Re: Web Browsing Security

[Omen Wild <omen () UCDAVIS EDU>]

Quoting Tim Doty <tdoty () MST EDU> on Thu, Sep 26 17:04:
> You can temporarily allow othersite.net when you use company.com, but
> during that time any site that wants to run a script hosted on
> othersite.net will be able to do so, and you have to remember to
> flush the temporary grants when you're done.
>
> What I would like is to be able to specify a rule such that "allow
> othersite.net when referenced from company.com", any other references
> would be denied.

In addition to NoScript and Adblock Plus and Ghostery, I also use
RequestPolicy, which allows "control over cross-site requests". Between
NoScript and RequestPolicy it can occasionally be a pain to figure out
just what is required to render a site, so I'll occasionally just pull a
site up in a Chrome Incognito window.

I also use Cookies Manager+ to tune who is allowed to save long term
cookies (hint, my default is to force all cookies to session cookies
and only allow saving of cookies I need for long term logins). 

To all of this I add Self-Destructing Cookies so even the session
cookies get blown away shortly after I close their browser tab.

Paranoid? Maybe. Overly? I don't think so.

-- 
Omen Wild
Security Administrator
(530) 752-1700

Attachment: smime.p7s
Description: