- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Sat, 21 Jan 2017 19:03:59 +0100
- To: TAG List <www-tag@w3.org>
- Message-ID: <CAKaEYh+XfvxCUE1fcqE02F4AOKxE6SksXE=7hSkZ9vbBMpFBFw@mail.gmail.com>
Seems to be an interesting innovation from Mozilla
https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers
Benefits and Use Cases
At an abstract level, the feature seeks to give users more control over the
data websites can access (ex: cookies, localStorage, indexedDB, etc). The
current level of control is very coarse, essentially providing an "all or
nothing" solution; users can clear everything or accept everything. Cookies
can be managed with the Cookie manager, but all other state has no
graphical interface for management (see Bug 1147820
<https://bugzilla.mozilla.org/show_bug.cgi?id=1147820>).
The containers project inserts a user-controlled key into storage via
OriginAttributes, which allows users to decide which state to use when
interacting with a site. They can choose to send the state from their
personal context or work context, and they can choose to create a new,
short-lived state to browse in a certain context for a few days until a
task is completed. The goal of the project is to create a very customizable
experience while including a few suggested uses for users who may not want
as much control.
1. Users can log into multiple accounts on the same site, even when the
site does not natively support concurrent sessions.
- Several examples include:
- A user may wants to manage their work and personal Gmail
accounts side-by-side in the same window.
- A user has a Facebook or eBay account for their business and one
for their personal life.
- Current solutions:
- Users open multiple browsers (this takes users away from
Firefox).
- A user opens one account in Private Browsing mode (this has a
limit of 2 accounts, and forces one to be ephemeral).
2. Provides protection against tracking while still providing access
to services
- A user wants to log into Facebook and keep the site open while they
browse the web, but doesn't want Facebook buttons to track them across
sites.
- A user wants to use Gmail but doesn't want their google searches
linked to their Google account.
3. Users can control an advertiser's ability to track them.
- A user wants to shop for items, but doesn't want retargeting ads to
follow them around during the browsing they do for work. If the user does
their shopping in the shopping context and switches to the work context
while at work they will not send the same set of cookies to advertisers.
4. Users can create short-lived contexts for a specific task, and
discard them once the task is complete (Note that this is not implemented
yet in the current design.)
- A user may want to do research for a vacation. They can create a
vacation container which keeps their TripAdvisor account logged
in and has
advertisements related to travel. The user can keep this context for the
few weeks leading up to the vacation and can discard it after.
5. Isolates a site's credentials to a container, helping prevent CSRF,
clickjacking, or other attacks which rely on the presence of ambient
credentials.
- A user has their online banking sites open in the banking
container. An attacker attempts to exploit a CSRF by tricking
the user into
clicking a link on Facebook (open in the Home container). The
CSRF is sent
without the bank's credentials and the attack fails.
Containers also provides benefits for developers. For example, a web
developer can easily test their website by being logged in as different
users at the same time.
- They can test a learning management system (e.g. Moodle) by having
three containers: teacher, student, admin.
- User Story: I work at a technology company which primarily focuses on
our website. Being able to view the site with a fresh set of cookies this
easily is awesome. We use incognito mode currently, but that has the
limitation of each tab/window sharing one set of incognito cookies.
Received on Saturday, 21 January 2017 18:04:33 UTC