I've been playing around with VirtualBox again. My original plan was to set up some kind of virtualised "corporate home network", in order to get some experience of doing such a thing on Linux, but also maybe having something ready should Helicoid suddenly need to take off in a networked support applications fashion. Of course it was a little pointless, not just because we're using Google Apps, but also because my computer (recently
Recent news articles have highlighted a couple of interesting things for me. Firstly, neatx/nomachine etc. is very, very cool Much better than TightVNC for remote access. Secondly, there is some sense in compartmentalising your various kinds of web access.
Think about the web being more like three webs: Web 1, the general Wild West of forums and the like; totally open potentially user-contributed content: highest risk of trouble. Web 2, where you do some basic shopping stuff - a mixture of http and https and you want to know when you're doing both. Finally, Web 3, https only - for banking etc.
So the trick is to use a VM for each one. A bit heavyweight? Not really, considering web vs. local application usage is only going to get more common.
There are some tweaks you can do to make sure you do it properly. In your Web 1 system, put broken hosts entries in for your banks etc., so you can't accidentally visit them. In Web 2, turn on all the 'warn me when switching to https and back' type stuff, so you're not irritated day-to-day but you should know when you want to. In Web 3, put in a broken proxy for http traffic - this should be entirely https only.
I've only just implemented this, so I'll probably think of more stuff to do. One thing I've already done is pop a little thing in .bashrc to show my last logins etc. I could probably do my accounts spreadsheet in Web 3 as well.
No comments:
Post a Comment