xmr.club
EN 中文 ES RU
← all #OPSEC52
#OPSEC52 · week 05 / 52 · Digital identity compartmentalization

Browser compartmentalization — one profile per identity, or the browser links them for you

Your browser is a correlation engine. Cookies, logged-in sessions, and a near-unique fingerprint quietly stitch your bank, your exchange, your throwaway handle, and your real name into one profile — unless you split them. One browser profile per identity is the cheapest high-leverage privacy move you're probably not making.

Digital identity compartmentalization beginner $0 (built-in profiles + free container tooling + Tor/Mullvad Browser) 2026-06-29 · reviewed 2026-06-27

OPSEC52 / Week 5 — Browser compartmentalization

Your browser is a correlation engine. Cookies, logged-in sessions, and a near-unique fingerprint quietly stitch your bank, your exchange, your throwaway handle, and your real name into one profile — unless you split them. One browser profile per identity is the cheapest high-leverage privacy move you’re probably not making.

Threat model: cross-site trackers and fingerprinting that join your separate personas into one graph; a single shared cookie jar that links accounts you meant to keep apart; an over-permissioned or malicious extension reading every page you open; and browser sync silently uploading your history, passwords, and tabs to a cloud account tied to your legal name.

We spent the last three weeks splitting your identity, your email, and your phone number into separate compartments. All of that work flows through one piece of software that quietly re-joins it: your browser. A single profile is a shared room where every persona leaves fingerprints on the same surfaces.

Why one browser is a correlation engine

Four mechanisms collapse your compartments back into one identity:

  1. Cookies and live sessions. A tab still logged into your real-name Google account sits next to the tab where you open your pseudonymous forum. Shared cookies, referrers, and a logged-in session are all a tracker needs to draw a line between the two.
  2. Cross-site trackers. The same analytics, ad, and “share” scripts are embedded on millions of sites. In one cookie jar they watch every persona from the same vantage point and merge them.
  3. Fingerprinting. Your canvas rendering, font list, screen size, timezone, and extensions combine into a value that is often unique to your exact machine — no cookie required. Two “separate” personas with the same fingerprint are obviously the same person.
  4. Sync. Browser sync uploads history, passwords, open tabs, and autofill to a cloud account — usually one tied to your real name. It’s a single bucket holding all of it.

The fix: one profile per identity, not one browser for everything

A browser profile is a fully separate container — its own cookie jar, history, extensions, logins, and cache. Firefox and Chromium both ship a built-in profile manager; use it. Map profiles to the same trust tiers you built for phones and email:

The rule of thumb: if two activities should never be linkable, they must never share a profile.

Containers: compartmentalize inside one browser

Switching whole profiles is heavy for everyday separation. Firefox’s Multi-Account Containers (plus Temporary Containers) give each site its own isolated cookie jar inside a single window — your shopping persona can’t see your social-login cookies, and trackers can’t follow you between tabs. It’s the lowest-friction way to stop same-session linking.

Fingerprinting: stop being a snowflake

Counter-intuitively, piling on privacy extensions makes you more identifiable, not less — each one adds a distinguishing bit. The winning move is to look like everyone else:

Extensions are insiders

An extension with “read and change data on all sites” can see your bank dashboard and your throwaway forum — it’s a single component sitting above all your compartments. Treat them like the privileged code they are: install few, prefer narrow per-site permissions, and never load the same extension across your real and anonymous profiles. Audit the list quarterly.

Kill sync on the wrong tier

Sync is convenient and catastrophic for compartmentalization. Turn it off on the anonymous and pseudonymous profiles entirely. On the real-name profile, sync selectively (and put a strong password + 2FA on the account, since it now holds your whole browsing life).

This week’s drills

Next week we close out Pillar 1 and move into the account & password layer — where a password manager turns all of this compartmentalization into something you can actually live with. Until then: split the rooms, and stop letting the browser do the linking for you.

Curated by Cyber Satoshi

Share on X: twitter.com/intent/tweet