On Saturday, January 28, 2017 at 11:41:40 AM UTC-5, Grzesiek Chodzicki wrote: > W dniu sobota, 28 stycznia 2017 01:16:57 UTC+1 użytkownik Oleg Artemiev > napisał: > > Actually I've banking VM as recommended. I'm even lazy enough not to > > rename it to avoid default configurations. )) I use it for all sort of > > legal payments and so on. > > > > I've used paypal account on banking VM to pass a paymant to some > > service. The service redirects me to paypal . I copy url from personal > > vm to banking vm, authorize paypal to pay. When I'm looking into > > payment details I'm accidentally opening the receiver company url. > > > > I'm not hidding currently, but this sort of click by occassion to a > > link provided by a paymet detalisation is an addon to attack surface. > > > > I can run one VM per bank or payment system. But that is annoying. Any > > better ideas? > > > > -- > > Bye.Olli. > > gpg --search-keys grey_olli , use key w/ fingerprint below: > > Key fingerprint = 9901 6808 768C 8B89 544C 9BE0 49F9 5A46 2B98 147E > > Blog keys (the blog is mostly in Russian): > > http://grey-olli.livejournal.com/tag/ > > I emailed my bank and asked for a list of domains used by their webapp. They > were reluctant at first but after I explained what domain whitelisting is > they provided me with a list of URL addresses and added a note explaining > what exactly are specific domains needed for. I don't know if your bank will > be as helpful as mine but paypal surely will.
you can do trial an error with extension like scriptsafe. then add them to your qubes firewall as well for extra layer. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/13c90811-29a9-4544-8acf-56f0742848b2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
