W3C home > Mailing lists > Public > www-tag@w3.org > January 2017

Mozilla Containers

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Sat, 21 Jan 2017 19:03:59 +0100
Message-ID: <CAKaEYh+XfvxCUE1fcqE02F4AOKxE6SksXE=7hSkZ9vbBMpFBFw@mail.gmail.com>
To: TAG List <www-tag@w3.org>
Seems to be an interesting innovation from Mozilla

https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers

Benefits and Use Cases

At an abstract level, the feature seeks to give users more control over the
data websites can access (ex: cookies, localStorage, indexedDB, etc). The
current level of control is very coarse, essentially providing an "all or
nothing" solution; users can clear everything or accept everything. Cookies
can be managed with the Cookie manager, but all other state has no
graphical interface for management (see Bug 1147820
<https://bugzilla.mozilla.org/show_bug.cgi?id=1147820>).

The containers project inserts a user-controlled key into storage via
OriginAttributes, which allows users to decide which state to use when
interacting with a site. They can choose to send the state from their
personal context or work context, and they can choose to create a new,
short-lived state to browse in a certain context for a few days until a
task is completed. The goal of the project is to create a very customizable
experience while including a few suggested uses for users who may not want
as much control.

   1. Users can log into multiple accounts on the same site, even when the
   site does not natively support concurrent sessions.
      - Several examples include:
         - A user may wants to manage their work and personal Gmail
         accounts side-by-side in the same window.
         - A user has a Facebook or eBay account for their business and one
         for their personal life.
      - Current solutions:
         - Users open multiple browsers (this takes users away from
         Firefox).
         - A user opens one account in Private Browsing mode (this has a
         limit of 2 accounts, and forces one to be ephemeral).
      2. Provides protection against tracking while still providing access
   to services
      - A user wants to log into Facebook and keep the site open while they
      browse the web, but doesn't want Facebook buttons to track them across
      sites.
      - A user wants to use Gmail but doesn't want their google searches
      linked to their Google account.
   3. Users can control an advertiser's ability to track them.
      - A user wants to shop for items, but doesn't want retargeting ads to
      follow them around during the browsing they do for work. If the user does
      their shopping in the shopping context and switches to the work context
      while at work they will not send the same set of cookies to advertisers.
   4. Users can create short-lived contexts for a specific task, and
   discard them once the task is complete (Note that this is not implemented
   yet in the current design.)
      - A user may want to do research for a vacation. They can create a
      vacation container which keeps their TripAdvisor account logged
in and has
      advertisements related to travel. The user can keep this context for the
      few weeks leading up to the vacation and can discard it after.
   5. Isolates a site's credentials to a container, helping prevent CSRF,
   clickjacking, or other attacks which rely on the presence of ambient
   credentials.
      - A user has their online banking sites open in the banking
      container. An attacker attempts to exploit a CSRF by tricking
the user into
      clicking a link on Facebook (open in the Home container). The
CSRF is sent
      without the bank's credentials and the attack fails.

Containers also provides benefits for developers. For example, a web
developer can easily test their website by being logged in as different
users at the same time.

   - They can test a learning management system (e.g. Moodle) by having
   three containers: teacher, student, admin.
   - User Story: I work at a technology company which primarily focuses on
   our website. Being able to view the site with a fresh set of cookies this
   easily is awesome. We use incognito mode currently, but that has the
   limitation of each tab/window sharing one set of incognito cookies.
Received on Saturday, 21 January 2017 18:04:33 UTC

This archive was generated by hypermail 2.3.1 : Saturday, 21 January 2017 18:04:33 UTC