dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
2
share rss forum feed


Brano
I hate Vogons
Premium,MVM
join:2002-06-25
Burlington, ON
kudos:10
Reviews:
·TekSavvy DSL
·Bell Fibe

1 recommendation

reply to OZO

Re: How do you access more then one Google account at same time

said by OZO:

No it doesn't and that's the security problem. Instead it groups all your sign ins and links them together in one session.

You're doing something wrong. Chrome keeps it completely separate.

Here is how I have it setup and it keeps profiles separate even after I log one out.
1) In your google settings disable multiple sign-ins.
2) Create profiles in your chrome browser (see attachment)


OZO
Premium
join:2003-01-17
kudos:2

Brano See Profile and Oregonian See Profile, I guess I misunderstood the suggestion you gave me. I was thinking (and my reply actually was) about the approach, referenced here. Perhaps it's because of sometimes fussy terminology used with Chromium. Thus, it's better to make some (simplified) definitions here:
Instance - a browser, that shares all data (cookies, sign in, etc) among all processes running within this instance. If you want to run a new browser, that doesn't share all data, you need to launch a new "instance".
Profile - folder, that allows to run a new (and separate) instance of the browser. To launch instance with specific "profile" use -user-data-dir command line option. See here.
User - users are defined within one "instance". User accounts contain separate preferences and states. User data is located within Profile folder (e.g. Default, Profile 1, etc). See here.
Online account - I think, it's self explanatory. The article Sign in to multiple accounts at once is talking about online accounts.

I guess I'll need to dig more deeply into the user approach to find out how it supports (or not) data separation between them. But the first impression form the reading this article doesn't seem attractive to me:

Security

Because the data for all users which have been used for an instance of Chrome are associated with a single operating system identity, there is no expectation of special privacy.

.
I guess the only guarantee, that browser doesn't share data between its windows, could be achieved by running different instances of Chromium browser.

--
Keep it simple, it'll become complex by itself...


Brano
I hate Vogons
Premium,MVM
join:2002-06-25
Burlington, ON
kudos:10
Reviews:
·TekSavvy DSL
·Bell Fibe

1 edit

You should have copied the whole paragraph

quote:
Security

Because the data for all users which have been used for an instance of Chrome are associated with a single operating system identity, there is no expectation of special privacy. That is, there is no additional encryption of preferences and settings on the local machine other than that which already exists for user data directories in Chrome. Obviously, a password is needed to log in to a specific Chrome identity on the browser. However, no additional protection for the user data directories is planned. On Mac OS X, in fact, because passwords are stored in the commonly accessible keychain, it will be possible for a user in one account to access the passwords that have been stored on that machine by a user with another account.

You will have this issue with other browsers too (i.e. Firefox using profiles) ... unless you logout a user from OS and login as different user to OS.

Point is, if it's just you single OZO user (in OS) using multiple google users you're fine.
If multiple physical users i.e. you and yor wife are using same OS account with same Chrome but multiple Google users you could theoretically (and practically I'm quite sure) compromise each-other's Google identities.

....you're fine


Brano
I hate Vogons
Premium,MVM
join:2002-06-25
Burlington, ON
kudos:10
Reviews:
·TekSavvy DSL
·Bell Fibe
reply to OZO

said by OZO:

I guess the only guarantee, that browser doesn't share data between its windows, could be achieved by running different instances of Chromium browser.

Read above, unless each Google user has it's own OS user multiple instances won't help you as the credentials/profiles are saved with the current OS logged in user ownership (same home dir).

OZO
Premium
join:2003-01-17
kudos:2
reply to Brano

Fortunately instance of Chromium browser is not defined by OS's user login. You can run different instance of browser if you want just by specifying different profile (see definitions in this post). Personally I always run it with command line containing -user-data-dir option. It means that I don't use default profile, but rather a custom one. If I need to run a different instance, I launch browser pointing to a different profile. And now, with the BAT file posted above, I may launch unlimited number of Chromium browsers that don't share any data between them in case I need that. It's just like with old, good IE, but without all of this hassle ;)

--
Keep it simple, it'll become complex by itself...



Brano
I hate Vogons
Premium,MVM
join:2002-06-25
Burlington, ON
kudos:10
Reviews:
·TekSavvy DSL
·Bell Fibe

Sorry, you're not getting what the folks here »www.chromium.org/user-experience···profiles are trying to say. Read it carefully again.

quote:
Security
Because the data for all users which have been used for an instance of Chrome are associated with a single operating system identity, there is no expectation of special privacy. That is, there is no additional encryption of preferences and settings on the local machine other than that which already exists for user data directories in Chrome. Obviously, a password is needed to log in to a specific Chrome identity on the browser. However, no additional protection for the user data directories is planned.

It doesn't matter how you shuffle the profiles with scripts or manually, if the various Chrome (or Firefox or IE) profile data are accessible by the same user there's "no expectation of special privacy".

OZO
Premium
join:2003-01-17
kudos:2

Thank you for citing it several times. I'm not looking for "expectation of special privacy" form other users on my computer. I'm not looking for an encryption mechanism to hide and protect data (history, cookies, bookmarks, etc) from other users on that computer (or, as they mentioned, from other "operating system identity"). No, I don't worry about that local protection. I'm looking for protection from potential cross-reference vulnerabilities, that modern browsers are exposed quite often to (thanks to the advertisement industry, subsidizing the development of all commercial browsers and making tracking of users easier, especially with third party cookies and other similar approaches). I want to make sure, that all session data, that I have in one web browser is completely isolated from access by the web sites, opened in other instances of the same browser. In other words, if I signed in in one browser and got session cookies, entered credentials, added history of visited sites, etc in the process, I want to make sure, that all that session data will not be accessible from any other browser instances.

With old IE it was simple - just make sure you run browser in a different process and it will not share session data between those processes. With Chromium it becomes more convoluted due to the way how now it opens many processes within one "instance" (hence the new term/way of isolation). That's the separate "instance", that I'm looking for for a cross-reference protection. And it looks like I've found it now. Thank you.
--
Keep it simple, it'll become complex by itself...