[4c2383f5c88e911]

That's kind of a moot point when your browser handles most of your online interactions (and therefore a good chunk of your online identity, which is quite valuable to most people). Even if you isolate it as much as you can, which is a good thing to do in any case, it can still do a lot of damage without escaping the sandbox.

[walterbell]

Yes, usage of isolated browser instances should be restricted to information within a single context or risk profile. E.g. a stateless, frequently rebooted VM for occasional use of a particular extension. Or a Bromium micro-VM for each tab, redirect, etc.

[testestx]

This is totally impractical, or people would be already doing this when using other browsers as a defense in depth thing.

[walterbell]

Bromium claims to be seamless to end-users, but it's not available to consumers, except on some HP devices, https://www.theregister.co.uk/2017/02/13/hp_bromium_virtuali...

As for practicality, if your daily workflow involves a browser extension that has no replacement, the options are:

  - stop doing the task
  - all browsing with insecure browser, no isolation
  - single task with insecure browser, no isolation
  - single task with insecure browser, some isolation

Most people will do #2 or #3. Those who care about security will do #4, with quality of isolation dependent on their threat model.