Container extension on CAA that I installed, but it doesn't show up anywhere in the UI or customize toolbar window.
Seems like a good extension to have - you could be logged into the same website with 2 different accounts without having to use a different browser altogether, or use Facebook in its own isolated environment so it can't track what you're doing elsewhere.
"One hosts to look them up, one DNS to find them and in the darkness BIND them."

Linux Mint 20 Xfce x64 on HP i5 laptop with 12 GB RAM, always latest versions of PM & Basilisk unless specified.

doofy
Astronaut
Astronaut
Posts: 627
Joined: 2017-08-14, 23:43

Re: sandboxed tabs

Post by doofy » 2019-11-16, 13:25

moonbat wrote:
2019-11-16, 12:01
Seems like a good extension to have - you could be logged into the same website with 2 different accounts without having to use a different browser altogether, or use Facebook in its own isolated environment so it can't track what you're doing elsewhere.
The first half of your statement is correct.
I don't see how the second half can be.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 27387
Joined: 2011-08-28, 17:27
Location: 58°2'16"N 14°58'31"E
Contact:

Re: sandboxed tabs

Post by Moonchild » 2019-11-16, 16:25

No, those "containers" have nothing to do with what I talked about. Their containers are "identity containers" not document containers. Same word, different thing.
"There will be times when the position you advocate, no matter how well framed and supported, will not be accepted by the public simply because you are who you are." -- Merrill Rose
Image

User avatar
John connor
Board Warrior
Board Warrior
Posts: 1483
Joined: 2015-01-21, 05:06
Location: From RLG fly heading 053 intercept 315 DVV look for the SAM

Re: sandboxed tabs

Post by John connor » 2019-11-17, 07:04

If you're interested in sandboxing then check out the now freeware Sandboxie. I use this all the time with my browser in lieu of running very cumbersome, page breaking NoScript. And I was a total NoScript fan and donated all the time. I considered it a literal gate in front of your anti-virus. Sandboxie will help keep polymorphic malware at bay and anything else from sticking on your computer or in your profile depending on how you set it all up. For me, I have Sandboxie setup to only allow Pale Moon to hard modify certain files like the the pref.js file or bookmarks, dictionary, etc. To do that you have to block all PM access and hand add each and every excluded path allowed for PM to use. When I close my browser no cookie or cache nor HTML5 crap remains. And I verify that periodically with a shortcut to my PM profile folder on my desktop. I watch which files were changed.

Since Sandboxie is now freeware, you can now sandbox what ever you want. Even PM portable for certain sensitive stuff, etc. I now Sandbox Thunderbird, and the Tor browser. I could sandbox Chrome and Firefox portable which I like to keep on hand for testing or when websites refuse to work with PM.
2HN MABGD RHN =><H=>=‌​‌‌​​‌⁠‌‌​‌‌‌‌⁠‌‌‌​‌​‌⁠‌​​​​​⁠‌‌​‌‌​‌⁠‌‌‌​‌​‌⁠‌‌‌​​‌‌⁠‌‌‌​‌​​⁠‌​​​​​⁠‌‌​‌​​​⁠‌‌​​​​‌⁠‌‌‌​‌‌​⁠‌‌​​‌​‌⁠‌​​​​​⁠‌‌​​​​‌⁠‌​​​​​⁠‌‌​​‌‌​⁠‌‌‌​‌​‌⁠‌‌​​​‌‌⁠‌‌​‌​‌‌⁠‌‌​‌​​‌⁠‌‌​‌‌‌​⁠‌​​​​​⁠‌​​‌​​‌⁠‌​‌​​​‌⁠‌​​​​​⁠‌‌​‌‌‌‌⁠‌‌​​‌‌​⁠‌​​​​​⁠‌‌​​​‌⁠‌‌​​‌‌⁠‌‌​​​​⁠‌​​​​‌ MABLv -ABGD :@:BG

User avatar
moonbat
Board Warrior
Board Warrior
Posts: 1903
Joined: 2015-12-09, 15:45

Re: sandboxed tabs

Post by moonbat » 2019-11-17, 12:31

F22 Simpilot wrote:
2019-11-17, 07:04
If you're interested in sandboxing then check out the now freeware Sandboxie.
I'm on Linux, unfortunately :(
And with 4GB RAM, no way am I going to be able to use any regular VMWare or Virtualbox or similar.
"One hosts to look them up, one DNS to find them and in the darkness BIND them."

Linux Mint 20 Xfce x64 on HP i5 laptop with 12 GB RAM, always latest versions of PM & Basilisk unless specified.

User avatar
John connor
Board Warrior
Board Warrior
Posts: 1483
Joined: 2015-01-21, 05:06
Location: From RLG fly heading 053 intercept 315 DVV look for the SAM

Re: sandboxed tabs

Post by John connor » 2019-11-18, 09:32

If Linux is your thing then you might be interested in the Qubes OS. But you need to read what hardware will work with its features. And not all computers will support all of the features at once. So you want a laptop or motherboard that supports most of it. If you try it on hardware that isn't listed, then be sure to report back your findings.
2HN MABGD RHN =><H=>=‌​‌‌​​‌⁠‌‌​‌‌‌‌⁠‌‌‌​‌​‌⁠‌​​​​​⁠‌‌​‌‌​‌⁠‌‌‌​‌​‌⁠‌‌‌​​‌‌⁠‌‌‌​‌​​⁠‌​​​​​⁠‌‌​‌​​​⁠‌‌​​​​‌⁠‌‌‌​‌‌​⁠‌‌​​‌​‌⁠‌​​​​​⁠‌‌​​​​‌⁠‌​​​​​⁠‌‌​​‌‌​⁠‌‌‌​‌​‌⁠‌‌​​​‌‌⁠‌‌​‌​‌‌⁠‌‌​‌​​‌⁠‌‌​‌‌‌​⁠‌​​​​​⁠‌​​‌​​‌⁠‌​‌​​​‌⁠‌​​​​​⁠‌‌​‌‌‌‌⁠‌‌​​‌‌​⁠‌​​​​​⁠‌‌​​​‌⁠‌‌​​‌‌⁠‌‌​​​​⁠‌​​​​‌ MABLv -ABGD :@:BG

Post Reply