fluidapp replacement to prevent XSS attacks + data harvesting via social networks

lsmith
lsmith
Community Member
in Mac

I am using fluidApp to sandbox my use of google+, facebook and online banking. It seems like I am not the only one:
https://discussions.agilebits.com/search?Search=fluidapp

The key feature of fluidApp is that I can configure it to open only specific hosts and to not share cookies across different fluidApp instances. I usually have google+ and facebook open at all times in one instance each. I prefer not to be logged into google+ and facebook in my normal browser instance I use for surfing, since I do not want to leak my browser history to these services. This also prevents me from getting hit by click jacking attempts, as if I click on a link in facebook for example it will open in my normal browser and so sites cannot trick me into sharing content into my facebook timeline. Furthermore I am also generally protected from XSS attacks etc that might be used to do attacks on my mobile banking etc. since I am never logged into such critical services in my main browser and the fluidApp instances are each configured to only open a specific set of host addresses.

Now unfrotuantely the app is not well maintained. There is no 1Password integration, so I need to tediously copy and paste username/passwords. There are also a bunch of annoying bugs. So I am hoping for someone to step in. 1Password seems like a prime candidate for this, as its users are generally concerned about online security/privacy.

Comments

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Hi @lsmith,

    When you say step in, can I ask what you were hoping for? Are you hoping we add some sort of non-browser filling? Certainly I've seen that request, especially by those that have used the Windows version of 1Password (it leverages something called Auto-Type). What I would say is it would be a generic sort of fill of a single piece of data but you may be looking for something more integrated?

    I'm certainly interested to better learn what you hope can be achieved. As a user of this setup you're in a much better position to know what might improve it compared to I.

This discussion has been closed.